前言

入门级靶场

靶场地址：https://bigiamchallenge.com/challenge/1

参考：

https://wiki.teamssix.com/cloudservice/iam/the_big_iam_challenge_writeup.html

https://pswalia2u.medium.com/bigiamchallenge-aws-iam-challenges-ded45cb983f2

前言

PHP 还是太诱人了（

出题人的博客：https://blog.kengwang.com.cn/archives/668/

前言

参考：

FRIDA HOOK：脱壳、手机抓包 - Boogiepop Doesn’t Laugh

https://www.cnblogs.com/freedom-h/p/18778021

https://yaklang.com/Yaklab/WeChatAppEx/#%E6%AD%A5%E9%AA%A4-3-%E5%AE%89%E8%A3%85-yakit-%E7%9A%84-ca-%E8%AF%81%E4%B9%A6

https://lucxer.tech/2021/03/20/15.ab%E6%A1%88%E4%BE%8B%E5%AD%A6%E4%B9%A0/

前言

主力机换了台 Mac，记录一下部分环境配置的过程

参考：

国光的博客，但是 wayback machine

https://www.cnblogs.com/simono/p/16629284.html

前言

参考：

https://dwd.moe/post/nepctf-2025#%E6%88%91%E9%9A%BE%E9%81%93%E4%B8%8D%E6%98%AF-sql-%E6%B3%A8%E5%85%A5%E5%A4%A9%E6%89%8D%E5%90%97

https://www.cnblogs.com/LAMENTXU/articles/19007988

前言

参考：

https://cloud.tencent.com/developer/article/2327496

https://www.freebuf.com/articles/network/393276.html

https://sanshiok.com/archive/14.html#0x01%20%E5%89%8D%E7%BD%AE%E7%9F%A5%E8%AF%86-1

https://forum.butian.net/share/1227

https://blog.zgsec.cn/archives/278.html

https://www.cnblogs.com/mr-ryan/p/17680899.html

https://yaklang.com/Yaklab/WeChatAppEx/

前言

2025.7.19-7.20 郑州 网络安全科技馆 强网杯同款赛博厅

NISA-GreenSpark 位37 全国二等奖 一如去年

day1 渗透+CTF

day2 AWDP+CTF

今年居然又恢复申请联网了

前言

官方 wp：https://www.yuque.com/chuangfeimeiyigeren/eeii37/bkp6ldnifm2k3o1a?singleDoc#cC8ZK

Team：NISA

Rank：31

Score：1200

前言

一人全役

Team：Re:Iris

Rank：40

Score：1270

前言

参考：

https://developer.aliyun.com/article/1089899

https://cloud.tencent.com/developer/article/2495873

https://wiki.wgpsec.org/knowledge/tools/metasploit.html

https://blog.csdn.net/m0_46371267/article/details/120740639

https://cloud.tencent.com/developer/article/2015275

https://github.com/rapid7/metasploitable3/wiki/Vulnerabilities

https://cloud.tencent.com/developer/article/2015275

https://www.jeza-chen.com/2018/09/21/MetaSploit3_Setup/