current location:Home > Technical Articles > Operation and Maintenance > Safety

  • What are the knowledge points of Python anti-crawler?
    What are the knowledge points of Python anti-crawler?
    1. Why anti-crawlers? Before designing an anti-crawler system, let’s first take a look at what problems crawlers will bring to the website? In essence, the websites and the data on the websites that can be browsed, viewed and used by people on the Internet , are all open and accessible, so there is no so-called "illegal authorized access" problem. There is no essential difference between a crawler program accessing a web page and a human accessing a web page. In both cases, the client initiates an HTTP request to the website server. After receiving the request, the website server returns a content response to the client. As long as a request is initiated, the website server must respond. To respond, the server's resources must be consumed. There is a mutually beneficial relationship between website visitors and the website. The website provides visitors with the necessary information they need.
    Safety 1646 2023-05-17 10:18:16
  • How to Conduct Linux Malware SkidMap Analysis
    How to Conduct Linux Malware SkidMap Analysis
    Cryptocurrency mining malware remains a prevalent threat. Cybercriminals are also increasingly exploring new platforms and methods to further exploit mining malware – from mobile devices, Unix and Unix-like systems to servers and cloud environments. Attackers continue to improve malware's ability to resist detection. For example, bundling malware with a watchdog component to ensure that illegal cryptocurrency mining activities persist in infected machines, or Linux-based systems that utilize LD_PRELOAD-based rootkits to make their components unavailable to the system. detected. SkidMap is a recently stumbled upon piece of Linux malware that demonstrates the increasing sophistication of recent cryptocurrency mining threats. this
    Safety 1238 2023-05-17 09:56:37
  • How to analyze the interpretation and countermeasures of Win7 blue screen
    How to analyze the interpretation and countermeasures of Win7 blue screen
    Recently, Sangfor has received many inquiries from customers about the outbreak of blue screens in Win7. The content roughly refers to "Win7 has ended its service, Microsoft will no longer update patches, computers collectively have blue screens, the error code is F4, blue screens are related to vulnerability patches, etc., and Users are urged not to patch the vulnerability." However, judging from the problems collected by Sangfor, there is no large-scale Win7 blue screen phenomenon in enterprises. Through tracing, we found that this problem occurred relatively early in individuals and Internet cafe environments. Some individual users and network administrators did seek help from security vendors. Regarding the issue of whether vulnerability repair (patching) will cause a blue screen in Win7, we have repeatedly verified that there is no inevitable correlation between patching and blue screen in Win7 (that is to say, patching
    Safety 1089 2023-05-17 08:46:43
  • How to make the website automatically update every day
    How to make the website automatically update every day
    I believe that many webmaster friends who have just started a website have this feeling. It is really tiring to update the website every day. If you want to increase the weight of your website, you must make sure that the website is updated every day, and you cannot update several days of articles at once, because in the eyes of search engines, these are still published on the same day and have no impact on the weight of the website. Is there any way to make the website update automatically? Everyone knows the importance of frequent updates to a website. Search engines like fresh content. If your website is not updated for a long time, your ranking will drop, or it will be deleted. Okay, without further ado, let’s introduce the idea of ​​automatic website update. 1. The old website mentioned here not only refers to the website that has been established for a long time. Such a website not only has a certain weight, but also has a certain amount of traffic.
    Safety 11743 2023-05-17 08:34:22
  • How to use calc() in CSS3
    How to use calc() in CSS3
    The usage of CSS3calc() calc() is similar to a function and can set dynamic values ​​​​for elements: /*basiccalc*/.simpleBlock{width:calc(100%-100px);}/*calcincalc*/.complexBlock{width: calc(100%-50%/3);padding:5pxcalc(3%-2px);margin-left:calc(10%+10px);}
    Safety 938 2023-05-16 21:25:04
  • How to do SOAP interface performance testing
    How to do SOAP interface performance testing
    The main reasons why I chose the Locust tool are: 1) It is an open source tool that everyone can apply at any time without spending a lot of money; 2) It supports the Python language and is efficient and fast to use; 3) It can construct any number of concurrent users without licenses Limit, large-scale concurrent stress testing can be carried out. So how to complete the actual SOAP interface performance test? Broken down, the tasks to be completed are as follows: 1. SOAP interface test script (implementation method two) (1) Analysis of test ideas for the Soap interface using the Request object (2) Testing the Soap interface using the Request object to send requests Script development 2, Locust performance testing framework principle analysis and soa
    Safety 1500 2023-05-16 20:55:04
  • How to choose between mesh networking and apac networking
    How to choose between mesh networking and apac networking
    Which one is better, mesh networking or apac networking? Answer: Mesh is recommended for small places. Apac networking is recommended for large venues. In terms of stability, maybe apac will be better. However, the mesh networking method is simpler and more convenient to operate. The advantage of wireless mesh is that it does not require wiring and the networking is also very flexible. AC+AP was used in large-scale networking in the early days. To put it simply, it allows users to keep their services uninterrupted while moving. For example, if a user plays video while walking, the video will not be interrupted when switching from hotspot A to hotspot B. There will be lags and interruptions. It can be seen that this is specially designed for enterprise networking, but the early cost is also very high. Some of the design and layout of AP require specialized engineering and technical personnel to operate. And me
    Safety 2088 2023-05-16 20:34:04
  • What is the performance analysis of WAF on WebShell traffic detection?
    What is the performance analysis of WAF on WebShell traffic detection?
    Local environment setup Judging from the retained screenshots, the other party's PHP version is 5.6.40, so I want to set up a test environment of apache+php5.6.40. Open virtualbox, copy the link to the centos image system, and configure it according to the following process. 1.Install apacheyuminstall-yhttpdhttpd-vServerversion:Apache/2.4.6(CentOS)Serverbuilt:Aug8201911:41:182.Install php5.6yum-yinstallepel-releaserpm-Uvhhttps://mi
    Safety 1554 2023-05-16 19:47:54
  • Apache Shiro 1.2.4 Deserialization Vulnerability Example Analysis
    Apache Shiro 1.2.4 Deserialization Vulnerability Example Analysis
    The vulnerability of the 0x00ApacheShiro component was exposed a long time ago, but it was encountered again at work recently. I happened to be looking at Java deserialization stuff recently, so I decided to take it out and analyze it again, and I also encountered some strange problems during the process. Most of the analysis articles on the Internet manually add the dependency of commons-collections4-4.0 in order to use the CommonsCollections2 payload generated by ysoserial. However, the situation I encountered is that I can directly use CommonsBeanutils1, so here we No more duplication online on CommonsCollecti
    Safety 1048 2023-05-16 19:40:24
  • How to grab apk network package in frida
    How to grab apk network package in frida
    1. Analyze the pitfalls and find hook points from a system perspective instead of capturing packets just for the sake of capturing them. 1.okhttp calling process publicstaticfinalMediaTypeJSON=MediaType.get("application/json;charset=utf-8");OkHttpClientclient=newOkHttpClient();Stringpost(Stringurl,Stringjson)throwsIOException{RequestBodybody=RequestBody
    Safety 1497 2023-05-16 19:16:38
  • How to decrypt app resources in cocos2d-LUA reverse engineering
    How to decrypt app resources in cocos2d-LUA reverse engineering
    Let's take the Dashen apk as an example. Through the previous analysis of the app decryption Lua script, we can decrypt the Lua script of the Dashen apk. Now let's decrypt its resources (configuration files and pictures, etc.). Let’s take a more important configuration file as an example. Before decryption: the file header also has a signature value: fuckyou!. Seeing this, we first thought about whether it was also encrypted with xxtea. We used the above method to decrypt it with xxtea first, and then decompressed it. We found that it was still garbled, and an error occurred during the operation. Obviously, we have to deny what we just said. conjecture. We continue to decrypt the configuration file step by step. Think about it for a moment, the file header is: fuckyou! If you want to decrypt files, you will inevitably need to process
    Safety 2127 2023-05-16 19:11:10
  • What is the security sandbox mechanism for Java applications?
    What is the security sandbox mechanism for Java applications?
    If you often read the source code, you will find that there is code similar to the following in the Java source code classFile{//Determine whether a disk file exists publicbooleanexists(){SecurityManagersecurity=System.getSecurityManager();if(security!=null ){security.checkRead(path);}...}} This is obviously a security check code. It checks whether you have permission to access the disk path. Why does the Java language need such a security check code? Let’s look at c for client sockets again
    Safety 949 2023-05-16 18:26:22
  • RIP routing configuration V2 instance analysis
    RIP routing configuration V2 instance analysis
    Safety 1120 2023-05-16 16:43:33
  • How to answer HCE security questions
    How to answer HCE security questions
    In recent projects, we are often asked: Is HCE safe? My answer is: relatively safe. After hearing my answer, many people may start to say, so-and-so bank has launched HCE application, why is it unsafe? In fact, there are two HCE application scenarios: online mode and offline mode. Online mode: Related keys and calculations are completed in the background. Even if security problems occur, they fall within the scope of network security. However, large-scale key leakage will not occur. Currently, all HCE applications launched by banks are in online mode. Offline mode: Related keys, sensitive data, amounts and other information will be stored inside the phone. This is troublesome because Android phones are easily rooted and all data will be read and copied. Safety of pure HCE
    Safety 742 2023-05-16 15:46:51
  • What are the background administrator rights of Getshell in ZenTao 12.4.2?
    What are the background administrator rights of Getshell in ZenTao 12.4.2?
    0x00 Introduction ZenTao is a professional domestic open source R&D project management software that integrates product management, project management, quality management, document management, organizational management and transaction management, completely covering the core processes of R&D project management. The management idea is based on the internationally popular agile project management method - Scrum. On the basis of following its values, combined with the current status of domestic project research and development, it integrates multiple functions such as task management, demand management, bug management, use case management, etc., covering software from planning to to the entire life cycle of a release. 0x01 Vulnerability Overview ZenTao version 12.4.2 has an arbitrary file download vulnerability. This vulnerability is because the filtering in the download method in the client class is not strict and ftp can be used to download files.
    Safety 1609 2023-05-16 15:43:12

Tool Recommendations

jQuery enterprise message form contact code

jQuery enterprise message form contact code is a simple and practical enterprise message form and contact us introduction page code.
form button
2024-02-29

HTML5 MP3 music box playback effects

HTML5 MP3 music box playback special effect is an mp3 music player based on HTML5 css3 to create cute music box emoticons and click the switch button.

HTML5 cool particle animation navigation menu special effects

HTML5 cool particle animation navigation menu special effect is a special effect that changes color when the navigation menu is hovered by the mouse.
Menu navigation
2024-02-29

jQuery visual form drag and drop editing code

jQuery visual form drag and drop editing code is a visual form based on jQuery and bootstrap framework.
form button
2024-02-29

Organic fruit and vegetable supplier web template Bootstrap5

An organic fruit and vegetable supplier web template-Bootstrap5
Bootstrap template
2023-02-03

Bootstrap3 multifunctional data information background management responsive web page template-Novus

Bootstrap3 multifunctional data information background management responsive web page template-Novus
backend template
2023-02-02

Real estate resource service platform web page template Bootstrap5

Real estate resource service platform web page template Bootstrap5
Bootstrap template
2023-02-02

Simple resume information web template Bootstrap4

Simple resume information web template Bootstrap4
Bootstrap template
2023-02-02

Cute summer elements vector material (EPS PNG)

This is a cute summer element vector material, including the sun, sun hat, coconut tree, bikini, airplane, watermelon, ice cream, ice cream, cold drink, swimming ring, flip-flops, pineapple, conch, shell, starfish, crab, Lemons, sunscreen, sunglasses, etc., the materials are provided in EPS and PNG formats, including JPG previews.
PNG material
2024-05-09

Four red 2023 graduation badges vector material (AI EPS PNG)

This is a red 2023 graduation badge vector material, four in total, available in AI, EPS and PNG formats, including JPG preview.
PNG material
2024-02-29

Singing bird and cart filled with flowers design spring banner vector material (AI EPS)

This is a spring banner vector material designed with singing birds and a cart full of flowers. It is available in AI and EPS formats, including JPG preview.
banner picture
2024-02-29

Golden graduation cap vector material (EPS PNG)

This is a golden graduation cap vector material, available in EPS and PNG formats, including JPG preview.
PNG material
2024-02-27

Home Decor Cleaning and Repair Service Company Website Template

Home Decoration Cleaning and Maintenance Service Company Website Template is a website template download suitable for promotional websites that provide home decoration, cleaning, maintenance and other service organizations. Tip: This template calls the Google font library, and the page may open slowly.
Front-end template
2024-05-09

Fresh color personal resume guide page template

Fresh color matching personal job application resume guide page template is a personal job search resume work display guide page web template download suitable for fresh color matching style. Tip: This template calls the Google font library, and the page may open slowly.
Front-end template
2024-02-29

Designer Creative Job Resume Web Template

Designer Creative Job Resume Web Template is a downloadable web template for personal job resume display suitable for various designer positions. Tip: This template calls the Google font library, and the page may open slowly.
Front-end template
2024-02-28

Modern engineering construction company website template

The modern engineering and construction company website template is a downloadable website template suitable for promotion of the engineering and construction service industry. Tip: This template calls the Google font library, and the page may open slowly.
Front-end template
2024-02-28