refer to: 2022: https://www.panewslab.com/zh/articledetails/l9hj2ngug39u.html 2023: https://www.fx168news.com/article/433280

eth:  solidity trx:  solidity, javascript eos: c++ solana: rust ,c avalanche: solidity, bnb: bsc:  solidity polygon: solidity

refer to: https://fingerprint.com/blog/browser-fingerprinting-techniques/ https://seon.io/resources/browser-fingerprinting/ fingerprint: 指纹。 browser fingerprint通常包含: ip geo location ( 跟ip 差不多) ...

refer to: https://yunjing.ichunqiu.com/cve/detail/788?pay=1 https://nvd.nist.gov/vuln/detail/CVE-2021-24750 https://github.com/fimtow/CVE-2021-24750/blob/master/exploit.py 从介绍上看，这是一个authentica...

refer to: https://yunjing.ichunqiu.com/cve/detail/808?pay=1 https://sploitus.com/exploit?id=WPEX-ID:D2970CFB-0AA9-4516-9A4B-32971F41A19C 总结： 1. sqlmap 工具真的好用，对于sleep 这样time based sqli 不需要 --strin...

refer to: https://gist.github.com/hindol/4483374 1.  使用命令：sudo visudo   修改文件： /etc/sudoers 2. 保证添加这一句： Defaults env_keep+="http_proxy ftp_proxy all_proxy https_proxy no_proxy" 就可以了。 3. 验...

refer to: https://cheatsheetseries.owasp.org/cheatsheets/XSS_Filter_Evasion_Cheat_Sheet.html https://stackoverflow.com/questions/1798633/xss-attack-with-javascript-in-img-src-attribute 好多好长啊。。。

refer to: 1. 手机端有个VPN 2. 手机端设置跟host一样的网络， 3. PC host 打开 burpsuite 4. 手机端需要关闭VPN，然后设置 proxy, 然后PC端才能看到手机端的抓包。 原因是，手机端的VPN走的是UDP，这个跟TCP不一样，无法抓包。所以burpsuite上看不到任何东西。

refer to: https://github.com/eth-sri/securify2 注意：目前仅仅支持单文件的contract, 不支持import那种格式 安装 略 使用

refer to: https://groups.google.com/g/linux.debian.bugs.dist/c/A1GAuTs-9I4?pli=1 https://cloud.tencent.com/developer/article/1370854 各种排查，发现： crontab -e 中有一条可疑记录 删除后问题依旧 /tmp 下不断地创建挖矿病毒，删除 /tmp后...

refer to: https://www.revshells.com/

refer to: 太多了，估计有几百种，基本都是 reverse shell.

refer to: POE msfvenom --list formats 得到的结果： msfvenom --list formats 是 Metasploit Framework 中的一个命令，用于列出 msfvenom 工具支持的各种可执行格式。下面是对这些格式的详细说明： asp: 生成 ASP 脚本文件，可用于在 Windows 服务器上执行代码。 aspx: 生成...

refer to: https://www.cyberpratibha.com/blog/msfvenom-replacement-of-msfpayload-and-msfencode-full-guide/ msfencode  msfpayload 已经在2015年被干掉了 用msfvenom 就好了 今天生成了一个 reverse shell 的 文件，结果发现完全不免杀...

https://www.gptshunter.com/

以下都是copy来的。。。给自己一个思路. https://www.bilibili.com/video/BV1oF411F7hG?p=4&spm_id_from=pageDriver&vd_source=760370308ce01ce4b34ea757917ac641 POE.  以下COPY自POE. 人工智能（Artificial Intelligenc...

refer to: https://github.com/sqlmapproject/sqlmap/issues/5392 [08:19:47] [DEBUG] SSL connection error occurred for 'PROTOCOL_TLS_CLIENT' ('SSLError: [SSL: SSLV3_ALERT_HANDSHAKE_FAILURE] sslv3 ale...

refer to: https://pyimagesearch.com/2015/01/26/multi-scale-template-matching-using-python-opencv/ 结论： 最好还是用手动截取的template 缩放截取的，匹配度比较低。 关键代码: # 缩放模板图像 scale_percent = 60 # 缩放比例为60% width = int(te...

https://docs.python.org/3/library/unittest.html 非常简单： class: class VisionTool: def __init__(self): pass def get_current_player_cards(self, source_image_name): pass 对应的测试文件...

refer to: https://linuxconfig.org/install-vmware-tools-on-ubuntu-22-04-jammy-jellyfish-linux 1. # UBUNTU 22.04 SERVER:$ sudo apt install open-vm-tools # UBUNTU 22.04 DESKTOP:$ sudo apt install ope...