{"id":13369151,"url":"https://github.com/JnuSimba/MiscSecNotes","last_synced_at":"2025-03-12T20:31:14.227Z","repository":{"id":47617550,"uuid":"111658543","full_name":"JnuSimba/MiscSecNotes","owner":"JnuSimba","description":"some learning notes about Web Application Security、 Penetration Test","archived":false,"fork":false,"pushed_at":"2024-09-14T04:25:01.000Z","size":51653,"stargazers_count":858,"open_issues_count":0,"forks_count":306,"subscribers_count":44,"default_branch":"master","last_synced_at":"2025-02-05T06:13:10.178Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"","language":null,"has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/JnuSimba.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2017-11-22T08:45:56.000Z","updated_at":"2025-01-28T02:12:41.000Z","dependencies_parsed_at":"2024-10-24T18:09:01.774Z","dependency_job_id":null,"html_url":"https://github.com/JnuSimba/MiscSecNotes","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/JnuSimba%2FMiscSecNotes","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/JnuSimba%2FMiscSecNotes/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/JnuSimba%2FMiscSecNotes/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/JnuSimba%2FMiscSecNotes/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/JnuSimba","download_url":"https://codeload.github.com/JnuSimba/MiscSecNotes/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":243290838,"owners_count":20267797,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-07-30T01:01:24.890Z","updated_at":"2025-03-12T20:31:11.263Z","avatar_url":"https://github.com/JnuSimba.png","language":null,"readme":"# MiscSecNotes\r\n此系列文章是本人关于学习 Web安全、渗透测试等时记录的一些笔记，部分原创，部分是对网上文章的理解整理。如果可以找到原始参考链接时则会在文末贴出（如 乌云很多链接已失效，或者记不起当时存档时的链接），或者在文章开头写上 by xx，如有侵权请联系我（zhangjinfa3 at gmail.com）删除或加上reference，感谢在网上共享知识的师傅们，觉得内容不错的朋友请不要吝啬您的 **star**。 \r\n\r\n## 文章目录\r\n\r\n### Web 安全\r\n* Web服务基础\r\n    * [HTTP协议](Web服务基础/HTTP协议.md)\r\n    * [同源策略](Web服务基础/同源策略.md)\r\n    * [前端基础](Web服务基础/前端基础.md)\r\n    * [JS 跨域](Web服务基础/JS跨域.md)\r\n\t* [后端基础](Web服务基础/后端基础.md)\r\n\t* [常见函数](Web服务基础/常见函数.md)\r\n\t* [nginx安全配置](Web服务基础/nginx安全配置.md)\r\n\t* [apache安全配置](Web服务基础/apache安全配置.md)\r\n\t* [htaccess文件利用](Web服务基础/htaccess文件利用.md)\r\n\r\n* 跨站脚本\r\n\t* [解码顺序](跨站脚本/解码顺序.md)\r\n\t* [反射XSS](跨站脚本/反射XSS.md)\r\n\t* [DOMXSS](跨站脚本/DOMXSS.md)\r\n\t* [存储XSS](跨站脚本/存储XSS.md)\r\n\t\r\n* 跨站请求伪造\r\n\t* [CSRF](跨站请求伪造/CSRF.md)\r\n\r\n* SQL 注入\r\n\t* [MYSQL注入](SQL%20注入/MYSQL注入.md)\r\n\t* [sqlmap tips](SQL%20注入/sqlmap%20tips.md)\r\n\t* [sqlmap 进阶](SQL%20注入/sqlmap%20进阶.md)\r\n\r\n* Flash安全\r\n\t* [Flash xss](Flash安全/Flash%20XSS.md)\r\n\t* [Flash csrf](Flash安全/Flash%20CSRF.md)\r\n\r\n* PHP安全\r\n\t* [php filter](PHP安全/php%20filter.md)\r\n\t* [php open_basedir](PHP安全/php%20open_basedir.md)\r\n\t* [php 安全编码](PHP安全/php%20安全编码.md)\r\n\t* [php 弱类型问题](PHP安全/php%20弱类型问题.md)\r\n\t* [php 高级代码审计](PHP安全/php%20高级代码审计.md)\r\n\t* [php 框架审计](PHP安全/php%20框架审计.md)\r\n\t* [php 版本特点](PHP安全/php%20版本特点.md)\r\n\t* [php 防getshell思路](PHP安全/php%20防getshell思路.md)\r\n\t* [php 变形shell检测](PHP安全/php%20变形shell检测.md)\r\n\t* [php rasp实现](PHP安全/php%20rasp%20实现.md)  \r\n\t\r\n* URL跳转\r\n\t* [url跳转](URL跳转/url跳转.md)\r\n\r\n* XML注入\r\n\t* [XXE漏洞](XML注入/XXE漏洞.md)\r\n\r\n* 点击劫持\r\n\t* [clickjacking](点击劫持/clickjacking.md)\r\n\r\n* 服务端请求伪造\r\n\t* [SSRF 基础](服务端请求伪造/SSRF%20基础.md)\r\n\t* [SSRF 利用](服务端请求伪造/SSRF%20利用.md)\r\n\r\n* 逻辑漏洞\r\n\t* [业务安全](逻辑漏洞/业务安全.md)\r\n\t* [支付安全](逻辑漏洞/支付安全.md)\r\n\r\n\r\n* 命令执行\r\n\t* [命令执行](命令执行/命令执行.md)\r\n* 文件包含\r\n\t* [文件包含](文件包含/文件包含.md)\r\n* 文件解析\r\n\t* [文件解析](文件解析/文件解析.md)\r\n* 文件上传\r\n\t* [文件上传](文件上传/文件上传.md)\r\n* 信息泄露\r\n\t* [信息泄露](信息泄露/信息泄露.md)\r\n* Bypass WAF\r\n  * [bypass sqli](Bypass%20WAF/bypass%20sqli.md)\r\n  * [bypass waf（四个层次）](Bypass%20WAF/bypass%20waf（四个层次）.md)\r\n  * [bypass waf Cookbook](Bypass%20WAF/bypass%20waf%20Cookbook.md)\r\n  * [waf 之SQL注入防御思路分享](Bypass%20WAF/waf%20之SQL注入防御思路分享.md)\r\n* 工具与思路\r\n\t* [漏洞检测思路](工具与思路/漏洞检测思路.md)\r\n\t* [漏洞挖掘与工具](工具与思路/漏洞挖掘与工具.md)\r\n\t* [子域名爆破](工具与思路/子域名爆破.md)  \r\n\t* [暴力破解](工具与思路/暴力破解.md)   \r\n* 协议相关\r\n\t* [IPv6协议相关](协议相关/IPv6协议相关.md)   \r\n\t* [IPv6协议安全](协议相关/IPv6协议安全.md)  \r\n* 漏洞修复\r\n  * [漏洞修复指南](漏洞修复/漏洞修复指南.md)\r\n\r\n* 漏洞科普\r\n\r\n  * [fastjson远程命令执行漏洞原理](漏洞科普/fastjson远程命令执行漏洞原理.md)\r\n  * [PHP-FPM 远程命令执行漏洞](漏洞科普/PHP-FPM%20远程命令执行漏洞.md)\r\n### 渗透测试\r\n* Linux渗透\r\n\t* [Linux执行命令监控](Linux渗透/Linux执行命令监控.md)  \r\n\t* [Linux 入侵检测](Linux渗透/Linux%20入侵检测.md)\r\n\t* [Linux 提权](Linux渗透/Linux%20提权.md)\r\n\t* [Rootkit 综合教程](Linux渗透/Rootkit%20综合教程.md)\r\n\r\n* 端口转发\r\n\t* [代理知识](端口转发/代理知识.md)  \r\n\t* [渗透测试之代理](端口转发/渗透测试之代理.md)\r\n\t* [内网端口转发及穿透](端口转发/内网端口转发及穿透.md)  \r\n\r\n* Windows渗透\r\n\t* [Windows 入侵检测](Windows渗透/Windows%20入侵检测.md)\r\n\t* [Windows 入侵排查](Windows渗透/Windows%20入侵排查.md)\r\n\t* [Windows 渗透测试](Windows渗透/Windows%20渗透测试.md)  \r\n\t* [Windows 应急响应](Windows渗透/Windows%20应急响应.md)  \r\n\r\n","funding_links":[],"categories":["Vulnerability","Others","LLM分析过程"],"sub_categories":["Other"],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FJnuSimba%2FMiscSecNotes","html_url":"https://awesome.ecosyste.ms/projects/github.com%2FJnuSimba%2FMiscSecNotes","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FJnuSimba%2FMiscSecNotes/lists"}