{"id":13538320,"url":"https://github.com/jiangsir404/audit-learning","last_synced_at":"2025-04-02T05:31:10.375Z","repository":{"id":41403703,"uuid":"116131592","full_name":"jiangsir404/Audit-Learning","owner":"jiangsir404","description":"记录自己对《代码审计》的理解和总结，对危险函数的深入分析以及在p牛的博客和代码审计圈的收获","archived":false,"fork":false,"pushed_at":"2018-10-08T01:58:55.000Z","size":53,"stargazers_count":978,"open_issues_count":1,"forks_count":170,"subscribers_count":29,"default_branch":"master","last_synced_at":"2025-03-13T14:37:18.063Z","etag":null,"topics":["audit","code-review","php","security"],"latest_commit_sha":null,"homepage":"","language":null,"has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/jiangsir404.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2018-01-03T11:55:26.000Z","updated_at":"2025-03-03T10:41:00.000Z","dependencies_parsed_at":"2022-09-19T20:48:02.413Z","dependency_job_id":null,"html_url":"https://github.com/jiangsir404/Audit-Learning","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jiangsir404%2FAudit-Learning","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jiangsir404%2FAudit-Learning/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jiangsir404%2FAudit-Learning/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jiangsir404%2FAudit-Learning/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/jiangsir404","download_url":"https://codeload.github.com/jiangsir404/Audit-Learning/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":246763803,"owners_count":20829795,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["audit","code-review","php","security"],"created_at":"2024-08-01T09:01:09.795Z","updated_at":"2025-04-02T05:31:10.117Z","avatar_url":"https://github.com/jiangsir404.png","language":null,"funding_links":[],"categories":["\u003ca id=\"a4ee2f4d4a944b54b2246c72c037cd2e\"\u003e\u003c/a\u003e收集\u0026\u0026集合","\u003ca id=\"e97d183e67fa3f530e7d0e7e8c33ee62\"\u003e\u003c/a\u003e未分类","\u003ca id=\"8c5a692b5d26527ef346687e047c5c21\"\u003e\u003c/a\u003e收集"],"sub_categories":["\u003ca id=\"e97d183e67fa3f530e7d0e7e8c33ee62\"\u003e\u003c/a\u003e未分类","\u003ca id=\"f110da0bf67359d3abc62b27d717e55e\"\u003e\u003c/a\u003e新添加的"],"readme":"# Audit-Learning\r\n\r\n开新坑了，准备花一个月的时间对学过的代码审计知识好好总结一下，持续更新，欢迎各位师傅star支持一下。\r\n\r\n## Todo\r\n- [x] open_basedir 绕过研究\r\n- [x] allow_url_fopen 和 allow_url_include\r\n- [x] 宽字节注入及数据库编码分析\r\n- [x] 通用代码审计思路\r\n- [x] 危险的file_put_contents函数\r\n- [x] escapeshellarg 和 escapeshellcmd 函数.md\r\n- [x] parse_url 函数研究\r\n- [x] 其他\r\n- [x] 特殊的文件名写入技巧(move_uploaded_file, file_put_contents,copy，readfile,file,fopen 都存在) \r\n- [x] mail函数命令执行\r\n- [ ] disable_functions 绕过研究\r\n- [ ] curl 函数研究\r\n- [ ] addslashes 函数绕过研究\r\n- [ ] move_uploaded_file\r\n- [ ] 其他 [php函数默认配置引发的安全问题](http://skysec.top/2018/08/17/php%E5%87%BD%E6%95%B0%E9%BB%98%E8%AE%A4%E9%85%8D%E7%BD%AE%E5%BC%95%E5%8F%91%E7%9A%84%E5%AE%89%E5%85%A8%E9%97%AE%E9%A2%98/#openssl-verify-%E5%87%BD%E6%95%B0)\r\n- [ ] 误用htmlentities函数引发的漏洞 (http://sec-redclub.com/archives/964/)\r\n- [x] filter_var函数缺陷 (http://sec-redclub.com/archives/925/)\r\n\r\n\r\n## 一些资源\r\n\r\n### 代码审计练习题\r\n\r\nhttps://github.com/CHYbeta/Code-Audit-Challenges\r\n\r\nwonderkun师傅的ctf web练习题: https://github.com/wonderkun/CTF_web\r\n\r\nhttps://github.com/bowu678/php_bugs\r\n\r\nRIPS2017 代码审计练习oj: https://www.ripstech.com/php-security-calendar-2017/\r\n\r\n红日安全 RIPS oj 里题解: https://github.com/hongriSec/PHP-Audit-Labs\r\n\r\n### 漏洞exp\r\n推荐一波自己的仓库： https://github.com/jiangsir404/PHP-code-audit\r\n\r\n各种开源CMS 各种版本的漏洞以及EXP： https://github.com/Mr5m1th/0day\r\n\r\nCMS漏洞测试用例集合： https://github.com/SecWiki/CMS-Hunter\r\n\r\n\r\n### 乌云 \r\n\r\nXyntax师傅整理的乌云1000个PHP代码审计案例： https://github.com/Xyntax/1000php\r\n\r\n乌云Drops文章备份： https://github.com/SecWiki/wooyun_articles\r\n\r\nphp_code_audit_project： https://github.com/SukaraLin/php_code_audit_project\r\n\r\n### 思维导图，资料集合\r\n\r\ncheybeta师傅的Web学习资料整理: https://github.com/CHYbeta/Web-Security-Learning\r\n\r\nhttps://github.com/CHYbeta/phith0n-Mind-Map\r\n\r\nhttps://github.com/bit4woo/code2sec.com\r\n\r\npython 代码审计: https://github.com/bit4woo/python_sec\r\n\r\n高级PHP应用程序漏洞审核技术(by黑哥）https://github.com/Jyny/pasc2at\r\n\r\n\r\n### 博客\r\n离别歌:https://www.leavesongs.com/\r\n\r\n漏洞时代: http://0day5.com/\r\n\r\nlorexxar师傅: http://lorexxar.cn/\r\n\r\n知道创宇paper: https://paper.seebug.org/\r\n\r\n\r\n### 书籍\r\n《代码审计》\r\n\r\n《PHP7内核剖析》 https://github.com/pangudashu/php7-internal\r\n\r\n《深入理解PHP内核》https://github.com/reeze/tipi\r\n\r\n### 代码审计工具\r\n\r\ncobra： https://github.com/wufeifei/cobra\r\n\r\nSeay源代码审计系统2.1: http://www.cnseay.com/\r\n\r\nrips: https://github.com/ripsscanner/rips\r\n\r\n\r\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjiangsir404%2Faudit-learning","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fjiangsir404%2Faudit-learning","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjiangsir404%2Faudit-learning/lists"}