{"id":13840974,"url":"https://github.com/sp4rkw/Cyberspace_Security_Learning","last_synced_at":"2025-07-11T09:34:14.900Z","repository":{"id":48171064,"uuid":"119017030","full_name":"sp4rkw/Cyberspace_Security_Learning","owner":"sp4rkw","description":"在学习CTF、网络安全路上整合自己博客和一些资料，持续更新~","archived":false,"fork":false,"pushed_at":"2021-09-01T08:30:55.000Z","size":1340,"stargazers_count":144,"open_issues_count":0,"forks_count":28,"subscribers_count":7,"default_branch":"master","last_synced_at":"2024-09-09T09:38:45.058Z","etag":null,"topics":["ctf","learning","security","tips-ctf"],"latest_commit_sha":null,"homepage":null,"language":null,"has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/sp4rkw.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2018-01-26T06:54:53.000Z","updated_at":"2024-08-19T08:31:37.000Z","dependencies_parsed_at":"2022-09-26T20:21:29.185Z","dependency_job_id":null,"html_url":"https://github.com/sp4rkw/Cyberspace_Security_Learning","commit_stats":null,"previous_names":["q1271964185/cyberspace_security_learning"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sp4rkw%2FCyberspace_Security_Learning","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sp4rkw%2FCyberspace_Security_Learning/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sp4rkw%2FCyberspace_Security_Learning/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sp4rkw%2FCyberspace_Security_Learning/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/sp4rkw","download_url":"https://codeload.github.com/sp4rkw/Cyberspace_Security_Learning/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":225669520,"owners_count":17505386,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["ctf","learning","security","tips-ctf"],"created_at":"2024-08-04T17:01:00.653Z","updated_at":"2024-11-21T10:31:04.310Z","avatar_url":"https://github.com/sp4rkw.png","language":null,"funding_links":[],"categories":["HTML","HTML (177)","Others"],"sub_categories":[],"readme":"# Cyberspace_Security_Learning\n\n在学习CTF、网络安全路上整合博客和一些资料，持续更新~\n\n\n#### :ear: 置顶tips：\n\n#### 如果你也有自己学习路上收集的一些好资料，或者愿意展示自己的优质博客给大家欢迎fork  pull request给我~\n\n#### 联系邮箱 :sparkles: shanguang45@gmail.com\n\n#### 善于使用 ctrl+F 是一项非常重要的技能\n\n\n最新更新时间：2021/09/01\n\n\n更新内容：\n\n[iOS视频广告游戏跳过](https://www.52pojie.cn/thread-1473224-1-1.html)\n\n[ios 手把手教你运行第一个逆向工程](https://www.52pojie.cn/thread-1491238-1-1.html)\n\n[frida获得阿里系APP签名函数地址及调用](https://www.52pojie.cn/thread-1491319-1-1.html)\n\n[Frida Android hook](https://eternalsakura13.com/2020/07/04/frida/)\n\n[MySQL8新特性注入技巧](https://www.anquanke.com/post/id/249650)\n\n[利用WebSocket接口中转注入渗透实战](https://mp.weixin.qq.com/s/d6AhbonbMIaVpoZ3XGL-1g)\n\n[太干了，Android 抓包姿势总结！](https://mp.weixin.qq.com/s/EB0MAJQs1CIEUHezmTFxtg)\n\n[APP渗透指南分享](https://mp.weixin.qq.com/s/Smg-ob5fj_cbbgVXQKHphA)\n\n[DLL劫持原理学习](https://mp.weixin.qq.com/s/Qd6p6cQu1lOSMq7W-_qdnQ)\n\n\n## 新人入门\n### CTF练习 Writeup\n\n这是我自己从最早入门开始练习的一些题目往下排列的，可能很多当时写的write up有理解上的错误并未改正，有发现的欢迎指正~(供刚刚入门ctf的萌新参考使用~QWQ)\n\nTips：练习多少题目不是重点，而是每道题给你演示的漏洞你要学会思路，注意一点，脑洞题别陷进去，ctf很多题目还是为了比赛而出的题目，在日常渗透测试工作中并不会出现~\n\n\u003cdetails\u003e\n  \u003csummary\u003e点击展开write up部分\u003c/summary\u003e\n\u003cpre\u003e\n\n[CTF实验吧-登陆一下好吗??【false SQL注入】](http://blog.csdn.net/wy_97/article/details/75635661)\n[CTF实验吧-who are you?【基于sleep盲注脚本】](http://blog.csdn.net/wy_97/article/details/75643252)\n[CTF实验吧-简单的sql注入【SQL注入关键词绕过】](http://blog.csdn.net/wy_97/article/details/75660870)\n[CTF实验吧-简单的sql注入3【sqlmap直接跑】](http://blog.csdn.net/wy_97/article/details/75911429)\n[CTF实验吧-因缺思汀的绕过【group by,with rollup，limit offset的利用】](http://blog.csdn.net/wy_97/article/details/76085575)\n[实验吧-让我进去【salt加密 哈希长度拓展攻击】](http://blog.csdn.net/wy_97/article/details/76269819)\n[CTF实验吧-上传绕过【0x00截断】](http://blog.csdn.net/wy_97/article/details/76549405) \n[CTF实验吧-忘记密码了【vim编辑器备份文件】](http://blog.csdn.net/wy_97/article/details/76559354)\n[实验吧-Forbidden/头有点大【Accept-Language参数伪造登录地址】](http://blog.csdn.net/wy_97/article/details/76690267)\n[实验吧-看起来有点难【基于sleep的sql注入脚本】](http://blog.csdn.net/wy_97/article/details/76715187)\n[实验吧-天网管理系统【php弱类型==与===的利用】](http://blog.csdn.net/wy_97/article/details/76849665)\n[CTF/合天网安实验室-web100题解【eval与alert的利用】](http://blog.csdn.net/wy_97/article/details/77198391)\n[CTF/CTF练习平台 随机数运算验证【细节js文件查看】](http://blog.csdn.net/wy_97/article/details/77206959)\n[CTF/CTF练习平台 --SQL注入测试【sql宽字节注入与#，%23】](http://blog.csdn.net/wy_97/article/details/77407328)\n[CTF/CTF练习平台-flag在index里【php://filter的利用】](http://blog.csdn.net/wy_97/article/details/77431111)\n[CTF/CTF练习平台-本地包含【eval函数闭合及代码段的理解】](http://blog.csdn.net/wy_97/article/details/77452939)\n[CTF/CTF练习平台-phpcmsV9【phpcms 9.6 漏洞利用】](http://blog.csdn.net/wy_97/article/details/77689031)\n[CTF/CTF练习平台-前女友【弱类型】](http://blog.csdn.net/wy_97/article/details/77712980)\n[CTF/CTF练习平台-成绩查询【sqlmap post方法】](http://blog.csdn.net/wy_97/article/details/77720307)\n[CTF/CTF练习平台-XSS【xss注入及js unicode编码及innerHTML】](http://blog.csdn.net/wy_97/article/details/77755098)\n[CTF/CTF练习平台-welcome to bugkuctf【php://filter及php://input】](http://blog.csdn.net/wy_97/article/details/77771026)\n[CTF/CTF练习平台-login1【sql约束攻击】](http://blog.csdn.net/wy_97/article/details/77983801)\n[CTF/CTF练习平台-各种绕过哟【sha1数组类型比较漏洞】](http://blog.csdn.net/wy_97/article/details/77984374)\n[Jarvis OJ PHPINFO【审计代码反序列化】](http://blog.csdn.net/wy_97/article/details/78430690)                     \n[Jarvis OJ Login【MD5拼接php字符串】](http://blog.csdn.net/wy_97/article/details/78460502)\n\u003c/code\u003e\n\u003c/details\u003e\n\n\n\n## ctf以及漏洞复现靶场\n\n收集的一些靶场，用于ctf练手以及快速漏洞复现验证\n\n\u003cdetails\u003e\n  \u003csummary\u003e点击展开在线靶场/平台列表\u003c/summary\u003e\n\u003cpre\u003e\n\n[XCTF-Time](https://usercenter.xctf.org.cn/)\n[i春秋](https://www.ichunqiu.com/)\n[WeChall Challenges](http://www.wechall.net/challs)\n[BugkuCTF 平台](https://www.bugku.com/ctf.html)\n[Jarvis OJ](https://www.jarvisoj.com/)\n[CTF Wiki](https://ctf-wiki.github.io/ctf-wiki/)\n[Vulfocus](http://vulfocus.fofa.so/#/login?redirect=%2Fdashboard)\n\u003c/code\u003e\n\u003c/details\u003e\n\n\u003cdetails\u003e\n  \u003csummary\u003e点击展开本地靶场/平台列表\u003c/summary\u003e\n\u003cpre\u003e\n\n[vulhub](https://github.com/vulhub/vulhub)\n[VulApps](https://github.com/Medicean/VulApps)\n[vulstudy](https://github.com/c0ny1/vulstudy)\n\u003c/code\u003e\n\u003c/details\u003e\n\n\n## 优质安全社区\n\n[FreeBuf.COM | 关注黑客与极客](http://www.freebuf.com/)\n\n[T00LS - 低调求发展 - 潜心习安全](https://www.t00ls.net/)\n\n[看雪安全论坛](https://bbs.pediy.com/)\n\n[先知安全技术社区](https://xianzhi.aliyun.com/forum/)\n\n[吾爱破解 - LCG - LSG|安卓破解|病毒分析|破解软件](https://www.52pojie.cn/)\n\n\n\n\n\n## Web安全\n\n### 信息收集\n\n[他山之石 | 渗透测试中的各种**子域名**枚举技术介绍](http://www.freebuf.com/web/154809.html)\n\n[CDN服务及如何获取CDN服务背后的真实IP](http://blog.csdn.net/wy_97/article/details/79079381)\n\n[Shodan自动化利用](https://xianzhi.aliyun.com/forum/topic/2070)\n\n[Web渗透从App寻找攻击面的几个方法](https://my.oschina.net/u/4587690/blog/4549444)\n\n### 弱口令\n\n[Linux **SSH**密码暴力破解技术及攻防实战](http://www.freebuf.com/sectool/159488.html)\n\n### sql注入\n\n[sql注入基于布尔/时间的盲注详解](http://blog.csdn.net/wy_97/article/details/78169623)\n\n[数据库out_of_band攻击【原理分析、复现】](http://blog.csdn.net/wy_97/article/details/79094001)\n\n[Dnslog在SQL注入中的实战](https://www.anquanke.com/post/id/98096)\n\n[MySQL宽字节注入漏洞分析](http://blog.csdn.net/wy_97/article/details/77389088)\n\n[sql盲注之**报错注入**(附自动化脚本)](http://www.freebuf.com/column/158705.html)\n\n[基于约束的SQL攻击 【电脑环境mysql实测漏洞已经修补】](http://blog.csdn.net/wy_97/article/details/77972375)\n\n[分析CVE-2018-6376 – Joomla！二阶SQL注入](www.freebuf.com/articles/web/162822.html)\n\n[二阶SQL注入理解与体会](https://www.cnblogs.com/sun-sunshine123/p/6921383.html)\n\n[利用MySQL UDF进行的一次渗透测试](http://www.freebuf.com/articles/system/163144.html)\n\n[mysql注入到命令执行 | 提权](https://sp4rkw.blog.csdn.net/article/details/114213955)\n\n[mysql注入之limit 注入](https://sp4rkw.blog.csdn.net/article/details/114364030)\n\n[Oracle注入简单挖掘—范围查询in](https://www.sec-in.com/article/493)\n\n[MySQL8新特性注入技巧](https://www.anquanke.com/post/id/249650)\n\n### redis 安全\n\n[redis未授权进阶利用姿势与思考](https://sp4rkw.blog.csdn.net/article/details/114385910)\n\n### 跨域问题\n\n[CSRF（跨站点请求伪造）在Flash中的利用](http://www.freebuf.com/articles/web/155189.html)\n\n[鸡肋CSRF和Self-XSS组合的变废为宝](http://www.freebuf.com/articles/web/164069.html)\n\n[从Ajax聊一聊Jsonp hijacking](http://blog.csdn.net/wy_97/article/details/79219203)    \n\n[CORS（跨域资源共享）错误配置漏洞的高级利用](https://www.freebuf.com/articles/web/204023.html)\n\n[JSONP劫持CORS跨源资源共享漏洞](https://www.freebuf.com/column/207802.html)\n\n[跨域问题的复现与整理](https://sp4rkw.blog.csdn.net/article/details/107730864)\n\n### xss漏洞\n\n[挖洞分享|腾讯多个xss](https://www.sec-in.com/article/136)\n\n[Sec-IN社区安全测试——文章正文XSS](https://www.sec-in.com/article/261)\n\n\n### csp bypass\n\n[Content Security Policy 入门教程](https://jaq.alibaba.com/community/art/show?articleid=518)\n\n[CSP的今世与未来](https://segmentfault.com/a/1190000007193840)\n\n[CSP Level 3浅析\u0026简单的bypass](https://lorexxar.cn/2016/08/08/ccsp/)  \n\n### web缓存欺骗\n\n[技术解析 | Web缓存欺骗测试](http://www.freebuf.com/articles/web/161670.html)  \n\n### 安全运维\n\n[安全运维 | Perl oneline定位网站攻击源，通过iptables封禁](http://www.freebuf.com/articles/web/161790.html)\n\n[ 服务器安全篇【ssh安全】 ](http://blog.csdn.net/wy_97/article/details/79309645)\n\n[分享一个用于企业内部环境的SSH弱密码审计工具](http://www.freebuf.com/sectool/163343.html)\n\n[经验分享 | JavaScript反调试技巧](http://www.freebuf.com/articles/system/163579.html)\n\n[HTTPS 安全最佳实践（一）之SSL/TLS部署](https://xianzhi.aliyun.com/forum/topic/2116)\n\n[HTTPS 安全最佳实践（二）之安全加固](https://xianzhi.aliyun.com/forum/topic/2117)\n\n### 小程序安全\n\n[微信小程序的修炼五脉（降妖）](https://my.oschina.net/u/4587690/blog/4451593)\n\n[微信小程序的渗透五脉（访道篇）](https://my.oschina.net/u/4587690/blog/4451635)\n\n[微信小程序的修炼五脉（如意篇下）](https://my.oschina.net/u/4587690/blog/4451616)\n\n[微信小程序的修炼五脉（如意篇上）](https://my.oschina.net/u/4587690/blog/4451620)\n\n[微信小程序的渗透五脉（寻魔篇）](https://my.oschina.net/u/4587690/blog/4451638)\n\n[针对小程序的漏洞挖掘](https://www.sec-in.com/article/648)\n\n### 实战文章\n\n[全程带阻：记一次授权网络攻防演练（下）](https://www.freebuf.com/vuls/211847.html)\n\n[全程带阻：记一次授权网络攻防演练（上）](https://www.freebuf.com/vuls/211842.html)\n\n### XXE\n\n[XXE“葵花宝典”](https://www.sec-in.com/article/732)\n\n\n### 其他\n\n[任意用户密码重置（一）：重置凭证泄漏](http://www.freebuf.com/articles/web/160883.html)\n\n[任意用户密码重置（二）：重置凭证接收端可篡改](http://www.freebuf.com/articles/database/161495.html)   \n\n[任意用户密码重置（三）：用户混淆](http://www.freebuf.com/articles/web/162152.html)  \n\n[任意用户密码重置（四）：重置凭证未校验](http://www.freebuf.com/articles/web/164090.html)\n\n[奇技淫巧 | 读DEDECMS找后台目录有感](https://bbs.ichunqiu.com/thread-34852-1-1.html)\n\n[代码分享：使用Python和Tesseract来识别图形验证码](http://www.freebuf.com/sectool/163621.html)\n\n[Hack With Rewrite](https://xianzhi.aliyun.com/forum/topic/2126)\n\n[危险的target —— 另一种攻击方式](https://xianzhi.aliyun.com/forum/topic/2123)\n\n[Linux下任意文件下载获取web目录的几个tips](https://www.sec-in.com/article/537)\n\n[利用WebSocket接口中转注入渗透实战](https://mp.weixin.qq.com/s/d6AhbonbMIaVpoZ3XGL-1g)\n\n## 安全开发\n\n### 扫描器开发\n\n[如何写一个你自己的Web集群式渗透系统](http://www.freebuf.com/articles/web/161845.html)\n\n### waf开发\n\n[WAF开发之Cookie安全防护](http://www.freebuf.com/articles/web/164232.html)  \n\n### burpsuite插件开发\n\n[开发“属于你自己”的Burp Suite插件](https://bbs.ichunqiu.com/thread-35852-1-1.html)\n\n[基于BurpSuit插件打造渗透测试自动化之路](https://www.freebuf.com/sectool/243617.html)\n\n## 渗透提权\n\n### payload免杀\n\n[Winpayloads：不可检测的Windows Payload生成工具](http://www.freebuf.com/sectool/163013.html)\n\n[经验分享 | 一句话免杀编写思路](http://www.freebuf.com/articles/system/164076.html)\n\n### 内网穿透\n\n[基于MetaSploit内网穿透渗透测试](http://www.freebuf.com/news/163943.html)\n\n### msf提权\n\n[Meterpreter综合提权](https://bbs.ichunqiu.com/thread-17990-1-1.html?from=bbsrt1)\n\n[Metasploit实验：制作免杀payload+对任意“外网”主机的远控](http://www.freebuf.com/sectool/136736.html)\n\n[Win提权思路，方法，工具（小总结）](https://bbs.ichunqiu.com/thread-34900-1-1.html)\n\n### 其他\n\n[windows粘滞键提权的尝试与思考 ](http://blog.csdn.net/wy_97/article/details/79279827)\n\n## 安卓安全\n\n### 工具折腾\n\n[利用Frida手动绕过Android-APP证书校验](https://blog.runninghacker.cn/2020/04/12/%E5%88%A9%E7%94%A8Frida%E6%89%8B%E5%8A%A8%E7%BB%95%E8%BF%87Android-APP%E8%AF%81%E4%B9%A6%E6%A0%A1%E9%AA%8C/)\n\n[Brida 不完全折腾手册](https://blog.runninghacker.cn/2020/03/31/Python3%E7%8E%AF%E5%A2%83%E4%B8%8B%E7%9A%84Brida%E6%8F%92%E4%BB%B6%E9%85%8D%E7%BD%AE/#%E9%80%82%E9%85%8DPython3)\n\n[泰阿移动安全测试专用环境模拟器(新版)](https://mp.weixin.qq.com/s?src=11\u0026timestamp=1628575179\u0026ver=3243\u0026signature=Hl0dTkIm*Cnk2yl-SsVGRAi-TWlaAHIB9zF3YJmKlZMYg42NxF429cAhwEs-lNeKhAYjxeMVXUrWymoCnl3IE-UAlHzxGlNrbxityKtGL4r3JyhcCSxSwnz45CgAjDWM\u0026new=1)\n\n[frida获得阿里系APP签名函数地址及调用](https://www.52pojie.cn/thread-1491319-1-1.html)\n\n[Frida Android hook](https://eternalsakura13.com/2020/07/04/frida/)\n\n[太干了，Android 抓包姿势总结！](https://mp.weixin.qq.com/s/EB0MAJQs1CIEUHezmTFxtg)\n\n[APP渗透指南分享](https://mp.weixin.qq.com/s/Smg-ob5fj_cbbgVXQKHphA)\n\n### 签名破解\n\n[Tech：美团iOS逆向工程分析](https://chenqi.app/Meituan-iOS-Reverse-Engineering/)\n\n[某pinhui OAuth api_sign 分析](https://blog.csdn.net/qq_40000081/article/details/117953650)\n\n[某生鲜电商sign签名算法分析](https://www.52pojie.cn/thread-1476924-1-1.html)\n\n## ios安全\n\n[iOS视频广告游戏跳过](https://www.52pojie.cn/thread-1473224-1-1.html)\n\n[ios 手把手教你运行第一个逆向工程](https://www.52pojie.cn/thread-1491238-1-1.html)\n\n\n## 游戏安全\n\n### 漏洞挖掘\n\n[陌陌2019年度个人第一，讲解游戏的逻辑漏洞](https://mp.weixin.qq.com/s/6QYQ4z4T6SI8N88kf-DYwA)\n\n[再来!月神带你挖游戏的内存漏洞](https://mp.weixin.qq.com/s/CvzfpfS1Bg6DLY1k1_uNsA)\n\n\n### 实战文章\n\n[【开罗游戏】闪耀滑雪场物语 去广告+修改金币+修改代币 下载+教程](https://www.52pojie.cn/forum.php?mod=viewthread\u0026tid=1476518\u0026extra=page%3D1%26filter%3Dauthor%26orderby%3Ddateline%26typeid%3D236)\n\n\n\n## 客户端安全\n\n[DLL劫持原理学习](https://mp.weixin.qq.com/s/Qd6p6cQu1lOSMq7W-_qdnQ)\n\n## 应急响应\n\n[说说Windows安全应急响应](https://www.freebuf.com/articles/es/210315.html)","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsp4rkw%2FCyberspace_Security_Learning","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fsp4rkw%2FCyberspace_Security_Learning","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsp4rkw%2FCyberspace_Security_Learning/lists"}