腾讯云
开发者社区
文档
建议反馈
控制台
登录/注册
首页
学习
活动
专区
工具
TVP
腾讯云架构师技术同盟
文章/答案/技术大牛
搜索
搜索
关闭
发布
首页
学习
活动
专区
工具
TVP
腾讯云架构师技术同盟
返回腾讯云官网
debugeeker的专栏
专栏成员
举报
185
文章
138731
阅读量
31
订阅数
订阅专栏
申请加入专栏
全部文章(185)
其他(101)
linux(21)
python(17)
access(15)
网站(9)
数据加密服务(6)
security(6)
编程算法(5)
tcp/ip(5)
网络安全(4)
network(4)
http(3)
安全(3)
area(3)
this(3)
云镜(主机安全)(2)
对象存储(2)
ios(2)
c++(2)
数据库(2)
sql(2)
api(2)
unix(2)
开源(2)
kernel(2)
数据分析(2)
account(2)
backup(2)
controls(2)
data(2)
event(2)
hash(2)
it(2)
key(2)
report(2)
types(2)
自动驾驶(1)
c 语言(1)
node.js(1)
css(1)
html(1)
jquery(1)
单片机(1)
汇编语言(1)
nginx(1)
容器镜像服务(1)
人工智能(1)
容器(1)
缓存(1)
运维(1)
shell(1)
正则表达式(1)
cdn(1)
udp(1)
https(1)
实时监控(1)
小程序·云开发(1)
持续集成(1)
analysis(1)
assets(1)
audit(1)
backbone(1)
background(1)
base64(1)
behavior(1)
break(1)
categories(1)
coredump(1)
detect(1)
device(1)
dictionary(1)
documentation(1)
encryption(1)
environment(1)
ethernet(1)
hierarchy(1)
implementation(1)
include(1)
iso(1)
lan(1)
line(1)
lines(1)
list(1)
local(1)
message(1)
passwords(1)
private(1)
privileges(1)
process(1)
product(1)
resources(1)
response(1)
rotation(1)
rsync(1)
server(1)
signing(1)
standards(1)
testing(1)
time(1)
verification(1)
web(1)
版本管理(1)
部署(1)
反向代理(1)
工作(1)
系统(1)
搜索文章
搜索
搜索
关闭
越狱检测手段
ios
node.js
许多iOS应用都包含一些越狱检测机制,有些会被攻击者绕过,有些却非常困难。之前我也在公众号上放了一篇iOS有反检测能力的越狱工具shadow的分析和检测,但没有整理检测的方法。
血狼debugeeker
2021-12-06
1.5K
0
iOS有反检测能力的越狱工具shadow的分析和检测
ios
https
c++
网络安全
unix
在分析越狱工具shadow之前,所有越狱工具都是对进程进行注入挂钩来实现。注入从作用范围来看,分为两类:
血狼debugeeker
2021-09-10
2.2K
0
最后防线:三款开源HIDS功能对比评估
实时监控
开源
HIDS的功能主要是依靠agent的数据收集功能, 所以HIDS的功能对比,实际上是agent的功能对比。
血狼debugeeker
2021-09-10
1.6K
0
最后防线:三款开源HIDS应用对比评估
开源
Wazuh:一款免费、开源的企业级安全监控解决方案,用于威胁检测、完整性监控、事件响应和合规性。
血狼debugeeker
2021-09-10
1.3K
0
base64的天坑
base64
hash
我非常不相信,因为该对象ID生成有随机因素,而且它的校验也有hash判断,只要校验不通过,立马会拒绝。
血狼debugeeker
2021-09-10
467
0
CISSP考试指南笔记:8.3 软件开发模型
网站
The Waterfall methodology uses a linear-sequential life-cycle approach,Each phase must be completed in its entirety before the next phase can begin. At the end of each phase, a review takes place to make sure the project is on the correct path and should continue.
血狼debugeeker
2021-09-10
338
0
CISSP考试指南笔记:8.2 软件开发生命周期
网站
linux
There have been several software development life cycle (SDLC) models developed over the years, the crux of each model deals with the following phases:
血狼debugeeker
2021-09-10
349
0
CISSP考试指南笔记:8.1 创建好的代码
access
controls
security
this
types
Quality can be defined as fitness for purpose.
血狼debugeeker
2021-09-10
286
0
从特斯拉看自动驾驶与国家安全
自动驾驶
人工智能
四年前,我当时跟着“风辰”(刘文志)在商汤做自动驾驶。在那里呆了半年多,经过一些考虑,我还是决定做回信息安全,从而离开了商汤。
血狼debugeeker
2021-04-25
479
0
CISSP考试指南笔记:7.9 灾难恢复
linux
The recovery time objective (RTO) is the maximum time period within which a business process must be restored to a designated service level after a disaster to avoid unacceptable consequences associated with a break in business continuity.
血狼debugeeker
2021-03-23
450
0
CISSP考试指南笔记:7.8 调查
access
linux
When a potential computer crime takes place, it is critical that the investigation steps are carried out properly to ensure that the evidence will be admissible to the court if things go that far and that it can stand up under the cross-examination and scrutiny that will take place.
血狼debugeeker
2021-03-23
317
0
CISSP考试指南笔记:7.7 事故管理流程
event
list
report
response
security
There are many incident management models, but all share some basic characteristics. They all require that we identify the event, analyze it to determine the appropriate counteractions, correct the problem(s), and, finally, keep the event from happening again. (ISC)2 has broken out these four basic actions and prescribes seven phases in the incident management process: detect, respond, mitigate, report, recover, remediate, and learn.
血狼debugeeker
2021-03-23
551
0
最后防线:osquery功能与实现
api
开源HIDS osquery的主机监控功能和实现原理。 osquery代码链接:osquery osquery表结构:表结构 本文是在安装它之后,从osqueryi中的表再调研代码来获取它的实现 设备基线 ---- 对系统使用的设备建立基线,从而发现故障的设备,用于IDC机房。 不足之处:这些功能用于传统机房。对于云时代并不适用 功能 实现原理 acpi设备 读取/sys/firmware/acpi/tables目录 块设备 通过调用udev库API读取 设备信息(设备文件,指纹,分区
血狼debugeeker
2021-03-23
882
0
CISSP考试指南笔记:7.6 预防和检测
python
tcp/ip
网站
The steps of this generalized process are described here:
血狼debugeeker
2021-03-23
473
0
CISSP考试指南笔记:7.3 物理安全
linux
access
As any other defensive technique, physical security should be implemented by using a layered approach.
血狼debugeeker
2021-03-23
256
0
CISSP考试指南笔记:7.2 行政管理
access
network
rotation
security
Administrative management is a very important piece of operational security. One aspect of administrative management is dealing with personnel issues. This includes separation of duties and job rotation. The objective of separation of duties is to ensure that one person acting alone cannot compromise the company’s security in any way.
血狼debugeeker
2021-03-23
378
0
CISSP考试指南笔记:6.6 快速提示
audit
controls
network
security
testing
An audit is a systematic assessment of the security controls of an information system. Setting a clear set of goals is probably the most important step of planning a security audit. Internal audits benefit from the auditors’ familiarity with the sys
血狼debugeeker
2021-03-23
313
0
CISSP考试指南笔记:6.5 管理评审
iso
standards
time
A management review is a formal meeting of senior organizational leaders to determine whether the management systems are effectively accomplishing their goals.
血狼debugeeker
2021-03-23
291
0
CISSP考试指南笔记:6.4 报告
analysis
include
key
report
this
Only after analyzing the results can you provide insights and recommendations that will be valuable to senior decision-makers.
血狼debugeeker
2021-03-23
227
0
CISSP考试指南笔记:6.3 审计管理控制
account
it
privileges
verification
A preferred technique of attackers is to become “normal” privileged users of the systems they compromise as soon as possible. They can accomplish this in at least three ways: compromise an existing privileged account, create a new privileged account, or elevate the privileges of a regular user account.
血狼debugeeker
2021-03-23
391
0
点击加载更多
社区活动
Python精品学习库
代码在线跑,知识轻松学
立即查看
博客搬家 | 分享价值百万资源包
自行/邀约他人一键搬运博客,速成社区影响力并领取好礼
立即体验
技术创作特训营·精选知识专栏
往期视频·干货材料·成员作品 最新动态
立即查看
领券
问题归档
专栏文章
快讯文章归档
关键词归档
开发者手册归档
开发者手册 Section 归档
