Re @Alra3ees @brutelogic Thank you my great brother, I wish you a fast recovery and all the best in the world! 😀🙏🏾

Re @zcoincoin Thank you :)

Re @zcoincoin We'd love to understand more about your reasons for wanting to revert, would you be happy for us to get in contact directly? If so could...

Re @zcoincoin我们很想了解您希望恢复的原因，您是否愿意我们直接联系我们？如果可以的话...

Re @paupaulaz Hi, currently you cannot add comments to Repeater, although you can rename the Repeater tabs to something more meaningful. We will discu...

xor dll bypass av

Hello everyone I hope you’re good,safe and healthy. I’m trying to recover from the surgery and get my power again to share the knowledge. I just sig...

大家好，我希望您身体健康，安全。我正试图从手术中恢复过来，并再次获得分享知识的力量。我只是...

Today is my #birthday! 🥳🎉

Re @jprichardson Loved it! <3

Re @sulaimanzai Thanks for flagging this. Did you use the Live Capture or do a Manual Load of the tokens? Which version did you use that didn't displa...

Re @thegarliccheese Thanks. We are back up now! :)

回复@thegarliccheese谢谢。我们现在备份了！ :)

Re @bugch3ck Can you provide more detail on this, please?

Gping - Ping, But With A Graph

Gping-Ping，但带有图形

Can you believe 123456 is still the most common password in 2020?! 🤦‍♂️ This is just one of the noteworthy news we came across this week. Check ...

Re @dewcode91 Whoohoo!

Re @WilliamSerizao Awesome! 😎

Re @ldionmarcil @irsdl @Agarri_FR Would you prefer to see the original and modified requests on different tabs or have a different one displayed by de...

Re @0xw2w  3) Can you remember which version of Burp you used to create the project fie originally? Is this happening with all project files or just t...

Re @0xw2w  2) In Proxy Options -> Intercept Client Requests you can create rules to intercept requests based on the domain, you can set these to match...

回复@ 0xw2w 2）在“代理选项”->“拦截客户端请求”中，您可以创建规则以基于域拦截请求，可以将其设置为匹配...

Re @0xw2w Hi, I'll split this into 3 parts, I don't think I'll fit it all in one! 1) You can delete an issue from the Issues list in the Target -> Sit...

Bulwark - An Organizational Asset And Vulnerability Management Tool, With Jira Integration, Designed For Generating Application Security Reports

1967 年，《中华日报》买下了美国《大力水手》漫画的连载权。原定由《中华日报》妇女版主编倪明华负责翻译。但倪明华工作比较忙，就让丈夫郭衣洞帮忙。郭衣洞，就是那个笔名叫柏杨的人。1968 年 1 月 2 日这天连载内容是 Popeye 父子流落到一个海岛的故事。父子俩在岛上不但一点不发愁，还搞起了总统 ...全文

《子不语》里有个“一目五先生”的故事。说有五个鬼，其中四个瞎，一个独眼。所以五个鬼只能一起行动，四个瞎鬼都听独眼鬼的号令。读到这里我就想起“五眼联盟”了……其实五眼联盟也是独眼联盟。

Existing Code Reuse

现有代码重用

Re @regala_ If you edit any of the User options within the UI, the configuration should be saved in that file if you quit Burp gracefully. Is this not...

Proud of our founder and CEO @StijnJans! He won a prestigious award without hacking the election. 😁 Congratulations, Stijn! 👏👏

招聘进行时 | 只要有能力，靠谱的高薪职位随你来pick！！招聘进行时 | 只要有能力，靠谱的高薪职位随你来pick！！

#2020 KCTF秋季赛# [让我看看]今天又是哪个战队拔得头筹了？#2020 KCTF秋季赛# [让我看看]今天又是哪个战队拔得头筹了？第二题《异常信号》仍在火热进行中！截止目前，仅有3支战队攻击成功！其中，崇文路大专战队耗时近13小时（47152s），拔得头筹，以240分稳居首位。其他战队也奋力追赶，现在TLJ战队和dotsu_战队也相继破解成功。

苹果生态不再安全？M1芯片首爆高危漏洞！苹果生态不再安全？M1芯片首爆高危漏洞！

没错，华为开始对Android下手了！没错，华为开始对Android下手了！

《探索先进自动化漏洞挖掘技术中的不足》作者：此彼@蚂蚁安全实验室网页链接近日，蚂蚁安全天穹实验室安全专家吴潍浠在国际安全会议Hack In The Box Singapore上分享了议题《探索先进自动化漏洞挖掘技术中的不足》。议题通过几个具有特殊逻辑的演示代码……

RT Fiendish Dr. Noid, API-T (🎃👻But Spooky👻🎃): My little brother lives down in Mexico. He just sent me this. It's apparently on the wall of...

怒其不争，哀其不幸，学弟为什么要和解？

Re @regala_ Yes. If you edit the UserConfigPro/Community.json file in your home directory > .BurpSuite

M1的成功才是大型科技公司应当做的，而不是国内这些所谓的新兴“科技”巨头花式割韭菜，卖假货，病毒营销，“金融创新”，玷污了科技两个字

这事你们知道吗？这种能起诉那个女的吗？

#CobaltStrike Online notification robot（Markdown）

#CobaltStrike在线通知机器人（Markdown）

A beautiful landscape payload by @zozuar  q=c.width=99;for(var m=30,a,j,k,i;m--;)for(n=1-m/30,i=q;i--;x.fillRect(i,a*(29-m)/2,1,q,x.fillStyle=`hsl(200...

@zozuar一个美丽的风景有效载荷q = c.width = 99; for（var m = 30，a，j，k，i; m-;）for（n = 1-m / 30，i = q; i -; x.fillRect（i，a *（29-m）/2,1,q,x.fillStyle=`hsl（200 ...

一个道理：微博正文

顶级学府，搞出这么大舆论风波，能不想着赶紧息事宁人吗？能不找当事人“谈心”吗？刚进校门，卷入这么大舆论风波，学校找你“谈心”，你心里再不愿意，能不“谅解”吗？必须息事宁人，必须谅解。所以这个本质上和“保研路”是一回事。

马志明有一回想请马三立教教自己。马三立说：“自己奔去。”奔，念第四声，拨摁奔。自己奔去。

国内经常把“Liberal”翻译为“自由派”，所以导致了一些误会。家门口立块牌子写“Freedom is not free”的多半是红脖。

写稿子能做到“说人话”三个字，就起码超过百分之九十的同行了 微博正文

没有明确交付时间和验收指标的任务，大家千万别去做它。对方可能没给，不代表你可以没有，你必须给出你认知的时间点和指标，不然怎么做怎么错。比如你认为花一个月，对方认为是两天，你认为交付100个，对方认为交付是200个。你千万别等“做完了”才去确认，必死无疑，再委屈也没用，你应该先喊罢工。

大灰狼和小白兔cp

《勒索软件 Ranzy：ThunderX 升级加密的变体》译者：知道创宇404实验室翻译组网页链接Ranzy勒索软件出现在今年9月/10月，似乎是ThunderX和Ako勒索软件的变体。Ranzy有一些关键的更新，包括加密的调整，过滤的方法，以及使用公开的“leak blog”为那些不遵守赎金要求的人发布受害者数据 ...全文

File Upload XSS

#defcon #ThrowbackThursday #defcon27 #hypnotoad

#defcon #ThrowbackThursday＃defcon27 #hypnotoad

RT Alex Chapman: Have a read of my new blog post on escaping privileged Docker containers. This builds on the cgroups `release_agent` technique publis...

MacC2 - Mac Command And Control That Uses Internal API Calls Instead Of Command Line Utilities

Doctrack - Tool To Manipulate And Insert Tracking Pixels Into Office Open XML Documents (Word, Excel)

Doctrack-用于将跟踪像素插入Office Open XML文档（Word，Excel）的工具