昨天的"symchk.exe /r /q  C:\Windows\System32"下了5.26GB的符号文件，确实有点疯狂。

//@RanchoIce: 王旭明，北京人，回族 //@胡宇光zk: 操，太他妈的讽刺了//@一玶海岸: 又是他？这厮还曾经建议过高考取消英语呢，真国贼一名

Bypassing Javascript Overrides

Re @MabbsSec Hi Andrew - we'd like to learn more about what you've found. We've sent you a DM.

回复@MabbsSec嗨，安德鲁-我们想进一步了解您所发现的内容。我们已向您发送了一份DM。

Go_Parser - Yet Another Golang Binary Parser For IDAPro

开发自己会用的工具和产品，长时间聚焦，剩者为王，自然而然就会有所突破，顺带把钱赚了。  👉 网页链接

Teler - Real-time HTTP Intrusion Detection

Re @Pwsecspirit I’ll check it out

Re @kaepora I know, and we can't engineer a decent CPU for love nor money.

It doesn't matter how good a company's CPU is, if they're still a shitty company.

如果一家公司的CPU仍然很糟糕，那么该公司的CPU的质量有多高都没关系。

RT Chuanda Ding: 🤪

Re @jeffreyshran I've not seen any other reports of this. Which OS are you seeing this on? If you can send us some screenshots or a screen recording t...

Re @knodesec You can do this with the Inspector. Type a space (or anything), select it, and change the char code in the inspector.

Re @knodesec可以使用检查器执行此操作。键入一个空格（或其他任何内容），选择它，然后在检查器中更改字符代码。

As of the latest release, Burp Suite Pro and Community Editions will automatically update to future versions in the background. No more manual updates...

从最新版本开始，Burp Suite Pro和社区版将在后台自动更新为将来的版本。没有更多的手动更新...

Re @eur0pa_ We are aiming to start testing on this within a few weeks.

Re @ eur0pa_我们的目标是在几周内开始对此进行测试。

Re @eur0pa_ Unfortunately not!

Re @MabbsSec Hi Andrew - we'd like to learn more about what you've found. We'll DM you.

Re @hacksplained Thank you for the compliment, we feel honoured!

Avoiding XSS Detection

Never really been into podcast until I started listening to these:   Are there any other podcast similar to these two?

最近在听一部小说《我有一座恐怖屋》，也有类似的桥段//@安全北北://@慧文王GG: 尼玛……//@韩路:心里素质很强大了……没惊慌跑掉，吓死了。

Re @eur0pa_ Are you asking if Burp has been tested on a device with an M1 chip?

回复@ eur0pa_您是否在问Burp是否在带有M1芯片的设备上经过测试？

Wanna know what hackers are up to? Check out our new #BugBytes👇  Learn how @david_nechuta found a $31k SSRF in Google, why DNS is SAD, how @MrTuxra...

Re @HusseiN98D You know how to use that in multi reflection scenarios, right? 🙂

Re @LiveOverflow I'd like to have some aws credits, thanks.

回复@LiveOverflow我想获得一些AWS积分，谢谢。

renew

Re @torykuzzaman Could you drop us an email at support@portswigger.net with some more details, please?

FinalRecon v1.1.0 - The Last Web Recon Tool You'll Need

FinalRecon v1.1.0-您需要的最后一个Web侦查工具

OpenEDR - Open EDR Public Repository

OpenEDR-开放EDR公共存储库

Re @regala_ Filter options are saved as part of the project options. By using burp defaults to launch your project, you are telling it to use the defa...

Re @EugeneRojavski Already done! Nice work!

Re @EugeneRojavski the author of this nice find! 👍

Happy to announce that the sqlmap project has been sponsored by @SpyderSec

国内人力市场上大家都爱用阿里的职级作为一般等价物。招聘信息里全是类似“对标阿里 P7”这样的说法。不知道这是阿里 HR 刻意运作出来的，还是自然形成的。如果是运作出来的，筹划这事的人的眼光和远见就厉害了。

恭喜网友@DeadArm-H ，你被抽中了，你自己联系李诞要收货地址吧。当然我也不强求，你不送也可以

转此微博，抽个网友送李诞新书《候场》

Re @amr00t Thanks a lot for your feedback!

Re @regala_ You need to select 'Use options saved with project'. Can you give this a go and let us know how you get on?

Re @pxmme1337 Happy to have you as a participant, Pomme!

转发此微博，抽一个网友送李诞新书《候场》

满满干货的免费课程，你不来看看吗？网页链接

#2020 KCTF秋季赛# 仅用320秒夺得首旗！这支战队亮了！#2020 KCTF秋季赛# 仅用320秒夺得首旗！这支战队亮了！11月16日中午，枪声响起，百余支战队向签到题发起攻击。打打酱油 战队仅用 320 秒，便创下“第一”的战绩，成为首支夺旗成功的战队。其他战队也紧随其后，你追我赶。截止目前，签到题已有223支战队夺旗成功！本题将持续 ...全文

Windows内存篇Ⅱ x64内核内存布局的迁移演变Windows内存篇Ⅱ x64内核内存布局的迁移演变本文为看雪论精华文章看雪论坛作者ID：FaEry前言内存扫描一直都是比较根本的威胁检测手法，对于顽固型木马外挂而言，依赖于操作系统API相关的传统检测方式，模块扫描，窗口扫描，进程扫描以及文件扫描等都显得较为吃力，应用层而 ...全文

我曾经见过一个董事长，约好了人，到点了人来了。他也没有其他事处理，就坐在办公室喝着茶，说“不着急，让他等等”，一等就是40分钟，然后慢悠悠地走过去，“哎呀，最近事太多了，不好意思，让你久等了”。这种营造出来的“繁忙”和“排场”，我理解主要还是骨子里不自信吧。

还有名额！4大精彩议题和你分享！另外还有精美礼品等着你哦！报名直达链接：网页链接 报名成功后，请添加工作人员微信kanxuecom，备注线上沙龙，由工作人员拉你进群参与抽奖哦！

视频来了，一洞两吃：腾讯安全玄武实验室的微博视频

“冷静观察，稳住阵脚，沉着应付，有所作为。”

hz🐂🍺//@R3dF09:

我们一起学猫叫 一起喵喵喵喵喵 redrain_QAQ的微博视频

守时是一种很重要的品质，自律的人把时间卡的很精确，一来二去大家就形成了值得信赖的认知。相反还有两种情况是我见过比较不舒服的：一种是认为自己的时间很重要，其他人等我是应该的，这种是潜意识的给人做了等级划分；另一种是我并不在于时间差这么十几分钟，你也别太在乎，大家糊涂着过不挺好么。