File tree Expand file tree Collapse file tree 2 files changed +18
-2
lines changed
Expand file tree Collapse file tree 2 files changed +18
-2
lines changed Original file line number Diff line number Diff line change @@ -111,6 +111,8 @@ https://xianzhi.aliyun.com/forum/read/274.html
111111
112112[ 新型任意文件读取漏洞的研究] ( https://www.leavesongs.com/PENETRATION/arbitrary-files-read-via-static-requests.html )
113113
114+ [ django的一些安全问题答案] ( https://www.kevinlondon.com/2015/10/16/answers-to-django-security-questions.html )
115+
114116
115117
116118### package钓鱼
@@ -145,20 +147,32 @@ https://www.pytosquatting.org/
145147
146148
147149
148- ** SQLI**
150+ ### SQLI
149151
150152[ 讨论PythonWeb开发中可能会遇到的安全问题之SQL注入] ( http://blog.neargle.com/2016/07/22/pythonweb-framework-dev-vulnerable/ )
151153
152154
153155
154- ** SSTI模版注入**
156+ ### SSTI模版注入
155157
156158[ Python Security Auditing (II): SSTI] ( https://www.cdxy.me/?p=738 )
157159
158160[ exploring-ssti-in-flask-jinja2] ( https://nvisium.com/blog/2016/03/09/exploring-ssti-in-flask-jinja2/ )
159161
160162[ exploring-ssti-in-flask-jinja2-part-ii] ( https://nvisium.com/blog/2016/03/11/exploring-ssti-in-flask-jinja2-part-ii/ )
161163
164+
165+
166+ ### python webshell
167+
168+ https://github.com/evilcos/python-webshell
169+
170+
171+
172+ ### paper
173+
174+ Python_Hack_知道创宇_北北(孙博).pdf
175+
162176### 其他
163177
164178[ 如何判断目标站点是否为Django开发] ( https://www.leavesongs.com/PENETRATION/detect-django.html )
@@ -181,6 +195,8 @@ https://www.pytosquatting.org/
181195
182196[ 【技术分享】python web 安全总结] ( http://bobao.360.cn/learning/detail/4522.html )
183197
198+
199+
184200### 安全工具
185201
186202[ python正向连接后门] ( https://www.leavesongs.com/PYTHON/python-shell-backdoor.html )
You can’t perform that action at this time.
0 commit comments