从 0 开始搭建 Agent
基于 Google AI Studio / Gemini API 的猫娘天气查询系统
ZoodPay WooCommerce 插件退款回调链路分析:公开入口、失效验签与未参数化 SQL
在审计 zoodpay 插件时,我关注到一条完整的风险链:
CVE-2026-3657 My Sticky Bar <= 2.8.6 - Unauthenticated SQL Injection
My Sticky Bar Plugin <= 2.8.6
PortSwigger Cross-site request forgery (CSRF)
CSRFLab: CSRF vulnerability...
she11f 的 2025 年终总结
PortSwigger NoSQL injection
Lab: Detecting NoSQL inject...
PortSwigger JWT attacks
JWT attacksLab: JWT authent...
PortSwigger Api Testing
Api Testing Lab: Exploiting...
PortSwigger XXE
XML external entityLab: Exp...
PortSwigger SSRF
SSRFLab: Basic SSRF against...