-
Notifications
You must be signed in to change notification settings - Fork 0
/
atom.xml
473 lines (251 loc) · 18.3 KB
/
atom.xml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
<?xml version="1.0" encoding="utf-8"?>
<feed xmlns="http://www.w3.org/2005/Atom">
<title>Hanyin's Space</title>
<icon>https://mundi-xu.github.io/icon.png</icon>
<subtitle>Be wise and fool.</subtitle>
<link href="https://mundi-xu.github.io/atom.xml" rel="self"/>
<link href="https://mundi-xu.github.io/"/>
<updated>2024-12-19T04:05:21.000Z</updated>
<id>https://mundi-xu.github.io/</id>
<author>
<name>寒雨</name>
</author>
<generator uri="https://hexo.io/">Hexo</generator>
<entry>
<title>AI安全风险洞察:2024</title>
<link href="https://mundi-xu.github.io/2024/12/18/AI-Insights-2024/"/>
<id>https://mundi-xu.github.io/2024/12/18/AI-Insights-2024/</id>
<published>2024-12-18T04:05:21.000Z</published>
<updated>2024-12-19T04:05:21.000Z</updated>
<summary type="html">随着人工智能在各行业中的广泛应用,AI安全面临的风险和挑战愈加复杂,从数据隐私泄露到模型滥用、对抗性攻击等问题不断涌现。确保AI系统的安全性不仅关乎技术的持续创新,还直接影响到用户的信任和社会的稳定。针对这些问题,需在模型行为、数据保护、供应链安全等多个方面实施综合控制策略,以保障AI系统在实际应用中的可靠性和安全性。</summary>
<category term="Security" scheme="https://mundi-xu.github.io/tags/Security/"/>
<category term="AI" scheme="https://mundi-xu.github.io/tags/AI/"/>
<category term="LLM" scheme="https://mundi-xu.github.io/tags/LLM/"/>
</entry>
<entry>
<title>雅思学习笔记</title>
<link href="https://mundi-xu.github.io/2024/03/25/IELTS/"/>
<id>https://mundi-xu.github.io/2024/03/25/IELTS/</id>
<published>2024-03-25T09:21:30.000Z</published>
<updated>2024-12-18T15:32:04.831Z</updated>
<summary type="html">Salvation Lies within IELTS.</summary>
<category term="IELTS" scheme="https://mundi-xu.github.io/tags/IELTS/"/>
<category term="English" scheme="https://mundi-xu.github.io/tags/English/"/>
</entry>
<entry>
<title>CVE-2022-3901:利用DirtyCred进行容器逃逸</title>
<link href="https://mundi-xu.github.io/2023/08/03/CVE-2022-3901-Container-Escape-via-File-based-DirtyCred/"/>
<id>https://mundi-xu.github.io/2023/08/03/CVE-2022-3901-Container-Escape-via-File-based-DirtyCred/</id>
<published>2023-08-02T16:05:21.000Z</published>
<updated>2024-04-04T11:22:51.296Z</updated>
<summary type="html">本文详细探讨了Linux内核中的CVE-2022-3910漏洞以及DirtyCred技术在提权和容器逃逸场景中的应用。</summary>
<category term="DirtyCred" scheme="https://mundi-xu.github.io/tags/DirtyCred/"/>
<category term="Linux" scheme="https://mundi-xu.github.io/tags/Linux/"/>
<category term="Kernel" scheme="https://mundi-xu.github.io/tags/Kernel/"/>
<category term="CVE" scheme="https://mundi-xu.github.io/tags/CVE/"/>
</entry>
<entry>
<title>MindSpore风险剖析与测试指南</title>
<link href="https://mundi-xu.github.io/2023/07/26/Security-Risk-Analysis-of-Huawei-Mindspore/"/>
<id>https://mundi-xu.github.io/2023/07/26/Security-Risk-Analysis-of-Huawei-Mindspore/</id>
<published>2023-07-26T14:05:21.000Z</published>
<updated>2023-10-07T13:55:19.676Z</updated>
<summary type="html">MindSpore是面向“端-边-云”全场景设计的AI框架,旨在弥合AI算法研究与生产部署之间的鸿沟。本文介绍了如何利用模糊测试技术对AI框架进行安全测试。</summary>
<category term="Security" scheme="https://mundi-xu.github.io/tags/Security/"/>
<category term="AI" scheme="https://mundi-xu.github.io/tags/AI/"/>
<category term="Fuzzing" scheme="https://mundi-xu.github.io/tags/Fuzzing/"/>
<category term="模糊测试" scheme="https://mundi-xu.github.io/tags/%E6%A8%A1%E7%B3%8A%E6%B5%8B%E8%AF%95/"/>
<category term="MindSpore" scheme="https://mundi-xu.github.io/tags/MindSpore/"/>
</entry>
<entry>
<title>DirtyCred与CVE-2021-4154漏洞分析</title>
<link href="https://mundi-xu.github.io/2022/10/08/DirtyCred/"/>
<id>https://mundi-xu.github.io/2022/10/08/DirtyCred/</id>
<published>2022-10-07T16:05:21.000Z</published>
<updated>2024-12-18T17:23:00.872Z</updated>
<summary type="html">DirtyCred通过利用堆破坏内核漏洞交换进程或文件的凭据,绕过多种内核保护机制,实现越权执行和写入操作,并通过精确控制时间窗口和结合内核特性,确保漏洞利用的稳定性和高效性。</summary>
<category term="DirtyCred" scheme="https://mundi-xu.github.io/tags/DirtyCred/"/>
<category term="Linux" scheme="https://mundi-xu.github.io/tags/Linux/"/>
<category term="Kernel" scheme="https://mundi-xu.github.io/tags/Kernel/"/>
<category term="CVE" scheme="https://mundi-xu.github.io/tags/CVE/"/>
</entry>
<entry>
<title>Architectural Support for System Security</title>
<link href="https://mundi-xu.github.io/2021/11/30/Architectural-Support-for-System-Security/"/>
<id>https://mundi-xu.github.io/2021/11/30/Architectural-Support-for-System-Security/</id>
<published>2021-11-30T14:57:21.000Z</published>
<updated>2022-05-23T08:11:06.209Z</updated>
<summary type="html">Hardware Features, Usage and Scenarios.</summary>
<category term="Hardware" scheme="https://mundi-xu.github.io/tags/Hardware/"/>
<category term="Security" scheme="https://mundi-xu.github.io/tags/Security/"/>
</entry>
<entry>
<title>【转载】为什么机器学习解决网络安全问题总是失败</title>
<link href="https://mundi-xu.github.io/2021/11/29/why-ml-fails-security/"/>
<id>https://mundi-xu.github.io/2021/11/29/why-ml-fails-security/</id>
<published>2021-11-29T07:30:58.000Z</published>
<updated>2022-05-29T10:59:34.177Z</updated>
<summary type="html">近年来网络安全从业者纷纷神往机器学习的魔力,大家都想在此寻求一发银弹。不过作者在安全业界没有看到太多如虎添翼的机器学习案例,为什么机器学习解决网络安全问题总是失败呢?</summary>
<category term="Security" scheme="https://mundi-xu.github.io/tags/Security/"/>
<category term="机器学习" scheme="https://mundi-xu.github.io/tags/%E6%9C%BA%E5%99%A8%E5%AD%A6%E4%B9%A0/"/>
<category term="网络安全" scheme="https://mundi-xu.github.io/tags/%E7%BD%91%E7%BB%9C%E5%AE%89%E5%85%A8/"/>
</entry>
<entry>
<title>APICraft:Fuzz Driver Generation for Closed-source SDK Libraries</title>
<link href="https://mundi-xu.github.io/2021/11/28/APICraft-Fuzz-Driver-Generation-for-Closed-source-SDK-Libraries/"/>
<id>https://mundi-xu.github.io/2021/11/28/APICraft-Fuzz-Driver-Generation-for-Closed-source-SDK-Libraries/</id>
<published>2021-11-28T06:05:31.000Z</published>
<updated>2022-11-28T06:05:31.000Z</updated>
<summary type="html">本文提出了一种自动化方法来生成高质量的fuzz driver,以提升闭源SDK在fuzzing过程中的覆盖率和漏洞触发率。</summary>
<category term="Security" scheme="https://mundi-xu.github.io/tags/Security/"/>
<category term="Fuzzing" scheme="https://mundi-xu.github.io/tags/Fuzzing/"/>
<category term="模糊测试" scheme="https://mundi-xu.github.io/tags/%E6%A8%A1%E7%B3%8A%E6%B5%8B%E8%AF%95/"/>
</entry>
<entry>
<title>常见漏洞缓解措施</title>
<link href="https://mundi-xu.github.io/2021/11/26/Common-vulnerabilities-mitigation-measures/"/>
<id>https://mundi-xu.github.io/2021/11/26/Common-vulnerabilities-mitigation-measures/</id>
<published>2021-11-26T13:05:21.000Z</published>
<updated>2021-11-30T15:06:01.651Z</updated>
<summary type="html">简单整理Windows和Linux下的常见防护机制。</summary>
<category term="Security" scheme="https://mundi-xu.github.io/tags/Security/"/>
<category term="Linux" scheme="https://mundi-xu.github.io/tags/Linux/"/>
<category term="Windows" scheme="https://mundi-xu.github.io/tags/Windows/"/>
</entry>
<entry>
<title>Chrome V8基础(三)</title>
<link href="https://mundi-xu.github.io/2021/08/15/Basics-of-Chrome-V8-3/"/>
<id>https://mundi-xu.github.io/2021/08/15/Basics-of-Chrome-V8-3/</id>
<published>2021-08-15T12:05:21.000Z</published>
<updated>2021-12-30T08:43:00.942Z</updated>
<summary type="html">本节介绍了Chrome V8的一些基本数据类型和异常处理,其API均能在文档中找到。</summary>
<category term="Chromium" scheme="https://mundi-xu.github.io/tags/Chromium/"/>
<category term="Chrome" scheme="https://mundi-xu.github.io/tags/Chrome/"/>
<category term="V8" scheme="https://mundi-xu.github.io/tags/V8/"/>
<category term="JavaScript" scheme="https://mundi-xu.github.io/tags/JavaScript/"/>
</entry>
<entry>
<title>Chrome V8基础(二)</title>
<link href="https://mundi-xu.github.io/2021/07/29/Basics-of-Chrome-V8-2/"/>
<id>https://mundi-xu.github.io/2021/07/29/Basics-of-Chrome-V8-2/</id>
<published>2021-07-29T12:05:21.000Z</published>
<updated>2021-11-29T07:58:43.556Z</updated>
<summary type="html">本系列文章笔者将简单介绍Chrome V8的整体模型与其主要概念和数据结构,希望能对读者理解浏览器安全相关产生帮助。</summary>
<category term="Chromium" scheme="https://mundi-xu.github.io/tags/Chromium/"/>
<category term="Chrome" scheme="https://mundi-xu.github.io/tags/Chrome/"/>
<category term="V8" scheme="https://mundi-xu.github.io/tags/V8/"/>
<category term="JavaScript" scheme="https://mundi-xu.github.io/tags/JavaScript/"/>
</entry>
<entry>
<title>Chrome V8基础(一)</title>
<link href="https://mundi-xu.github.io/2021/07/27/Basics-of-Chrome-V8-1/"/>
<id>https://mundi-xu.github.io/2021/07/27/Basics-of-Chrome-V8-1/</id>
<published>2021-07-27T12:05:21.000Z</published>
<updated>2021-12-30T08:43:02.569Z</updated>
<summary type="html">本系列文章笔者将简单介绍Chrome V8的整体模型与其主要概念和数据结构,本节主要为Chrome V8的一些基础知识,包括它的内存机制是怎样的,以及几个基础数据类型。</summary>
<category term="Chromium" scheme="https://mundi-xu.github.io/tags/Chromium/"/>
<category term="Chrome" scheme="https://mundi-xu.github.io/tags/Chrome/"/>
<category term="V8" scheme="https://mundi-xu.github.io/tags/V8/"/>
<category term="JavaScript" scheme="https://mundi-xu.github.io/tags/JavaScript/"/>
</entry>
<entry>
<title>【转载】攻防启示:Chromium 组件风险剖析与收敛</title>
<link href="https://mundi-xu.github.io/2021/07/15/Chromium-component-risk-analysis/"/>
<id>https://mundi-xu.github.io/2021/07/15/Chromium-component-risk-analysis/</id>
<published>2021-07-15T07:30:58.000Z</published>
<updated>2022-05-29T10:58:02.279Z</updated>
<summary type="html">基于对实战经历的复盘,本文将从Chromium架构及安全机制概况入手,剖析Chromium组件在多场景下给企业带来的安全风险并一探收敛方案。</summary>
<category term="Security" scheme="https://mundi-xu.github.io/tags/Security/"/>
<category term="Chromium" scheme="https://mundi-xu.github.io/tags/Chromium/"/>
<category term="Chrome" scheme="https://mundi-xu.github.io/tags/Chrome/"/>
<category term="V8" scheme="https://mundi-xu.github.io/tags/V8/"/>
<category term="JavaScript" scheme="https://mundi-xu.github.io/tags/JavaScript/"/>
</entry>
<entry>
<title>利用AFL fuzz PDFium</title>
<link href="https://mundi-xu.github.io/2021/07/03/Use-AFL-fuzz-pdfium/"/>
<id>https://mundi-xu.github.io/2021/07/03/Use-AFL-fuzz-pdfium/</id>
<published>2021-07-03T04:05:21.000Z</published>
<updated>2022-05-19T15:43:34.074Z</updated>
<summary type="html">简单介绍PDF渲染引擎PDFium及其组件的下载编译与如何利用AFL开始模糊测试。</summary>
<category term="Security" scheme="https://mundi-xu.github.io/tags/Security/"/>
<category term="Chromium" scheme="https://mundi-xu.github.io/tags/Chromium/"/>
<category term="Fuzzing" scheme="https://mundi-xu.github.io/tags/Fuzzing/"/>
<category term="模糊测试" scheme="https://mundi-xu.github.io/tags/%E6%A8%A1%E7%B3%8A%E6%B5%8B%E8%AF%95/"/>
<category term="AFL" scheme="https://mundi-xu.github.io/tags/AFL/"/>
<category term="PDFium" scheme="https://mundi-xu.github.io/tags/PDFium/"/>
</entry>
<entry>
<title>AFL++学习日志(一)开始Fuzz与crashes分析</title>
<link href="https://mundi-xu.github.io/2021/03/12/Start-Fuzzing-and-crashes-analysis/"/>
<id>https://mundi-xu.github.io/2021/03/12/Start-Fuzzing-and-crashes-analysis/</id>
<published>2021-03-12T08:53:57.000Z</published>
<updated>2022-05-29T08:48:43.831Z</updated>
<summary type="html">本文主要介绍如何使用AFL++快速开始Fuzz一个样例程序和对大量的Fuzzer-Generated Crashes进行分类以及部分工具的安装与使用</summary>
<category term="Security" scheme="https://mundi-xu.github.io/tags/Security/"/>
<category term="Fuzzing" scheme="https://mundi-xu.github.io/tags/Fuzzing/"/>
<category term="模糊测试" scheme="https://mundi-xu.github.io/tags/%E6%A8%A1%E7%B3%8A%E6%B5%8B%E8%AF%95/"/>
<category term="AFL++" scheme="https://mundi-xu.github.io/tags/AFL/"/>
</entry>
<entry>
<title>华为鲲鹏服务器下MySQL8的安装与远程连接配置</title>
<link href="https://mundi-xu.github.io/2021/03/10/MySQL8-under-Kunpeng/"/>
<id>https://mundi-xu.github.io/2021/03/10/MySQL8-under-Kunpeng/</id>
<published>2021-03-10T15:05:21.000Z</published>
<updated>2021-11-29T08:06:32.279Z</updated>
<summary type="html">在华为鲲鹏学生机Ubuntu 20.04.2 LTS (GNU/Linux 4.15.0-136-generic aarch64)上配置安装MySQL8</summary>
<category term="arm64" scheme="https://mundi-xu.github.io/tags/arm64/"/>
<category term="Ubuntu" scheme="https://mundi-xu.github.io/tags/Ubuntu/"/>
<category term="MySQL" scheme="https://mundi-xu.github.io/tags/MySQL/"/>
</entry>
<entry>
<title>利用IPy判断IP地址的合法性</title>
<link href="https://mundi-xu.github.io/2021/03/02/Use-IPy-to-determine-the-legitimacy-of-an-IP-address/"/>
<id>https://mundi-xu.github.io/2021/03/02/Use-IPy-to-determine-the-legitimacy-of-an-IP-address/</id>
<published>2021-03-02T15:00:11.000Z</published>
<updated>2022-05-29T10:56:24.773Z</updated>
<summary type="html">利用IPy模块的IP类处理常见格式的IP地址,附IP地址格式规范和IPy源码简析</summary>
<category term="IPy" scheme="https://mundi-xu.github.io/tags/IPy/"/>
<category term="python" scheme="https://mundi-xu.github.io/tags/python/"/>
<category term="lab" scheme="https://mundi-xu.github.io/tags/lab/"/>
<category term="ip" scheme="https://mundi-xu.github.io/tags/ip/"/>
</entry>
<entry>
<title>【转载】带你搞懂符号执行的前世今生与最近技术</title>
<link href="https://mundi-xu.github.io/2021/02/23/recent-technology-of-symbolic-execution/"/>
<id>https://mundi-xu.github.io/2021/02/23/recent-technology-of-symbolic-execution/</id>
<published>2021-02-23T07:30:00.000Z</published>
<updated>2022-05-29T10:58:53.858Z</updated>
<summary type="html">iddm带你读论文——SymQEMU:Compilation-based symbolic execution for binaries</summary>
<category term="Security" scheme="https://mundi-xu.github.io/tags/Security/"/>
<category term="符号执行" scheme="https://mundi-xu.github.io/tags/%E7%AC%A6%E5%8F%B7%E6%89%A7%E8%A1%8C/"/>
</entry>
<entry>
<title>计网学习笔记-Introduction</title>
<link href="https://mundi-xu.github.io/2021/01/17/Computer-Network-Introduction/"/>
<id>https://mundi-xu.github.io/2021/01/17/Computer-Network-Introduction/</id>
<published>2021-01-17T04:47:31.000Z</published>
<updated>2022-05-29T08:50:04.895Z</updated>
<summary type="html">计算机网络:自顶向下方法第8版第一章的学习笔记</summary>
<category term="Computer Networking" scheme="https://mundi-xu.github.io/tags/Computer-Networking/"/>
<category term="A Top-Down Approach" scheme="https://mundi-xu.github.io/tags/A-Top-Down-Approach/"/>
<category term="notes" scheme="https://mundi-xu.github.io/tags/notes/"/>
<category term="Introduction" scheme="https://mundi-xu.github.io/tags/Introduction/"/>
<category term="OSI Model" scheme="https://mundi-xu.github.io/tags/OSI-Model/"/>
<category term="TCP/IP Model" scheme="https://mundi-xu.github.io/tags/TCP-IP-Model/"/>
</entry>
<entry>
<title>WSL2下AFL的安装与测试</title>
<link href="https://mundi-xu.github.io/2021/01/09/Installation-and-testing-of-AFL-under-WSL2/"/>
<id>https://mundi-xu.github.io/2021/01/09/Installation-and-testing-of-AFL-under-WSL2/</id>
<published>2021-01-09T02:05:21.000Z</published>
<updated>2022-05-29T08:47:36.075Z</updated>
<summary type="html">WSL2下AFL的安装教程并利用Fuzzing技术对CVE-2009-0159进行了复现和原理分析。</summary>
<category term="Security" scheme="https://mundi-xu.github.io/tags/Security/"/>
<category term="Fuzzing" scheme="https://mundi-xu.github.io/tags/Fuzzing/"/>
<category term="模糊测试" scheme="https://mundi-xu.github.io/tags/%E6%A8%A1%E7%B3%8A%E6%B5%8B%E8%AF%95/"/>
<category term="CVE" scheme="https://mundi-xu.github.io/tags/CVE/"/>
<category term="AFL" scheme="https://mundi-xu.github.io/tags/AFL/"/>
<category term="ntp" scheme="https://mundi-xu.github.io/tags/ntp/"/>
</entry>
</feed>