- 博客(450)
- 资源 (69)
- 收藏
- 关注
RSS订阅原创 2023年必练网络攻防靶场!
上述为网络上推荐的靶场资源https://cn-sec.com/archives/1492344.html,其中标注为绿色的是本人全部做过的,更加推荐。
2024-01-25 10:04:20
385
原创 资源链接的备忘录
Win 镜像下载网站:TechBench by WZT (v4.1.1)IT eBooks - Free Download - New ReleasesFree Computer, Programming, Mathematics, Technical Books, Lecture Notes and TutorialsO'Reilly Media - Technology and Business TrainingFree Computer books Download | Online computer
2023-10-31 09:31:26
126
原创 Spark2.0+ElasticSearch开发用户画像实战笔记:(5)
ES mapping 设计思路及JavaBean实现标签ETL代码实现
2022-06-15 17:04:21
327
1
原创 Spark2.0+ElasticSearch开发用户画像实战笔记:(2)
大数据环境安装与测试内存8GB,4核CPU利用好批处理命令来管理整个集群集群启动:run.sh#!/bin/bashdocker-compose -f docker-compose.yml up -d namenode hive-metastore-postgresqldocker-compose -f docker-compose.yml up -d datanode hive-metastoredocker-compose -f docker-compose.yml up -d
2022-05-26 11:28:10
348
原创 DOCKER(7,docker-compose.yml常用指令):Docker高级应用课程学习过程和一些资源汇总
Docker Compose管理容器的结构Docker Compose将所管理的容器分为三层,分别是工程( project),服务(service)以及容器( container)。 Docker Compose运行目录下的所有文件( docker-compose.yml、 extends文件或环境变量文件等)组成一个工程(默认为 docker-compose.yml所在目录的目录名称)。一个工程可包含多个服务,每个服务中定义了容器运行的镜像、参数和依赖,一个服务可包括多个容器实例。image指
2022-05-21 10:24:27
461
原创 DOCKER(6,Docker Compose):Docker高级应用课程学习过程和一些资源汇总
Compose 是一个用于定义和运行多容器的Docker应用的工具。使用Compose,你可以在一个配置文件(yaml格式)中配置你应用的服务,然后使用一个命令,即可创建并启动配置中引用的所有服务。SourceURL:file:///Users/liuming/Downloads/技术视频/Docker高级应用课程/用docker compose编排微服务/PART2/用Docker Compose编排微服务.docxDocker Compose的安装 Compose的安装有多种方式,例如通过s
2022-04-21 21:44:34
629
原创 DOCKER(5,Docker私有仓库):Docker高级应用课程学习过程和一些资源汇总
Docker私有仓库 私有仓库搭建第一步:拉取私有仓库镜像 (私有仓库程序本身就是一个镜像)docker pull registry第二步:启动私有仓库容器docker run -di --name=myRegistry -p 5000:5000 registry第三步:测试http://192.168.1.112:5000/v2/_catalog看到这个 说明启动OK。因为仓库里还没有镜像,所以就是空的;第四步:etc/docker 修改daemon.json,让d...
2022-04-21 21:24:59
800
原创 DOCKER(4,DockerFile):Docker高级应用课程学习过程和一些资源汇总
DockerFile DockerFile简介Dockerfile是由一系列命令和参数构成的脚本,这些命令应用于操作系统(centos或者Ubuntu)基础镜像并最终创建的一个新镜像;Dockerfile,用脚本方式来构建自动化,可复用的,高效率的创建镜像方式,是企业级开发的首选方式;在软件系统开发生命周期中,采用Dockerfile来构建镜像;1、对于开发人员:可以为开发团队提供一个完全一致的开发环境;2、对于测试人员:可以直接拿开发时所构建的镜像或者通过Dockerfile文件构建一.
2022-04-19 21:37:32
1093
原创 DOCKER(3):Docker高级应用课程学习过程和一些资源汇总
Docker容器目录挂载语法:docker run -it -v /宿主机目录:/容器目录 镜像名 多目录挂载docker run -it -v /宿主机目录:/容器目录 -v /宿主机目录2:/容器目录2 镜像名注意:如果同步的是多级目录,可能会出现权限不足的提示;这是因为安全模块selinux把权限禁掉了,需要添加 --privileged=true 来解决挂载的目录没有权限的问题;挂载目录只读docker run -it -v /宿主机目录:/容器目录:ro 镜像..
2022-04-19 16:17:38
812
原创 DOCKER(2):Docker高级应用课程学习过程和一些资源汇总
查看Docker概要信息 docker info查看Docker版本信息 docker version常用的镜像和容器命令:1、查看 docker help 帮助docker help2、用法docker [选项] 命令3、选项 -- 客户端配置文件的配置字符串位置(默认为“/root/.docker”)-D, --启用调试模式-H, --要连接的主机列表守护进程套接字-l, --设置日志级别的字符串 (“调试”|“...
2022-04-19 12:35:33
106
原创 DOCKER(1):Docker高级应用课程学习过程和一些资源汇总
记录一下Docker高级应用课程学习过程和一些资源汇总我的不同是在Ubuntu上进行官网是最好的学习资源主要参考:Install Docker Engine on Ubuntu | Docker Documentation 来安装无意中发现一个连接工具 FinalShell 官方地址:http://www.hostbuf.com/Prerequisites(前提)OS requirementsTo install Docker Engine, you need the 64-b.
2022-04-19 11:22:00
680
原创 Spark2.0+ElasticSearch开发用户画像实战笔记:(1)
希望能够坚持到底用到了vagrant,用vagrantfile进行详细设置说明:docker-compose.ymlversion: '2' services: namenode: image: bde2020/hadoop-namenode:1.1.0-hadoop2.8-java8 container_name: namenode volumes: - ./data/namenode:/hadoop/dfs/name e..
2022-04-16 22:09:29
1992
原创 常去的免费英文图书网站汇总(欢迎留言更新)
O'Reilly Media - Technology and Business TrainingGain technology and business knowledge and hone your skills with learning resources created and curated by O'Reilly's experts: live online training, video, books, our platform has content from 200+ of the wo
2022-03-15 11:36:51
762
原创 Data.Analysis.with.Python.and.PySpark:4 Analyzing tabular data with pyspark.sql
创建SparkSession对象以开始使用PySparkfrom pyspark.sql import SparkSessionimport pyspark.sql.functions as Fspark = SparkSession.builder.getOrCreate()PySpark如何表示表格数据?my_grocery_list = [["Banana", 2, 1.74],["Apple", 4, 2.04],["Carrot", 1, 1.09],["Cake",
2022-03-11 09:40:52
2730
原创 Data.Analysis.with.Python.and.PySpark:PySpark的第一个程序(2):Submitting andscaling your firstPySpark prog
Grouping records: Counting word frequenciesCounting word frequencies using groupby() and count()groups = words_nonull.groupby(col("word"))print(groups)# <pyspark.sql.group.GroupedData at 0x10ed23da0>results = words_nonull.groupby(col("word"
2022-03-10 12:16:49
2434
原创 Data.Analysis.with.Python.and.PySpark:PySpark的第一个程序
命令行输入:pyspark设置pyspark 启动时所使用的python版本参考:Data.Analysis.with.Python.and.PySpark:准备_lm19770429的专栏-CSDN博客The book focuses on Spark version 3.2How PySpark worksUnder the hood, it looks more like what’s on the right: you have some workbenches that some worker
2022-03-09 11:30:46
2689
原创 Data.Analysis.with.Python.and.PySpark:准备
The book focuses on Spark version 3.2How PySpark worksUnder the hood, it looks more like what’s on the right: you have some workbenches that some workers are assigned to. The workbenches are like the computers in our Spark cluster: there is a fixed a
2022-03-08 16:50:36
693
原创 Bug.Bounty.Bootcamp:Chapter 13: Server-Side Request Forgery
SSRF vulnerabilities occur when an attacker finds a way to send requests as atrusted server in the target’s network.By forging requests from trusted servers, an attacker can pivot into anorganization’s internal network and conduct all kinds of malicio.
2022-03-02 09:05:00
4242
原创 Bug.Bounty.Bootcamp:Chapter 9: Cross-Site Request Forgery
前提是可以获取到cookie,建议FIREFOX中添加cookie edit、hackbar等插件。通常找到有状态改变的web应用入口点,通过伪造请求,改变目标网站内容。一般浏览器通过设置SameSite=Strict或者SameSite=laxWhen the SameSite flag on a cookie is set to Strict, the client’s browser won’t send the cookie during cross-site requests...
2022-03-01 17:02:08
182
原创 Black.Hat.Python.2nd.Edition.2021.4:Chapter 2: Basic Networking Tools
Replacing Netcat:绝对可以运行,还发现了原著2处代码错误,已经改正,目前仅实现了-e参数其他参数类似import socketimport threadingimport argparseimport subprocessimport sysimport textwrapimport shlexdef execute(cmd): cmd = cmd.strip() if not cmd: return output = sub
2022-02-27 18:03:42
722
原创 Bug.Bounty.Bootcamp:Chapter 6: Cross-Site Scripting
For instance, a script that sets the location of a web page will make thebrowser redirect to the location specified:<script>location="http://attacker.com";</script>
2022-02-23 16:25:48
3194
原创 Bug.Bounty.Bootcamp:(2)值得看的一本书
Chapter 5: Web Hacking Reconnaissance在Google Dorking,有关于google搜索方法的详细介绍。(有机会研究)Scope Discovery$ whois facebook.com$ nslookup facebook.comCertificate Parsing推荐地址crt.sh,在线查询https://crt.sh/?q=facebook.com&output=json....
2022-02-21 12:19:48
374
原创 Bug.Bounty.Bootcamp:(1)
Writing a Good Report Step 1: Craft a Descriptive Title Step 2: Provide a Clear Summary Step 3: Include a Severity Assessment Step 4: Give Clear Steps to Reproduce Step 5: Provide a Proof of Concept (it’s helpful to include a vi..
2022-02-20 15:08:43
383
原创 Practical.Linux.Forensics:EVIDENCE FROM STORAGE DEVICES AND FILESYSTEMS
存储布局和卷管理分析Common partition schemes include:DOS/MBR (original PC partition scheme) GPT BSD Sun (vtoc) APM (Apple Partition Map) None (the absence of a partition scheme where filesystems start at sector zero)
2022-02-20 00:06:24
577
原创 GO H*CK YOURSELF:新知识点的记录(3)
WEB HACKING练习靶场地址:https://nostarch.com/go-hck-yourself/https://nostarch.com/go-hck-yourself/
2022-02-17 19:40:45
326
原创 GO H*CK YOURSELF:新知识点的记录(2)
STEALING AND CRACKING PASSWORDS首先批量创建一些用户:C:\WINDOWS\system32> net user ana Password1 /addC:\WINDOWS\system32> net user ben P@$$w0rd! /addC:\WINDOWS\system32> net user carol CaptainMarvel /addC:\WINDOWS\system32> net user clark superman
2022-02-16 16:17:28
477
原创 GO H*CK YOURSELF:新知识点的记录(1)截至第6章
高级搜索技巧:For example, the operator ext: searches for specific file extensions, or the filename endings for different types of files. Examples include docx for Microsoft Word documents, txt for plaintext, pdf for PDF files, xlsx for Microsoft Excel spreadsh
2022-02-13 15:34:47
1647
原创 Vulnhub之Web-Machine-N7
靶机下载地址:Web Machine: (N7) ~ VulnHubWeb Machine: (N7), made by Duty Mastr. Download & walkthrough links are available.https://www.vulnhub.com/entry/web-machine-n7,756/Difficulty: Medium常规做法:arp-scan -I eth0 -l :本地局域网IP地址扫描,个人感觉比nmap -sn 快nmap -A
2022-02-12 17:03:53
3940
原创 树莓派4B安装64位kali绝对可行完全方案
官方文档参考:Kali On ARMhttps://www.kali.org/docs/arm/Raspberry Pi 4 | Kali Linux Documentationhttps://www.kali.org/docs/arm/raspberry-pi-4/
2022-01-30 23:27:01
4855
原创 vulnhub Earth:解题思路
靶场下载地址:The Planets: Earth ~ VulnHubThe Planets: Earth, made by SirFlash. Download & walkthrough links are available.https://www.vulnhub.com/entry/the-planets-earth,755/#downloadEarth is an easy box though you will likely find it more challenging t
2022-01-28 11:44:01
3098
原创 Ethical.Hacking.2021.10:PHISHING AND DEEPFAKES(2)
接:Ethical.Hacking.2021.10:PHISHING AND DEEPFAKES_lm19770429的专栏-CSDN博客Performing a DNS Lookup of a Mail Serverexam:dig mx gmail.coman SMTP server that accepts a connection on port 25.Use netcat on the Kali Linux virtual machine to connect to port 25 on th
2022-01-24 16:41:22
1251
原创 Ethical.Hacking.2021.10:BUILDING AND INSTALLING LINUX ROOTKITS
备份Kali写kernel module codeThat’s because the Linux kernel iswritten in C, so kernel modules must also be written in C. Secondly,we won’t be able to use the standard C libraries (such as unistd, stdio,and stdlib), because user space libraries are not.
2021-12-26 12:27:42
358
原创 Ethical.Hacking.2021.10:BUILDING TROJANS(2)
Creating a Windows TrojanWe’ll cover two methodsof hiding your implant: in a fun, open source implementation of the game Minesweeperby Humaeed Ahmed, and in a document using the Social Engineering Toolkit (more onthis in a moment).I’ve forked Ahme...
2021-12-26 11:07:39
3009
原创 Ethical.Hacking.2021.10:BUILDING TROJANS
回顾:metasploitframe 反射过程msfvenom生成代码命令Hiding an Implant in a Legitimate File
2021-12-24 12:13:41
2127
原创 Black.Hat.Python.2nd.Edition.2021.4:Setting Up Python 3
sudo apt-get upgrade python3sudo apt-get install python3-venvmkdir bhpcd bhppython3 -m venv venv3source venv3/bin/activate
2021-12-21 10:02:44
531
原创 Ethical.Hacking.2021.10:STEALING AND CRACKING PASSWORDS
Understanding HTTP RequestsUsing SQLMap与书中不一致,--sqlmap-shell已经不用了,改为--shell了,如下:sudo sqlmap -u "http://192.168.1.102/mutillidae/index.php?page=user-info.php&username=&password=&" --shell注意-u 后面的url要用“”括起来...
2021-12-20 15:16:41
370
原创 Ethical.Hacking.2021.10:FUZZING FOR ZERO-DAY VULNERABILITIES
This type of attack iscalled a buffer over-read, as we can read beyond the bounds of thedesignated memory buffer. Similarly, in a buffer overflow attack, ahacker uses a bug to write beyond the bounds of a designatedbuffer. Hackers often use buffer o...
2021-12-14 17:19:26
325
原创 Ethical.Hacking.2021.10:SCANNING TARGETS
For example, the National Telecommunicationsand Information Administration (NTIA) requires all .us domains topublish their contact information.kali@kali:~$ whois zoom.usMaltegoMaltego allows hackers and security researchers to discoverconnection...
2021-12-14 14:58:54
2934
Spark2.0+ElasticSearch开发用户画像实战笔记对应的代码、数据、脚本
2022-06-15
基于DOCKER的大数据环境脚本
2022-05-26
DockerFile构建自定义Tomcat的需要的JDK和TOMCAT归档
2022-04-21
解压缩vox-adv-cpk.pth.tar.zip
2021-12-14
first-order-model-master.zip
2021-12-14
13天学习机器学习课件,有学习笔记帖子
2021-08-14
rename_batch.zip
2021-02-26
rename_batch.ipynb
2021-02-26
05.【项目素材】数据分析项目.7z
2020-06-06
python办公自动化项目素材包1-5课 .zip
2020-06-06
树莓派安装辅助软件(windows).7z
2020-05-30
空空如也
TA创建的收藏夹 TA关注的收藏夹
TA关注的人