今日重点:
1.又一家做侦查的产品,试用一下
2.Blackrota, a heavily obfuscated backdoor written in Go 360出品
https://blog.netlab.360.com/blackrota-an-obfuscated-backdoor-written-in-go-en/
漏洞挖掘资料
1.How Can Someone Can Hack Your Phone Without Touching It?
https://latesthackingnews.com/2020/11/23/how-can-someone-can-hack-your-phone-without-touching-it/
2.Xerror – Fully Automated Pentesting Tool
3.param-miner: burp插件
https://github.com/PortSwigger/param-miner
4.Finding DOMXSS with DevTools | Untrusted Types
5.Rampant CNAME misconfiguration leaves thousands of organizations open to subdomain takeover attacks – research