-
Notifications
You must be signed in to change notification settings - Fork 0
/
index.html
40 lines (38 loc) · 16.4 KB
/
index.html
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
<!doctype html>
<html lang="zh"><head><meta charset="utf-8"><meta name="generator" content="Hexo 4.2.1"><meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1"><meta><title>kN4im3's Blog</title><meta property="og:type" content="blog"><meta property="og:title" content="kN4im3's Blog"><meta property="og:url" content="https://www.kn4im3.com/"><meta property="og:site_name" content="kN4im3's Blog"><meta property="og:locale" content="zh_CN"><meta property="og:image" content="https://www.kn4im3.com/img/og_image.png"><meta property="article:author" content="kN4im3"><meta property="twitter:card" content="summary"><meta property="twitter:image" content="/img/og_image.png"><script type="application/ld+json">{"@context":"https://schema.org","@type":"BlogPosting","mainEntityOfPage":{"@type":"WebPage","@id":"https://www.kn4im3.com"},"headline":"kN4im3's Blog","image":["https://www.kn4im3.com/img/og_image.png"],"author":{"@type":"Person","name":"kN4im3"},"description":""}</script><link rel="icon" href="/img/favicon.svg"><link rel="stylesheet" href="https://use.fontawesome.com/releases/v5.12.0/css/all.css"><link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/[email protected]/styles/atom-one-dark.css"><link rel="stylesheet" href="https://fonts.googleapis.com/css2?family=Oxanium:wght@300;400;600&family=Roboto+Mono"><link rel="stylesheet" href="/css/cyberpunk.css"><style>body>.footer,body>.navbar,body>.section{opacity:0}</style><!--!--><!--!--><!--!--><link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/[email protected]/dist/css/lightgallery.min.css"><link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/[email protected]/dist/css/justifiedGallery.min.css"><!--!--><!--!--><script src="https://cdn.jsdelivr.net/npm/[email protected]/pace.min.js"></script><script data-ad-client="ca-pub-9574555095803013" src="https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js" async></script></head><body class="is-2-column"><nav class="navbar navbar-main"><div class="container"><div class="navbar-brand justify-content-center"><a class="navbar-item navbar-logo" href="/"><img src="/img/logo.svg" alt="kN4im3's Blog" height="28"></a></div><div class="navbar-menu"><div class="navbar-start"><a class="navbar-item is-active" href="/">首页</a><a class="navbar-item" href="/archives">归档</a><a class="navbar-item" href="/categories">分类</a><a class="navbar-item" href="/tags">标签</a><a class="navbar-item" href="/about">关于</a></div><div class="navbar-end"><a class="navbar-item search" title="搜索" href="javascript:;"><i class="fas fa-search"></i></a></div></div></div></nav><section class="section"><div class="container"><div class="columns"><div class="column order-2 column-main is-8-tablet is-8-desktop is-8-widescreen"><div class="card"><article class="card-content article" role="article"><div class="article-meta size-small is-uppercase level is-mobile"><div class="level-left"><time class="level-item" dateTime="2020-08-25T01:20:05.000Z" title="2020-08-25T01:20:05.000Z">2020-08-25</time><span class="level-item"><a class="link-muted" href="/categories/JAVA%E4%BB%A3%E7%A0%81%E5%AE%A1%E8%AE%A1/">JAVA代码审计</a></span><span class="level-item">3 分钟 读完 (大约 379 个字)</span></div></div><h1 class="title is-3 is-size-4-mobile"><a class="link-muted" href="/2020/08/25/Fortify-JAVA%E4%BB%A3%E7%A0%81%E5%AE%A1%E8%AE%A1%E5%B7%A5%E5%85%B7/">Fortify SCA 20.1.1 JAVA代码审计工具(附License)</a></h1><div class="content"><p>Fortify是Micro Focus旗下AST (应用程序安全测试)产品 ,其产品组合包括:Fortify Static Code Analyzer提供静态代码分析器(SAST),Fortify WebInspect是动态应用安全测试软件(DAST),Software Security Centre是软件安全中心(SSC)和 Application Defender 是实时应用程序自我保护(RASP)。 </p>
<p>Fortify 能够提供静态和动态应用程序安全测试技术,以及运行时应用程序监控和保护功能。为实现高效安全监测,Fortify具有源代码安全分析,可精准定位漏洞产生的路径,以及具有1分钟1万行的扫描速度。</p>
<p>FortifySCA支持21种编程语言,分别是ASP.NET、.Net、C#.Net、ASP、VBscript、VS6、Java、JSP、JavaScript、HTML、 XML、 C/C++、PHP、T-SQL、PL/SQL、Action script、 Object-C (iphone-2012/5)、ColdFusion5.0、 Python、COBOL、SAP-ABAP语言。</p>
<p><img src="https://oss.dessmannzws.com/image-20200825094615142.png" alt="Fortify"></p>
<p><img src="https://oss.dessmannzws.com/image-20200825094536810.png" alt="代码分析页面"></p>
<p>下载地址:</p>
<figure class="highlight java"><table><tr><td class="gutter"><pre><span class="line">1</span><br></pre></td><td class="code"><pre><span class="line">https:<span class="comment">//pan.baidu.com/s/1ycK1RdJ9z7_59I6X-g5Vew</span></span><br></pre></td></tr></table></figure>
<p>提取码:4sgs</p>
<h6 id="破解方法:"><a href="#破解方法:" class="headerlink" title="破解方法:"></a>破解方法:</h6><p>在安装过程中提取您想要的许可证并选择它,安装后取消选择最后一个选项 (关于更新软件的选项)。</p>
<p>将fortify-common-20.1.1.0007 jar文件放入:<br>C:\Program Files\Fortify\Fortify_SCA_and_Apps_20.1.1\Core\lib 目录 (默认安装位置)<br>然后打开 C:\Program Files\Fortify\Fortify_SCA_and_Apps_20.1.1\bin\ 目录</p>
<p>运行 auditworkbench.cmd </p>
</div></article></div><div class="card"><article class="card-content article" role="article"><div class="article-meta size-small is-uppercase level is-mobile"><div class="level-left"><time class="level-item" dateTime="2020-07-19T03:33:15.000Z" title="2020-07-19T03:33:15.000Z">2020-07-19</time><span class="level-item"><a class="link-muted" href="/categories/%E8%BF%9C%E7%A8%8B%E5%91%BD%E4%BB%A4%E6%89%A7%E8%A1%8C/">远程命令执行</a></span><span class="level-item">几秒 读完 (大约 71 个字)</span></div></div><h1 class="title is-3 is-size-4-mobile"><a class="link-muted" href="/2020/07/19/FastJson/">FastJson反序列化</a></h1><div class="content"><p>Fastjson是一个Java库,可用于将Java对象转换为其JSON表示形式。它还可以用于将JSON字符串转换为等效的Java对象,Fastjson可以与任意Java对象一起使用。</p>
<h1 id="0x01"><a href="#0x01" class="headerlink" title="0x01"></a>0x01</h1><figure class="highlight java"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br></pre></td><td class="code"><pre><span class="line"><span class="function"><span class="keyword">public</span> <span class="keyword">static</span> <span class="keyword">void</span> <span class="title">main</span><span class="params">(String[] args)</span></span>{</span><br><span class="line"> System.out.println(<span class="string">"FastJson"</span>);</span><br><span class="line">}</span><br></pre></td></tr></table></figure>
</div></article></div></div><div class="column column-left is-4-tablet is-4-desktop is-4-widescreen order-1"><div class="card widget"><div class="card-content"><nav class="level"><div class="level-item has-text-centered flex-shrink-1"><div><figure class="image is-128x128 mx-auto mb-2"><img class="avatar is-rounded" src="/img/avatar.png" alt="kN4im3"></figure><p class="title is-size-4 is-block line-height-inherit">kN4im3</p><p class="is-size-6 is-block">Information Security Engineer</p><p class="is-size-6 is-flex justify-content-center"><i class="fas fa-map-marker-alt mr-1"></i><span>China</span></p></div></div></nav><nav class="level is-mobile"><div class="level-item has-text-centered is-marginless"><div><p class="heading">文章</p><a href="/archives"><p class="title">2</p></a></div></div><div class="level-item has-text-centered is-marginless"><div><p class="heading">分类</p><a href="/categories"><p class="title">2</p></a></div></div><div class="level-item has-text-centered is-marginless"><div><p class="heading">标签</p><a href="/tags"><p class="title">5</p></a></div></div></nav><div class="level"><a class="level-item button is-primary is-rounded" href="https://github.com/kN4im3" target="_blank" rel="noopener">关注我</a></div><div class="level is-mobile"><a class="level-item button is-transparent is-marginless" target="_blank" rel="noopener" title="Github" href="https://github.com/kN4im3"><i class="fab fa-github"></i></a><a class="level-item button is-transparent is-marginless" target="_blank" rel="noopener" title="Facebook" href="https://facebook.com"><i class="fab fa-facebook"></i></a><a class="level-item button is-transparent is-marginless" target="_blank" rel="noopener" title="Twitter" href="https://twitter.com/kN4im3"><i class="fab fa-twitter"></i></a><a class="level-item button is-transparent is-marginless" target="_blank" rel="noopener" title="Dribbble" href="https://dribbble.com"><i class="fab fa-dribbble"></i></a><a class="level-item button is-transparent is-marginless" target="_blank" rel="noopener" title="RSS" href="/"><i class="fas fa-rss"></i></a></div></div></div><!--!--><div class="card widget"><div class="card-content"><div class="menu"><h3 class="menu-label">链接</h3><ul class="menu-list"><li><a class="level is-mobile is-mobile" href="https://www.r4v3zn.com/" target="_blank" rel="noopener"><span class="level-left"><span class="level-item">R4v3zn's Blog</span></span><span class="level-right"><span class="level-item tag">www.r4v3zn.com</span></span></a></li></ul></div></div></div><div class="card widget"><div class="card-content"><div class="menu"><h3 class="menu-label">分类</h3><ul class="menu-list"><li><a class="level is-mobile is-marginless" href="/categories/JAVA%E4%BB%A3%E7%A0%81%E5%AE%A1%E8%AE%A1/"><span class="level-start"><span class="level-item">JAVA代码审计</span></span><span class="level-end"><span class="level-item tag">1</span></span></a></li><li><a class="level is-mobile is-marginless" href="/categories/%E8%BF%9C%E7%A8%8B%E5%91%BD%E4%BB%A4%E6%89%A7%E8%A1%8C/"><span class="level-start"><span class="level-item">远程命令执行</span></span><span class="level-end"><span class="level-item tag">1</span></span></a></li></ul></div></div></div><div class="card widget"><div class="card-content"><h3 class="menu-label">最新文章</h3><article class="media"><div class="media-content size-small"><p><time dateTime="2020-08-25T01:20:05.000Z">2020-08-25</time></p><p class="title is-6"><a class="link-muted" href="/2020/08/25/Fortify-JAVA%E4%BB%A3%E7%A0%81%E5%AE%A1%E8%AE%A1%E5%B7%A5%E5%85%B7/">Fortify SCA 20.1.1 JAVA代码审计工具(附License)</a></p><p class="is-uppercase"><a class="link-muted" href="/categories/JAVA%E4%BB%A3%E7%A0%81%E5%AE%A1%E8%AE%A1/">JAVA代码审计</a></p></div></article><article class="media"><div class="media-content size-small"><p><time dateTime="2020-07-19T03:33:15.000Z">2020-07-19</time></p><p class="title is-6"><a class="link-muted" href="/2020/07/19/FastJson/">FastJson反序列化</a></p><p class="is-uppercase"><a class="link-muted" href="/categories/%E8%BF%9C%E7%A8%8B%E5%91%BD%E4%BB%A4%E6%89%A7%E8%A1%8C/">远程命令执行</a></p></div></article></div></div><div class="card widget"><div class="card-content"><div class="menu"><h3 class="menu-label">归档</h3><ul class="menu-list"><li><a class="level is-mobile is-marginless" href="/archives/2020/08/"><span class="level-start"><span class="level-item">八月 2020</span></span><span class="level-end"><span class="level-item tag">1</span></span></a></li><li><a class="level is-mobile is-marginless" href="/archives/2020/07/"><span class="level-start"><span class="level-item">七月 2020</span></span><span class="level-end"><span class="level-item tag">1</span></span></a></li></ul></div></div></div><div class="card widget"><div class="card-content"><div class="menu"><h3 class="menu-label">标签</h3><div class="field is-grouped is-grouped-multiline"><div class="control"><a class="tags has-addons" href="/tags/Fortify/"><span class="tag">Fortify</span><span class="tag is-grey-lightest">1</span></a></div><div class="control"><a class="tags has-addons" href="/tags/RCE/"><span class="tag">RCE</span><span class="tag is-grey-lightest">1</span></a></div><div class="control"><a class="tags has-addons" href="/tags/%E4%BB%A3%E7%A0%81%E5%AE%A1%E8%AE%A1/"><span class="tag">代码审计</span><span class="tag is-grey-lightest">1</span></a></div><div class="control"><a class="tags has-addons" href="/tags/%E5%8F%8D%E5%BA%8F%E5%88%97%E5%8C%96/"><span class="tag">反序列化</span><span class="tag is-grey-lightest">1</span></a></div><div class="control"><a class="tags has-addons" href="/tags/%E9%9D%99%E6%80%81%E4%BB%A3%E7%A0%81%E5%88%86%E6%9E%90%E5%B7%A5%E5%85%B7/"><span class="tag">静态代码分析工具</span><span class="tag is-grey-lightest">1</span></a></div></div></div></div></div><div class="card widget"><div class="card-content"><div class="menu"><h3 class="menu-label">订阅更新</h3><form action="https://feedburner.google.com/fb/a/mailverify" method="post" target="popupwindow" onsubmit="window.open('https://feedburner.google.com/fb/a/mailverify?uri=','popupwindow','scrollbars=yes,width=550,height=520');return true"><input type="hidden" value="" name="uri"><input type="hidden" name="loc" value="en_US"><div class="field has-addons"><div class="control has-icons-left is-expanded"><input class="input" name="email" type="email" placeholder="Email"><span class="icon is-small is-left"><i class="fas fa-envelope"></i></span></div><div class="control"><input class="button is-primary" type="submit" value="订阅"></div></div></form></div></div></div><div class="card widget"><div class="card-content"><div class="notification is-danger">You need to set <code>client_id</code> and <code>slot_id</code> to show this AD unit. Please set it in <code>_config.yml</code>.</div></div></div></div><!--!--></div></div></section><footer class="footer"><div class="container"><div class="level"><div class="level-start"><a class="footer-logo is-block mb-2" href="/"><img src="/img/logo.svg" alt="kN4im3's Blog" height="28"></a><p class="size-small"><span>© 2021 kN4im3</span> Powered by <a href="https://hexo.io/" target="_blank" rel="noopener">Hexo</a> & <a href="https://github.com/ppoffice/hexo-theme-icarus" target="_blank" rel="noopener">Icarus</a></p></div><div class="level-end"></div></div></div></footer><script src="https://cdn.jsdelivr.net/npm/[email protected]/dist/jquery.min.js"></script><script src="https://cdn.jsdelivr.net/npm/[email protected]/min/moment-with-locales.min.js"></script><script>moment.locale("zh-CN");</script><script>var IcarusThemeSettings = {
site: {
url: 'https://www.kn4im3.com',
external_link: {"enable":true,"exclude":[]}
},
article: {
highlight: {
clipboard: true,
fold: 'unfolded'
}
}
};</script><script src="https://cdn.jsdelivr.net/npm/[email protected]/dist/clipboard.min.js" defer></script><script src="/js/animation.js"></script><a id="back-to-top" title="回到顶端" href="javascript:;"><i class="fas fa-chevron-up"></i></a><script src="/js/back_to_top.js" defer></script><!--!--><!--!--><script src="https://cdn.jsdelivr.net/npm/[email protected]/dist/js/lightgallery.min.js" defer></script><script src="https://cdn.jsdelivr.net/npm/[email protected]/dist/js/jquery.justifiedGallery.min.js" defer></script><script>window.addEventListener("load", () => {
if (typeof $.fn.lightGallery === 'function') {
$('.article').lightGallery({ selector: '.gallery-item' });
}
if (typeof $.fn.justifiedGallery === 'function') {
if ($('.justified-gallery > p > .gallery-item').length) {
$('.justified-gallery > p > .gallery-item').unwrap();
}
$('.justified-gallery').justifiedGallery();
}
});</script><!--!--><!--!--><!--!--><script src="/js/main.js" defer></script><div class="searchbox"><div class="searchbox-container"><div class="searchbox-header"><div class="searchbox-input-container"><input class="searchbox-input" type="text" placeholder="想要查找什么..."></div><a class="searchbox-close" href="javascript:;">×</a></div><div class="searchbox-body"></div></div></div><script src="/js/insight.js" defer></script><script>document.addEventListener('DOMContentLoaded', function () {
loadInsight({"contentUrl":"/content.json"}, {"hint":"想要查找什么...","untitled":"(无标题)","posts":"文章","pages":"页面","categories":"分类","tags":"标签"});
});</script></body></html>