安全防XSS跨站 SQL注入-PHP源码-php.cn

Home

php教程

PHP源码

安全防XSS跨站 SQL注入

PHP中文网

May 25, 2016 pm 05:08 PM

sql注入

<?php
 
defined(&#39;TC_CMS&#39;) or exit(&#39;Access Denied&#39;);
 
/**
 * TC_CMS
 * =======================================================
 * 版权所有 (C) 2010-2020 www.teamcen.com，并保留所有权利。
 * 网站地址: http://www.teamcen.com
 * Q Q: 9877633
 * -------------------------------------------------------
 *
 * @author :     milkcy <milkcy@foxmail.com>
 * @version :    v1.0
 * =======================================================
 */
 
class safe {
    const getfilter="&#39;|(and|or)\\b.+?(>|<|=|in|like)|\\/\\*.+?\\*\\/|<\\s*script\\b|\\bEXEC\\b|UNION.+?SELECT|UPDATE.+?SET|INSERT\\s+INTO.+?VALUES|(SELECT|DELETE).+?FROM|(CREATE|ALTER|DROP|TRUNCATE)\\s+(TABLE|DATABASE)";
    const postfilter="\\b(and|or)\\b.{1,6}?(=|>|<|\\bin\\b|\\blike\\b)|\\/\\*.+?\\*\\/|<\\s*script\\b|\\bEXEC\\b|UNION.+?SELECT|UPDATE.+?SET|INSERT\\s+INTO.+?VALUES|(SELECT|DELETE).+?FROM|(CREATE|ALTER|DROP|TRUNCATE)\\s+(TABLE|DATABASE)";
    const cookiefilter="\\b(and|or)\\b.{1,6}?(=|>|<|\\bin\\b|\\blike\\b)|\\/\\*.+?\\*\\/|<\\s*script\\b|\\bEXEC\\b|UNION.+?SELECT|UPDATE.+?SET|INSERT\\s+INTO.+?VALUES|(SELECT|DELETE).+?FROM|(CREATE|ALTER|DROP|TRUNCATE)\\s+(TABLE|DATABASE)";
 
    public function __construct() {
 
    }
 
    public function initLogHacker() {
         
        foreach($_GET as $key=>$value){
            $this->StopAttack($key,$value,self::getfilter);
            $_GET[$key] = $this->safe_replace($value);
            $_GET[$key] = $this->remove_xss($_GET[$key]);
        }
         
        foreach($_COOKIE as $key=>$value){
            $this->StopAttack($key,$value,self::cookiefilter);
        }
         
        foreach($_POST as $key=>$value){
            if (!is_array($value)) {
                $_POST[$key] = $this->trim_script($value);
            }
            $this->StopAttack($key,$value,self::postfilter);
        }
    }
     
    private function StopAttack($StrFiltKey,$StrFiltValue,$ArrFiltReq){
        if(is_array($StrFiltValue)) {
            $StrFiltValue=implode($StrFiltValue);
        }     
        if (preg_match("/".$ArrFiltReq."/is",$StrFiltValue)==1){
            $attackStr = "<br><br>SubmitIP:".$_SERVER["REMOTE_ADDR"]."<br>SubmitTime:".strftime("%Y-%m-%d %H:%M:%S")."<br>SubmitPage:".$_SERVER["PHP_SELF"]."<br>SubmitMethod:".$_SERVER["REQUEST_METHOD"]."<br>SubmitParams:".$StrFiltKey."<br>SubmitData:".$StrFiltValue;
            exit("Illegal operation:" . $attackStr);
        }
    }
     
    /**
     * 安全过滤函数
     *
     * @param $string
     * @return string
     */
    private function safe_replace($string) {
        $string = str_replace(&#39;%20&#39;, &#39;&#39;, $string);
        $string = str_replace(&#39;%27&#39;, &#39;&#39;, $string);
        $string = str_replace(&#39;%2527&#39;, &#39;&#39;, $string);
        $string = str_replace(&#39;*&#39;, &#39;&#39;, $string);
        $string = str_replace(&#39;"&#39;, &#39;&quot;&#39;, $string);
        $string = str_replace("&#39;", &#39;&#39;, $string);
        $string = str_replace(&#39;"&#39;, &#39;&#39;, $string);
        $string = str_replace(&#39;;&#39;, &#39;&#39;, $string);
        $string = str_replace(&#39;<&#39;, &#39;&lt;&#39;, $string);
        $string = str_replace(&#39;>&#39;, &#39;&gt;&#39;, $string);
        $string = str_replace("{", &#39;&#39;, $string);
        $string = str_replace(&#39;}&#39;, &#39;&#39;, $string);
        $string = str_replace(&#39;\\&#39;, &#39;&#39;, $string);
        $string = str_replace(&#39;or&#39;, &#39;&#39;, $string);
        $string = str_replace(&#39;insert&#39;, &#39;&#39;, $string);
        $string = str_replace(&#39;update&#39;, &#39;&#39;, $string);
        $string = str_replace(&#39;delete&#39;, &#39;&#39;, $string);
        $string = str_replace(&#39;and&#39;, &#39;&#39;, $string);
        $string = str_replace(&#39;union&#39;, &#39;&#39;, $string);
        $string = str_replace(&#39;load_file&#39;, &#39;&#39;, $string);
        $string = str_replace(&#39;outfil&#39;, &#39;&#39;, $string);
        $string = str_replace(&#39;TRUNCATE&#39;, &#39;&#39;, $string);
        return $string;
    }
     
    /**
     * 转义 javascript 代码标记
     *
     * @param $str
     * @return mixed
     */
    private function trim_script($str) {
        if (is_array($str)) {
            foreach ($str as $key => $val) {
                $str[$key] = trim_script($val);
            }
        } else {
            $str = preg_replace(&#39;/\<([\/]?)script([^\>]*?)\>/si&#39;, &#39;&lt;\\1script\\2&gt;&#39;, $str);
            $str = preg_replace(&#39;/\<([\/]?)iframe([^\>]*?)\>/si&#39;, &#39;&lt;\\1iframe\\2&gt;&#39;, $str);
            $str = preg_replace(&#39;/\<([\/]?)frame([^\>]*?)\>/si&#39;, &#39;&lt;\\1frame\\2&gt;&#39;, $str);
            $str = preg_replace(&#39;/]]\>/si&#39;, &#39;]] >&#39;, $str);
        }
        return $str;
    }
     
    /**
     * 防止XSS攻击,用在表单textarea中内容过滤较多
     *
     * @param $str
     * @return mixed
     */
    private function remove_xss($val) {
        $val = preg_replace(&#39;/([\x00-\x08,\x0b-\x0c,\x0e-\x19])/&#39;, &#39;&#39;, $val);
        $search = &#39;abcdefghijklmnopqrstuvwxyz&#39;;
        $search .= &#39;ABCDEFGHIJKLMNOPQRSTUVWXYZ&#39;;
        $search .= &#39;1234567890!@#$%^&*()&#39;;
        $search .= &#39;~`";:?+/={}[]-_|\&#39;\\&#39;;
        for ($i = 0; $i < strlen($search); $i++) {
            $val = preg_replace(&#39;/(&#[xX]0{0,8}&#39; . dechex(ord($search[$i])) . &#39;;?)/i&#39;, $search[$i], $val); // with a ;
            $val = preg_replace(&#39;/(&#0{0,8}&#39; . ord($search[$i]) . &#39;;?)/&#39;, $search[$i], $val); // with a ;
        }
 
        $ra1 = array(
            &#39;javascript&#39;,
            &#39;vbscript&#39;,
            &#39;expression&#39;,
            &#39;applet&#39;,
            &#39;meta&#39;,
            &#39;xml&#39;,
            &#39;blink&#39;,
            &#39;link&#39;,
            &#39;style&#39;,
            &#39;script&#39;,
            &#39;embed&#39;,
            &#39;object&#39;,
            &#39;iframe&#39;,
            &#39;frame&#39;,
            &#39;frameset&#39;,
            &#39;ilayer&#39;,
            &#39;layer&#39;,
            &#39;bgsound&#39;,
            &#39;title&#39;,
            &#39;base&#39;
            );
            $ra2 = array(
            &#39;onabort&#39;,
            &#39;onactivate&#39;,
            &#39;onafterprint&#39;,
            &#39;onafterupdate&#39;,
            &#39;onbeforeactivate&#39;,
            &#39;onbeforecopy&#39;,
            &#39;onbeforecut&#39;,
            &#39;onbeforedeactivate&#39;,
            &#39;onbeforeeditfocus&#39;,
            &#39;onbeforepaste&#39;,
            &#39;onbeforeprint&#39;,
            &#39;onbeforeunload&#39;,
            &#39;onbeforeupdate&#39;,
            &#39;onblur&#39;,
            &#39;onbounce&#39;,
            &#39;oncellchange&#39;,
            &#39;onchange&#39;,
            &#39;onclick&#39;,
            &#39;oncontextmenu&#39;,
            &#39;oncontrolselect&#39;,
            &#39;oncopy&#39;,
            &#39;oncut&#39;,
            &#39;ondataavailable&#39;,
            &#39;ondatasetchanged&#39;,
            &#39;ondatasetcomplete&#39;,
            &#39;ondblclick&#39;,
            &#39;ondeactivate&#39;,
            &#39;ondrag&#39;,
            &#39;ondragend&#39;,
            &#39;ondragenter&#39;,
            &#39;ondragleave&#39;,
            &#39;ondragover&#39;,
            &#39;ondragstart&#39;,
            &#39;ondrop&#39;,
            &#39;onerror&#39;,
            &#39;onerrorupdate&#39;,
            &#39;onfilterchange&#39;,
            &#39;onfinish&#39;,
            &#39;onfocus&#39;,
            &#39;onfocusin&#39;,
            &#39;onfocusout&#39;,
            &#39;onhelp&#39;,
            &#39;onkeydown&#39;,
            &#39;onkeypress&#39;,
            &#39;onkeyup&#39;,
            &#39;onlayoutcomplete&#39;,
            &#39;onload&#39;,
            &#39;onlosecapture&#39;,
            &#39;onmousedown&#39;,
            &#39;onmouseenter&#39;,
            &#39;onmouseleave&#39;,
            &#39;onmousemove&#39;,
            &#39;onmouseout&#39;,
            &#39;onmouseover&#39;,
            &#39;onmouseup&#39;,
            &#39;onmousewheel&#39;,
            &#39;onmove&#39;,
            &#39;onmoveend&#39;,
            &#39;onmovestart&#39;,
            &#39;onpaste&#39;,
            &#39;onpropertychange&#39;,
            &#39;onreadystatechange&#39;,
            &#39;onreset&#39;,
            &#39;onresize&#39;,
            &#39;onresizeend&#39;,
            &#39;onresizestart&#39;,
            &#39;onrowenter&#39;,
            &#39;onrowexit&#39;,
            &#39;onrowsdelete&#39;,
            &#39;onrowsinserted&#39;,
            &#39;onscroll&#39;,
            &#39;onselect&#39;,
            &#39;onselectionchange&#39;,
            &#39;onselectstart&#39;,
            &#39;onstart&#39;,
            &#39;onstop&#39;,
            &#39;onsubmit&#39;,
            &#39;onunload&#39;
            );
            $ra = array_merge($ra1, $ra2);
 
            $found = true; // keep replacing as long as the previous round replaced something
            while ($found == true) {
                $val_before = $val;
                for ($i = 0; $i < sizeof($ra); $i++) {
                    $pattern = &#39;/&#39;;
                    for ($j = 0; $j < strlen($ra[$i]); $j++) {
                        if ($j > 0) {
                            $pattern .= &#39;(&#39;;
                            $pattern .= &#39;(&#[xX]0{0,8}([9ab]);)&#39;;
                            $pattern .= &#39;|&#39;;
                            $pattern .= &#39;|(&#0{0,8}([9|10|13]);)&#39;;
                            $pattern .= &#39;)*&#39;;
                        }
                        $pattern .= $ra[$i][$j];
                    }
                    $pattern .= &#39;/i&#39;;
                    $replacement = substr($ra[$i], 0, 2) . &#39;<x>&#39; . substr($ra[$i], 2); // add in <> to nerf the tag
                    $val = preg_replace($pattern, $replacement, $val); // filter out the hex tags
                    if ($val_before == $val) {
                        // no replacements were made, so exit the loop
                        $found = false;
                    }
                }
            }
            return $val;
    }
}
 
?>

safe.class.php

<?php
 
defined(&#39;TC_CMS&#39;) or exit(&#39;Access Denied&#39;);
 
/**
 * TC_CMS
 * =======================================================
 * 版权所有 (C) 2010-2020 www.teamcen.com，并保留所有权利。
 * 网站地址: http://www.teamcen.com
 * Q Q: 9877633
 * -------------------------------------------------------
 *
 * @author :     milkcy <milkcy@foxmail.com>
 * @version :    v1.0
 * =======================================================
 */
 
class safe {
    const getfilter="&#39;|(and|or)\\b.+?(>|<|=|in|like)|\\/\\*.+?\\*\\/|<\\s*script\\b|\\bEXEC\\b|UNION.+?SELECT|UPDATE.+?SET|INSERT\\s+INTO.+?VALUES|(SELECT|DELETE).+?FROM|(CREATE|ALTER|DROP|TRUNCATE)\\s+(TABLE|DATABASE)";
    const postfilter="\\b(and|or)\\b.{1,6}?(=|>|<|\\bin\\b|\\blike\\b)|\\/\\*.+?\\*\\/|<\\s*script\\b|\\bEXEC\\b|UNION.+?SELECT|UPDATE.+?SET|INSERT\\s+INTO.+?VALUES|(SELECT|DELETE).+?FROM|(CREATE|ALTER|DROP|TRUNCATE)\\s+(TABLE|DATABASE)";
    const cookiefilter="\\b(and|or)\\b.{1,6}?(=|>|<|\\bin\\b|\\blike\\b)|\\/\\*.+?\\*\\/|<\\s*script\\b|\\bEXEC\\b|UNION.+?SELECT|UPDATE.+?SET|INSERT\\s+INTO.+?VALUES|(SELECT|DELETE).+?FROM|(CREATE|ALTER|DROP|TRUNCATE)\\s+(TABLE|DATABASE)";
 
    public function __construct() {
 
    }
 
    public function initLogHacker() {
         
        foreach($_GET as $key=>$value){
            $this->StopAttack($key,$value,self::getfilter);
            $_GET[$key] = $this->safe_replace($value);
            $_GET[$key] = $this->remove_xss($_GET[$key]);
        }
         
        foreach($_COOKIE as $key=>$value){
            $this->StopAttack($key,$value,self::cookiefilter);
        }
         
        foreach($_POST as $key=>$value){
            if (!is_array($value)) {
                $_POST[$key] = $this->trim_script($value);
            }
            $this->StopAttack($key,$value,self::postfilter);
        }
    }
     
    private function StopAttack($StrFiltKey,$StrFiltValue,$ArrFiltReq){
        if(is_array($StrFiltValue)) {
            $StrFiltValue=implode($StrFiltValue);
        }     
        if (preg_match("/".$ArrFiltReq."/is",$StrFiltValue)==1){
            $attackStr = "<br><br>SubmitIP:".$_SERVER["REMOTE_ADDR"]."<br>SubmitTime:".strftime("%Y-%m-%d %H:%M:%S")."<br>SubmitPage:".$_SERVER["PHP_SELF"]."<br>SubmitMethod:".$_SERVER["REQUEST_METHOD"]."<br>SubmitParams:".$StrFiltKey."<br>SubmitData:".$StrFiltValue;
            exit("Illegal operation:" . $attackStr);
        }
    }
     
    /**
     * 安全过滤函数
     *
     * @param $string
     * @return string
     */
    private function safe_replace($string) {
        $string = str_replace(&#39;%20&#39;, &#39;&#39;, $string);
        $string = str_replace(&#39;%27&#39;, &#39;&#39;, $string);
        $string = str_replace(&#39;%2527&#39;, &#39;&#39;, $string);
        $string = str_replace(&#39;*&#39;, &#39;&#39;, $string);
        $string = str_replace(&#39;"&#39;, &#39;&quot;&#39;, $string);
        $string = str_replace("&#39;", &#39;&#39;, $string);
        $string = str_replace(&#39;"&#39;, &#39;&#39;, $string);
        $string = str_replace(&#39;;&#39;, &#39;&#39;, $string);
        $string = str_replace(&#39;<&#39;, &#39;&lt;&#39;, $string);
        $string = str_replace(&#39;>&#39;, &#39;&gt;&#39;, $string);
        $string = str_replace("{", &#39;&#39;, $string);
        $string = str_replace(&#39;}&#39;, &#39;&#39;, $string);
        $string = str_replace(&#39;\\&#39;, &#39;&#39;, $string);
        $string = str_replace(&#39;or&#39;, &#39;&#39;, $string);
        $string = str_replace(&#39;insert&#39;, &#39;&#39;, $string);
        $string = str_replace(&#39;update&#39;, &#39;&#39;, $string);
        $string = str_replace(&#39;delete&#39;, &#39;&#39;, $string);
        $string = str_replace(&#39;and&#39;, &#39;&#39;, $string);
        $string = str_replace(&#39;union&#39;, &#39;&#39;, $string);
        $string = str_replace(&#39;load_file&#39;, &#39;&#39;, $string);
        $string = str_replace(&#39;outfil&#39;, &#39;&#39;, $string);
        $string = str_replace(&#39;TRUNCATE&#39;, &#39;&#39;, $string);
        return $string;
    }
     
    /**
     * 转义 javascript 代码标记
     *
     * @param $str
     * @return mixed
     */
    private function trim_script($str) {
        if (is_array($str)) {
            foreach ($str as $key => $val) {
                $str[$key] = trim_script($val);
            }
        } else {
            $str = preg_replace(&#39;/\<([\/]?)script([^\>]*?)\>/si&#39;, &#39;&lt;\\1script\\2&gt;&#39;, $str);
            $str = preg_replace(&#39;/\<([\/]?)iframe([^\>]*?)\>/si&#39;, &#39;&lt;\\1iframe\\2&gt;&#39;, $str);
            $str = preg_replace(&#39;/\<([\/]?)frame([^\>]*?)\>/si&#39;, &#39;&lt;\\1frame\\2&gt;&#39;, $str);
            $str = preg_replace(&#39;/]]\>/si&#39;, &#39;]] >&#39;, $str);
        }
        return $str;
    }
     
    /**
     * 防止XSS攻击,用在表单textarea中内容过滤较多
     *
     * @param $str
     * @return mixed
     */
    private function remove_xss($val) {
        $val = preg_replace(&#39;/([\x00-\x08,\x0b-\x0c,\x0e-\x19])/&#39;, &#39;&#39;, $val);
        $search = &#39;abcdefghijklmnopqrstuvwxyz&#39;;
        $search .= &#39;ABCDEFGHIJKLMNOPQRSTUVWXYZ&#39;;
        $search .= &#39;1234567890!@#$%^&*()&#39;;
        $search .= &#39;~`";:?+/={}[]-_|\&#39;\\&#39;;
        for ($i = 0; $i < strlen($search); $i++) {
            $val = preg_replace(&#39;/(&#[xX]0{0,8}&#39; . dechex(ord($search[$i])) . &#39;;?)/i&#39;, $search[$i], $val); // with a ;
            $val = preg_replace(&#39;/(&#0{0,8}&#39; . ord($search[$i]) . &#39;;?)/&#39;, $search[$i], $val); // with a ;
        }
 
        $ra1 = array(
            &#39;javascript&#39;,
            &#39;vbscript&#39;,
            &#39;expression&#39;,
            &#39;applet&#39;,
            &#39;meta&#39;,
            &#39;xml&#39;,
            &#39;blink&#39;,
            &#39;link&#39;,
            &#39;style&#39;,
            &#39;script&#39;,
            &#39;embed&#39;,
            &#39;object&#39;,
            &#39;iframe&#39;,
            &#39;frame&#39;,
            &#39;frameset&#39;,
            &#39;ilayer&#39;,
            &#39;layer&#39;,
            &#39;bgsound&#39;,
            &#39;title&#39;,
            &#39;base&#39;
            );
            $ra2 = array(
            &#39;onabort&#39;,
            &#39;onactivate&#39;,
            &#39;onafterprint&#39;,
            &#39;onafterupdate&#39;,
            &#39;onbeforeactivate&#39;,
            &#39;onbeforecopy&#39;,
            &#39;onbeforecut&#39;,
            &#39;onbeforedeactivate&#39;,
            &#39;onbeforeeditfocus&#39;,
            &#39;onbeforepaste&#39;,
            &#39;onbeforeprint&#39;,
            &#39;onbeforeunload&#39;,
            &#39;onbeforeupdate&#39;,
            &#39;onblur&#39;,
            &#39;onbounce&#39;,
            &#39;oncellchange&#39;,
            &#39;onchange&#39;,
            &#39;onclick&#39;,
            &#39;oncontextmenu&#39;,
            &#39;oncontrolselect&#39;,
            &#39;oncopy&#39;,
            &#39;oncut&#39;,
            &#39;ondataavailable&#39;,
            &#39;ondatasetchanged&#39;,
            &#39;ondatasetcomplete&#39;,
            &#39;ondblclick&#39;,
            &#39;ondeactivate&#39;,
            &#39;ondrag&#39;,
            &#39;ondragend&#39;,
            &#39;ondragenter&#39;,
            &#39;ondragleave&#39;,
            &#39;ondragover&#39;,
            &#39;ondragstart&#39;,
            &#39;ondrop&#39;,
            &#39;onerror&#39;,
            &#39;onerrorupdate&#39;,
            &#39;onfilterchange&#39;,
            &#39;onfinish&#39;,
            &#39;onfocus&#39;,
            &#39;onfocusin&#39;,
            &#39;onfocusout&#39;,
            &#39;onhelp&#39;,
            &#39;onkeydown&#39;,
            &#39;onkeypress&#39;,
            &#39;onkeyup&#39;,
            &#39;onlayoutcomplete&#39;,
            &#39;onload&#39;,
            &#39;onlosecapture&#39;,
            &#39;onmousedown&#39;,
            &#39;onmouseenter&#39;,
            &#39;onmouseleave&#39;,
            &#39;onmousemove&#39;,
            &#39;onmouseout&#39;,
            &#39;onmouseover&#39;,
            &#39;onmouseup&#39;,
            &#39;onmousewheel&#39;,
            &#39;onmove&#39;,
            &#39;onmoveend&#39;,
            &#39;onmovestart&#39;,
            &#39;onpaste&#39;,
            &#39;onpropertychange&#39;,
            &#39;onreadystatechange&#39;,
            &#39;onreset&#39;,
            &#39;onresize&#39;,
            &#39;onresizeend&#39;,
            &#39;onresizestart&#39;,
            &#39;onrowenter&#39;,
            &#39;onrowexit&#39;,
            &#39;onrowsdelete&#39;,
            &#39;onrowsinserted&#39;,
            &#39;onscroll&#39;,
            &#39;onselect&#39;,
            &#39;onselectionchange&#39;,
            &#39;onselectstart&#39;,
            &#39;onstart&#39;,
            &#39;onstop&#39;,
            &#39;onsubmit&#39;,
            &#39;onunload&#39;
            );
            $ra = array_merge($ra1, $ra2);
 
            $found = true; // keep replacing as long as the previous round replaced something
            while ($found == true) {
                $val_before = $val;
                for ($i = 0; $i < sizeof($ra); $i++) {
                    $pattern = &#39;/&#39;;
                    for ($j = 0; $j < strlen($ra[$i]); $j++) {
                        if ($j > 0) {
                            $pattern .= &#39;(&#39;;
                            $pattern .= &#39;(&#[xX]0{0,8}([9ab]);)&#39;;
                            $pattern .= &#39;|&#39;;
                            $pattern .= &#39;|(&#0{0,8}([9|10|13]);)&#39;;
                            $pattern .= &#39;)*&#39;;
                        }
                        $pattern .= $ra[$i][$j];
                    }
                    $pattern .= &#39;/i&#39;;
                    $replacement = substr($ra[$i], 0, 2) . &#39;<x>&#39; . substr($ra[$i], 2); // add in <> to nerf the tag
                    $val = preg_replace($pattern, $replacement, $val); // filter out the hex tags
                    if ($val_before == $val) {
                        // no replacements were made, so exit the loop
                        $found = false;
                    }
                }
            }
            return $val;
    }
}
 
?>

Statement

The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn

Hot AI Tools

Undresser.AI Undress

AI-powered app for creating realistic nude photos

AI Clothes Remover

Online AI tool for removing clothes from photos.

Undress AI Tool

Undress images for free

Clothoff.io

AI clothes remover

AI Hentai Generator

Generate AI Hentai for free.

Hot Article

R.E.P.O. Energy Crystals Explained and What They Do (Yellow Crystal)

1 months agoBy尊渡假赌尊渡假赌尊渡假赌

R.E.P.O. Best Graphic Settings

1 months agoBy尊渡假赌尊渡假赌尊渡假赌

Assassin's Creed Shadows: Seashell Riddle Solution

3 weeks agoByDDD

What's New in Windows 11 KB5054979 & How to Fix Update Issues

2 weeks agoByDDD

Will R.E.P.O. Have Crossplay?

1 months agoBy尊渡假赌尊渡假赌尊渡假赌

Hot Tools

MinGW - Minimalist GNU for Windows

This project is in the process of being migrated to osdn.net/projects/mingw, you can continue to follow us there. MinGW: A native Windows port of the GNU Compiler Collection (GCC), freely distributable import libraries and header files for building native Windows applications; includes extensions to the MSVC runtime to support C99 functionality. All MinGW software can run on 64-bit Windows platforms.

DVWA

Damn Vulnerable Web App (DVWA) is a PHP/MySQL web application that is very vulnerable. Its main goals are to be an aid for security professionals to test their skills and tools in a legal environment, to help web developers better understand the process of securing web applications, and to help teachers/students teach/learn in a classroom environment Web application security. The goal of DVWA is to practice some of the most common web vulnerabilities through a simple and straightforward interface, with varying degrees of difficulty. Please note that this software

SecLists

SecLists is the ultimate security tester's companion. It is a collection of various types of lists that are frequently used during security assessments, all in one place. SecLists helps make security testing more efficient and productive by conveniently providing all the lists a security tester might need. List types include usernames, passwords, URLs, fuzzing payloads, sensitive data patterns, web shells, and more. The tester can simply pull this repository onto a new test machine and he will have access to every type of list he needs.