Home

Awesome

DVPNET 公开漏洞知识库

DVP官网https://dvpnet.io/

你可以从本项目中了解到一些典型的或是非常规的漏洞案例,也可以从漏洞技术细节中了解到其他白帽子对于厂商资产的各类收集方式。

“知识面决定攻击面,知识深度决定攻击链” ———— 本项目将长期更新,作为DVP社区的知识沉淀,供社区白帽子、厂商、安全从业人员不断扩展自身的知识面

关于公开漏洞说明:

  1. DVP选择对具备行业典型性的漏洞进行公开,旨在帮助社区的白帽子进行技术学习及厂商风险自检自查,避免损失。
  2. DVP从核心价值观出发,公开漏洞的是已修复且经过脱敏处理的。
  3. 在白帽子原有报告内容上,DVP可能会对漏洞信息做额外的补充及完善,方便白帽子理解更多的技术细节或是方便厂商了解到相关风险的规避方式。

DVPNET Public Vunerability Knowledge Base

DVP Official Websitehttps://dvpnet.io/

You can learn some typical or unconventional vunerabilities from this project, as well as how other white hats collect vendor assets technical details through the technical details on the vulnerabilities.

“What you know determines what the Attack Surface is; how deep your knowledge is determines which chain to attack” ———— This project will keep updating to manage the accumulated knowledge for DVP community, so that white hats, vendors, and security practitioners can continuously expand their knowledge.

About the Public Vulnerability

  1. DVP discloses the typical vulnerabilities in the industry to facilitate the technology learning of white hats in the community and the self-inspection of vendors, enabling loss prevention.
  2. Adhering to the core values, DVP has conducted data desensitization before the vulnerability disclosure.
  3. For White Hats' easier understanding on more technical details and Vendors' risk-avoidance learning, DVP may make supplements and improvements on the vulnerability data on the basis of the original report of White Hats.