soapffz

This blog was established on December 15, 2018.

Yes, it has been more than 1 year. I didn't celebrate the first anniversary on December 15 this year because I was preparing for the postgraduate entrance examination.

Also, I haven't updated any articles since September due to the entrance examination.

I don't know if anyone is still reading.

After the entrance examination, I took a few days off to summarize.

---

The original intention of establishing this blog was to share my learning experiences in Python and penetration testing.

(I applied for the network space security major of a certain university, although it is very likely that I will not be admitted.)

Areas for Improvement#

The initial method of writing articles was to come up with an interesting topic and a title.

I would search for articles on Freebuf, Anquanke, T00ls, i 春秋，Kali Forum, and Xianzhi Community, and then refer to them while reproducing them myself.

The initial state of writing was: open the blog writing interface, open Kali, open Win7, or open VSC, and take screenshots while working.

However, the following situations often occurred:

• When I couldn't complete the work for several days or the results were always wrong, I would end the article with "but I haven't succeeded yet" or "to be continued".
• In order to motivate myself, I would publish the titles of the topics I wanted to write without completing the articles.
• I often published articles prematurely to see the effect, which may have caused dissatisfaction among readers.

In addition to the above reasons, the eagerness to complete the workload led to a lack of solid work and uneven article quality.

Therefore, among the 49 articles below:

At least 1/3 of the articles had the above problems. The articles that should be criticized are as follows:

• Webshell Bypass - 安全狗、D 盾
• Internal Network - Scanning Live Hosts
• Generating Remote Control Trojan and Initial Exploration of Bypassing Anti-virus with Metasploit
• Building a Social Engineering Database - ELK
• Installing Kali on Raspberry Pi 4B

Of course, in addition to the reasons mentioned above, sometimes I discovered new ideas but was unwilling to abandon previous achievements, thinking that I could just leave them behind since it was also part of the workload. This mentality also compromised the quality of the articles.

Areas to Be Commended#

Actually, starting from June, I began to share articles on systematic penetration testing processes and ideas.

The articles I wrote at that time

• Information Gathering - Search Engines
• Information Gathering - Asset Scanning
• Information Gathering - Directory Scanning
• Information Gathering - Port Scanning and Service Identification

Have greatly benefited me and once again confirmed that writing a blog is indeed useful.

Conclusion#

In nearly 50 articles in 2019, although there were good and bad ones, at least I used a lot of spare time to learn instead of playing games.

Next, I will read my previous articles and retry the areas where I failed before and then revise the articles.

I won't delete articles with slightly lower quality. I will revise them because they are the results of my learning.

For the unfinished pits and the recent unachievable ones, I may delete them or provide detailed explanations in the articles.

Now, the key point is here

On November 20th, the Cyberspace Administration of China released

Notice on the Public Solicitation of Opinions on the "Administrative Measures for the Release of Information on Network Security Threats (Draft for Solicitation of Comments)" by the National Internet Information Office

There are many opinions from cybersecurity personnel regarding this. Currently, the following content is relevant to me:

Article 4: The released information on network security threats shall not include the following content:
(1) Source code and production methods of malicious programs such as computer viruses, Trojans, and ransomware;
(2) Programs and tools specifically used for engaging in activities that harm networks, disrupt normal network functions, destroy network protection measures, or steal network data;
(3) Detailed information about the complete reproduction of network attacks and intrusions;
(4) The content of leaked data itself in data leakage incidents;
(5) Specific network planning and design, topology structure, asset information, software source code, attributes information of units or devices, selection, configuration, and software, etc.;
(6) Network security risk assessment, detection and certification reports of specific networks and information systems, security protection plans, and strategy proposals;
(7) Other content that may be directly used to harm the normal operation of networks.

Article 9: If information is published through the following platforms, the platform operators and organizers shall immediately stop the publication, take measures such as deletion, and prevent the spread of illegal content, preserve relevant records, and report to the competent departments of the city-level or above cyberspace administration and public security organs upon receiving notifications or reports from relevant departments or discovering violations of these measures on the platform. 1. Newspapers, radio and television, publications; 2. Websites, forums, blogs, microblogs, public accounts, instant messaging tools, live streaming on the internet, internet audio-visual programs, applications, network drives, etc.; 3. Publicly held conferences, forums, lectures; 4. Publicly held cybersecurity competitions; 5. Other public platforms.

There is no way, in order to save my own life, I can only keep the previous articles (there are not too many violations).

From this article onwards, the content of this blog will no longer include specific attack details, but will be limited to principle analysis and experience sharing articles.

I hope that in 2020, I can adhere to high-quality article content. Thank you for reading.

End of this article.