When the TUN mode is enable in Clash, local UDP service can’t build connection with clients on the Internet. How to diagnose it? How to fix it?

There is a common method to execute a malicious payload in a download cradle to bypass the antivirus’ detection. Here I’m going to show you how to use volatility to perform memory forensics and extract malicious payloads from memory.

Although there is a experimental CWE-020 query used for “Potential Log4J LDAP JNDI injection (CVE-2021-44228)” already, but at this time, I want to refit the CWE-074 to make it could find out CVE-2021-44228

The major reference: Qualys’ Advisory

In January 2022, I achieved the OSCE3. This passage includes the reviews of OSCP, OSEP, OSWE, and OSED.

Using Java 8u181

4xpl0r3r/DIPD: Debug with IDA and Pwntools in Docker (DIPD) (github.com)