This article details the internal architecture and SQL execution workflow of Gorm, the popular ORM framework for Go. It shares practical techniques for model definition, querying, and updating, while solving common issues like time zone discrepancies, soft deletion, and transactions. It is tailored for advanced Gorm developers. As the most widely used ORM (Object-Relational Mapping) framework…

This article details two implementation solutions for graphic CAPTCHAs in SpringBoot projects, including handwritten custom CAPTCHA utility classes and rapid integration of four types of CAPTCHAs (line-interfered, circle-interfered, distorted, and GIF) using the Hutool utility library. Complete code examples and API testing steps are provided to help developers address human-machine verification needs in scenarios such…

Technical Dilemmas in Embedded UI Development: From Requirements to Bottlenecks [Essential for Embedded UI Development] In the development of IoT, industrial control, and portable smart devices, how to build efficient graphical UIs in no-std, OS-less environments? Traditional terminal UI libraries are limited by resource constraints and hardware compatibility, becoming a major development pain point. This…

In the landscape of cybersecurity confrontation, Endpoint Detection and Response (EDR) tools remain a critical line of defense for defenders. They monitor key behaviors such as process creation, thread activity, and registry modifications to detect and block malicious attacks in a timely manner,Last time we discussed process creation and thread notifications in ‘How Does Windows…

In the Windows security field, many developers and security researchers encounter a common issue: the programs they write (even test samples) get blocked by EDR (Endpoint Detection and Response) tools as soon as they launch. Behind this, EDR’s “sharp eyes” don’t come out of nowhere—they rely on a special privilege granted by the Windows system:…

In the field of Windows security offense and defense, Function Hooking is a core technology for EDR (Endpoint Detection and Response) to monitor process behavior and for attackers to bypass protections. To counter modern EDR interception, the first step is to master the operating mechanism of function hooking in user mode. Centered on the framework of “FUNCTION-HOOKING…

In penetration testing, XXL-Job vulnerabilities are often highlighted for their convenience in direct reverse shell attacks. However, real-world scenarios frequently involve “non-outbound networks” or “missing scheduler panels,” which pose greater challenges. This article breaks down the version detection, command execution, and multiple memory shell injection methods for the XXL-Job Executor default token vulnerability, using practical…

This article will start with the working principles of MCP, take the STDIO transmission mode as an example, and provide a comprehensive walkthrough of building a local MCP service, testing it, and integrating it with an LLM (using Cursor as an example), helping developers quickly master the practical application of the MCP protocol. We’ve already…

In the fast-paced world of AI development, building applications based on Large Language Models (LLMs) has become an industry focus. However, before the advent of MCP (Model Context Protocol), developers faced a host of tricky challenges when building LLM applications. These issues not only slowed down development efficiency but also limited the practical implementation of…

This article provides a comprehensive breakdown of the Kalman Filter algorithm, covering everything from its core concepts to practical applications, and serves as a complete reference for both engineering development and theoretical learning. It first clarifies the recursive nature of the Kalman Filter—centered on the “fusion of prediction and observation”—then analyzes its key advantages in…