In the early morning of December 4th, 2025, the global front-end developer community was rocked by an urgent security advisory—React officials confirmed a critical Remote Code Execution (RCE) vulnerability in React Server Components (RSC), tracked as CVE-2025-55182 (with Next.js-specific identifier CVE-2025-66478) and scoring a maximum CVSS 10.0. Following the 2021 Log4Shell vulnerability, this marks another…

In JS reverse engineering, the most time-consuming tasks are often locating where encrypted parameters are generated and tracking dynamic code execution. Whether it’s Authorization in request headers, Tokens in Cookies, or encrypted data transmitted via WebSocket, Hook technique is the “sharp tool” to solve these problems. This article compiles practical scripts for 6 high-frequency Hook…

A comprehensive guide to garbage code (anti-disassembly instructions) – core principles, 8 practical implementations with full code, IDA disassembly detection, and dynamic debugging removal tips for security researchers and reverse engineers. Introduction In the field of reverse engineering and software protection, garbage code is a “classic technique” to counter disassembly tools. By constructing special instruction…

Have you ever noticed the difference between “http://” and “https://” when typing a URL? What does the small lock icon next to the address bar signify when you make a payment on an e-commerce platform or log into a social media account? In internet communications, terms like HTTP, HTTPS, and SSL/TLS appear frequently—they are not…

As one of the most widely used JSON parsing libraries in the Java ecosystem, Fastjson is favored for its high performance. However, its deserialization vulnerabilities—especially CVE-2022-25845—have repeatedly led to large-scale security incidents. Attackers only need to construct malicious JSON strings to achieve Remote Code Execution (RCE) and take full control of servers. This article breaks…

This article systematically breaks down the complete implementation of Nginx TCP Layer 4 port proxy and mTLS mutual encryption authentication. It covers core technical principles (TLS/mTLS mechanisms), certificate generation (root CA/server/client workflows), Nginx configuration (Stream module, SSL parameter optimization), and function verification (valid/invalid connection testing) with practical commands. It helps DevOps engineers and developers quickly…

Blocking IPs dynamically in Nginx can effectively protect websites or applications from malicious requests, crawlers, or DDoS attacks. Compared to the traditional static method of modifying the configuration file and reloading Nginx, dynamic IP blocking can automatically identify and block malicious IPs in real-time, greatly enhancing security and operational efficiency. This article will elaborate on…

As a web developer, have you ever overlooked the Host header in HTTP requests? This seemingly ordinary field, once exploited by attackers, can lead to serious security issues such as password reset hijacking, cache poisoning, and even Server-Side Request Forgery (SSRF). This article will start from the vulnerability principle and share 3 battle-tested Nginx defense…

In the landscape of cybersecurity confrontation, Endpoint Detection and Response (EDR) tools remain a critical line of defense for defenders. They monitor key behaviors such as process creation, thread activity, and registry modifications to detect and block malicious attacks in a timely manner,Last time we discussed process creation and thread notifications in ‘How Does Windows…

In the Windows security field, many developers and security researchers encounter a common issue: the programs they write (even test samples) get blocked by EDR (Endpoint Detection and Response) tools as soon as they launch. Behind this, EDR’s “sharp eyes” don’t come out of nowhere—they rely on a special privilege granted by the Windows system:…