122 Matching Annotations
  1. Jan 2023
  2. Local file Local file
    Untitled document
    4
    1. wendell 03 Jan 2023
      revolutionary

      革命性

    2. wendell 03 Jan 2023
      performance degradation,

      性能下降

    3. wendell 03 Jan 2023
      legacy formats

      传统形式

    4. wendell 03 Jan 2023
      Executive Summary

      报告摘要

    Annotators

  3. Sep 2022
  4. sonraisecurity.com sonraisecurity.com
    The Evolution of Cloud Security Posture Management CSPM
    2
    1. wendell 14 Sep 2022
      Posture

      态势

    2. wendell 14 Sep 2022
      Evolution

      演变

    Visit annotations in context

    Annotators

    URL

    sonraisecurity.com/blog/the-evolution-of-cloud-security-posture-management/
  5. blog.lightspin.io blog.lightspin.io
    What is SOC2 Compliance?
    3
    1. wendell 14 Sep 2022
      demonstrate

      证明

    2. wendell 14 Sep 2022
      ongoing

      持续

    3. wendell 14 Sep 2022
      Compliance

      遵守

    Visit annotations in context

    Annotators

    URL

    blog.lightspin.io/what-is-soc2-compliance
  6. www.chrisfarris.com www.chrisfarris.com
    B-Sides Atlanta - IR In AWS
    7
    1. wendell 13 Sep 2022
      evasion

      逃避

    2. wendell 13 Sep 2022
      Inventory

      清单

    3. wendell 13 Sep 2022
      exfil

      绕过

    4. wendell 13 Sep 2022
      flaws

      缺陷

    5. wendell 13 Sep 2022
      dimensionally

      尺寸

    6. wendell 13 Sep 2022
      telemetry

      遥测

    7. wendell 13 Sep 2022
      panic

      惊恐

    Visit annotations in context

    Annotators

    URL

    chrisfarris.com/post/aws-ir/slides.pdf
  7. www.chrisfarris.com www.chrisfarris.com
    Incident Response in AWS - Chris Farris
    1
    1. wendell 13 Sep 2022
      a bunch of

      一堆

    Visit annotations in context

    Annotators

    URL

    chrisfarris.com/post/aws-ir/
  8. Aug 2022
  9. wiz.io wiz.io
    The cloud has an isolation problem: PostgreSQL vulnerabilities affect multiple cloud vendors | Wiz Blog
    9
    1. wendell 29 Aug 2022
      tenant isolation

      租户隔离

    2. wendell 29 Aug 2022
      remediation

      修复

    3. wendell 29 Aug 2022
      Given the success of our research

      鉴于我们研究的成果

    4. wendell 29 Aug 2022
      reveals

      揭露

    5. wendell 29 Aug 2022
      undisclosed

      未公开的

    6. wendell 29 Aug 2022
      cross-tenant vulnerabilities

      跨租户漏洞

    7. wendell 29 Aug 2022
      initial foothold

      初始立足点

    8. wendell 29 Aug 2022
      vendors

      供应商

    9. wendell 29 Aug 2022
      isolation

      隔离

    Visit annotations in context

    Annotators

    URL

    wiz.io/blog/the-cloud-has-an-isolation-problem-postgresql-vulnerabilities
  10. Feb 2022
  11. portswigger.net portswigger.net
    Top 10 web hacking techniques of 2021
    12
    1. wendell 21 Feb 2022
      it's all too easy to think you know it all already

      人们很容易认为自己已经知道了所有内容

    2. wendell 21 Feb 2022
      glibly

      流利的

    3. wendell 21 Feb 2022
      inconsistency

      不一致

    4. wendell 21 Feb 2022
      nominations

      提名

    5. wendell 21 Feb 2022
      dominated

      控制,占主导地位

    6. wendell 21 Feb 2022
      particular

      特别的

    7. wendell 21 Feb 2022
      countdown

      倒数

      card
    8. wendell 21 Feb 2022
      frankly exceptional

      坦率的,非同寻常的出类拔萃

    9. wendell 21 Feb 2022
      they're affiliated with.

      他们有关联的

    10. wendell 21 Feb 2022
      panellists

      小组成员

    11. wendell 21 Feb 2022
      nominated

      提名

      card
    12. wendell 21 Feb 2022
      Since kicking off the selection process in January,

      自从1月开始选择

      card
    Visit annotations in context

    Tags

    Annotators

    URL

    portswigger.net/research/top-10-web-hacking-techniques-of-2021
  12. securitylab.github.com securitylab.github.com
    GHSL-2021-034_043: Multiple pre-auth RCEs in Apache Dubbo - CVE-2021-25641, CVE-2021-30179, CVE-2021-30180, CVE-2021-30181, CVE-2021-32824
    15
    1. wendell 05 Feb 2022
      craft

      制作

    2. wendell 05 Feb 2022
      Prevent

      阻止

    3. wendell 05 Feb 2022
      nested objects

      嵌套对象

    4. wendell 05 Feb 2022
      In addition to

      除了..之外

      card
    5. wendell 05 Feb 2022
      hey are transitively imported by other dependencies.

      他们被其他依赖传递的导入

    6. wendell 05 Feb 2022
      get around

      绕过

    7. wendell 05 Feb 2022
      opt-in

      选择性加入

      card
    8. wendell 05 Feb 2022
      addressed

      解决

      card
    9. wendell 05 Feb 2022
      mitigations

      减轻,缓和

      Card card
    10. wendell 05 Feb 2022
      compromise and run arbitrary system commands

      妥协并执行系统命令

    11. wendell 05 Feb 2022
      Multiple

      多个

      card
    12. wendell 05 Feb 2022
      are not applicable to the vector reported.

      对报道的向量不适用

      card
    13. wendell 05 Feb 2022
      has a mechanism to control

      有一个机制控制

    14. wendell 05 Feb 2022
      claims

      声称

      card
    15. wendell 05 Feb 2022
      Some issues were addressed

      一些问题被解决

      card
    Visit annotations in context

    Tags

    Annotators

    URL

    securitylab.github.com/advisories/GHSL-2021-034_043-apache-dubbo/
  13. dubbo.apache.org dubbo.apache.org
    Generic Reference
    1
    1. wendell 05 Feb 2022
      POJOs

      对象

    Visit annotations in context

    Annotators

    URL

    dubbo.apache.org/en/docs/v2.7/user/examples/generic-reference/
  14. checkmarx.com checkmarx.com
    The 0xDABB of Doom: CVE-2021-25641
    1
    1. wendell 04 Feb 2022
      it was mitigated by the vendor.

      供应商缓解了这个问题

    Visit annotations in context

    Annotators

    URL

    checkmarx.com/blog/the-0xdabb-of-doom-cve-2021-25641/
  15. Jan 2022
  16. jolokia.org jolokia.org
    Chapter 1. Introduction
    14
    1. wendell 23 Jan 2022
      A fine grained security mechanism

      一个细粒度的安全机制

      card
    2. wendell 23 Jan 2022
      Bulk requests allow for multiple JMX operations with a single remote server roundtrip

      批量请求允许在一个单独的请求中,使用多个JMX操作,

      card
    3. wendell 23 Jan 2022
      This opens a whole new world for different

      这打开了一个全新的世界

      card
    4. wendell 23 Jan 2022
      but uses the much more open HTTP for its transport business where the data payload is serialized in JSON.

      但是对外传输业务使用更开放的HTTP, 数据载荷使用反序列化的JSON

      card
    5. wendell 23 Jan 2022
      side by side

      肩并肩 living side by side with JSR-160

      card
    6. wendell 23 Jan 2022
      It is an agent based approach

      这是一个基于代理的方法

      card
    7. wendell 23 Jan 2022
      not usable outside the Java world.

      在java世界之外不可用

      card
    8. wendell 23 Jan 2022
      underlying

      基本

    9. wendell 23 Jan 2022
      Add-on standards like JSR-77 didn't received the adoption level they deserved

      像JSR-77这样的附加标准,并没有得到应有的采用级别

      card
    10. wendell 23 Jan 2022
      Especially the various levels of sophistications for implementing MBeans

      特别是实现mbeans的各种复杂程度

      card
    11. wendell 23 Jan 2022
      impressive

      Especially the various levels of sophistications for implementing MBeans, starting with dead simple Standard MBeans and ending in very flexible Open MBeans and MXBeans, are impressive. 令人影响深刻

      card
    12. wendell 23 Jan 2022
      Even more than ten years after its incubation

      在他孵化十年后

      card
    13. wendell 23 Jan 2022
      crafted specification

      I love JMX. It is a well crafted specification, #card

      • 设计精心的规范
      card 翻译
    14. wendell 23 Jan 2022
      failed spectacularly

      壮观的失败

      card 翻译
    Visit annotations in context

    Tags

    Annotators

    URL

    jolokia.org/reference/html/introduction.html
  17. www.ietf.org www.ietf.org
    rfc2396
    4
    1. wendell 17 Jan 2022
      unlimited

      无限的

    2. wendell 17 Jan 2022
      specifies

      指定,具体说明

    3. wendell 17 Jan 2022
      an Internet standards track protocol

      一个因特网标准协议

    4. wendell 17 Jan 2022
      Memo

      备忘录

    Visit annotations in context

    Annotators

    URL

    ietf.org/rfc/rfc2396.txt
  18. Local file Local file
    Untitled document
    28
    1. wendell 17 Jan 2022
      combination

      组合

    2. wendell 17 Jan 2022
      Prior to that

      在那之前

    3. wendell 17 Jan 2022
      period

      句号

    4. wendell 17 Jan 2022
      available

      可获得的

    5. wendell 17 Jan 2022
      backward compatibility

      后向兼容

    6. wendell 17 Jan 2022
      inconsistencies

      不一致

    7. wendell 17 Jan 2022
      complicated

      复杂的,难懂的

    8. wendell 17 Jan 2022
      FINDINGS

      调查结果

    9. wendell 17 Jan 2022

      这个PDF, 介绍了两种常见情况, 导致解析漏洞

      1. 使用了多个不同的URL解析器
      2. 实现标准之之间的冲突 然后举了log4j的例子
      项目\URL安全性研究
    10. wendell 17 Jan 2022
      As it turns out,

      结果是

    11. wendell 17 Jan 2022
      irregular

      不规律的

    12. wendell 17 Jan 2022
      remedy

      改正

    13. wendell 17 Jan 2022
      countermeasures

      对抗措施

    14. wendell 17 Jan 2022
      originates

      起源, 缘起

    15. wendell 17 Jan 2022
      gist

      要点, 大意

    16. wendell 17 Jan 2022
      evaluated

      对…作评价;【数】求…的值

    17. wendell 17 Jan 2022
      affected

      影响, 加载

    18. wendell 17 Jan 2022
      primitives

      原语

    19. wendell 17 Jan 2022
      innovative research.

      创新性的研究

    20. wendell 17 Jan 2022
      Specification

      标准

    21. wendell 17 Jan 2022
      Incompatibility

      不相容

    22. wendell 17 Jan 2022
      Multiple

      多重.多个

    23. wendell 17 Jan 2022
      largely occurred

      大部分发生, 基本上

    24. wendell 17 Jan 2022
      inconsistencies

      不一致,矛盾

    25. wendell 17 Jan 2022
      joint research

      联合研究

      翻译
    26. wendell 17 Jan 2022
      it is plausible

      这是合理的

    27. wendell 17 Jan 2022
      accurately

      精确的

    28. wendell 17 Jan 2022
      integral

      不可缺少

      翻译

    Tags

    Annotators

  19. github.com github.com
    docs/URL-interop.md at master · bagder/docs
    19
    1. wendell 17 Jan 2022
      (I've heard there are problems here.)

      我听说这里有问题

    2. wendell 17 Jan 2022
      German

      德国

    3. wendell 17 Jan 2022
      lacking

      不足

    4. wendell 17 Jan 2022
      specifications

      规范

    5. wendell 17 Jan 2022
      presume

      假设

      翻译
    6. wendell 17 Jan 2022
      a decimal number

      十进制数

    7. wendell 17 Jan 2022
      partial dot-addresses ("127.0")

      部分点地址

      翻译
    8. wendell 17 Jan 2022
      accept backslashes instead of slashes

      接受反斜线替代斜线

      翻译
    9. wendell 17 Jan 2022
      possibly a few using even more.

      或者部分人使用的更多

    10. wendell 17 Jan 2022
      'file' URLs are notoriously often malformed.

      file协议声名狼藉的畸形

    11. wendell 17 Jan 2022
      producer

      生成器

    12. wendell 17 Jan 2022
      zero to an infinite amount of slashes

      0到无穷大数量的斜杠

    13. wendell 17 Jan 2022
      hierarchical

      分层, 使用所有网络使用的分层方案

    14. wendell 17 Jan 2022
      Put simply,

      简单的说

      4
    15. wendell 17 Jan 2022
      chances are

      有可能, 后面接一个宾语从句

      4
    16. wendell 17 Jan 2022
      best-effort

      尽力而为

    17. wendell 17 Jan 2022
      Specification

      规范

    18. wendell 17 Jan 2022
      WHATWG

      超文本应用技术工作组

    19. wendell 17 Jan 2022
      Interop

      URl相互操作, 冲突

    Visit annotations in context

    Tags

    Annotators

    URL

    github.com/bagder/docs/blob/master/URL-interop.md
  20. hypothes.is hypothes.is
    Hypothesis
    2
    1. wendell 16 Jan 2022

      这个是这个页面的note

      #222 #11 a
    2. wendell 16 Jan 2022
      d running. It's time to start annotating some documents.

      这个是一个测试评论

    Visit annotations in context

    Tags

    Annotators

    URL

    hypothes.is/welcome/0d9a2d938c6413ba