<?xml version="1.0" encoding="utf-8" standalone="yes"?>
<rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom">
	<channel>
		<title>Web安全 on Neal&#39;s Blog</title>
		<link>https://madneal.com/categories/web%E5%AE%89%E5%85%A8/</link>
		<description>Recent content in Web安全 on Neal&#39;s Blog</description>
		<generator>Hugo</generator>
		<language>en</language>
		
		
		
		
			<lastBuildDate>Mon, 28 Mar 2022 00:00:00 +0000</lastBuildDate>
		
			<atom:link href="https://madneal.com/categories/web%E5%AE%89%E5%85%A8/index.xml" rel="self" type="application/rss+xml" />
			<item>
				<title>SAST 测试中要测量的三个参数</title>
				<link>https://madneal.com/post/sast/</link>
				<pubDate>Mon, 28 Mar 2022 00:00:00 +0000</pubDate>
				<guid>https://madneal.com/post/sast/</guid>
				<description>本文围绕《SAST 测试中要测量的三个参数》展开，重点梳理定量方面、准确性和完整性等内容，提炼背景、思路与实践注意点。</description>
			</item>
			<item>
				<title>hey,我能看到你的源码哎</title>
				<link>https://madneal.com/post/webpack/</link>
				<pubDate>Mon, 07 Mar 2022 00:00:00 +0000</pubDate>
				<guid>https://madneal.com/post/webpack/</guid>
				<description>本文围绕《hey,我能看到你的源码哎》梳理web安全、安全、安全开发和前端相关的背景、方法和实践细节，可作为排查与学习记录。</description>
			</item>
			<item>
				<title>XSS 漏洞知解 123</title>
				<link>https://madneal.com/post/%E5%8F%8D%E5%B0%84%E6%80%A7xss%E7%9F%A5%E8%A7%A3123/</link>
				<pubDate>Wed, 04 Mar 2020 00:00:00 +0000</pubDate>
				<guid>https://madneal.com/post/%E5%8F%8D%E5%B0%84%E6%80%A7xss%E7%9F%A5%E8%A7%A3123/</guid>
				<description>本文围绕《XSS 漏洞知解 123》展开，重点梳理典型利用场景、盗取 cookie和通过 XSS 来实现 CSRF等内容，提炼背景、思路与实践注意点。</description>
			</item>
			<item>
				<title>使用浏览器作为代理从公网攻击内网</title>
				<link>https://madneal.com/post/%E4%BD%BF%E7%94%A8%E6%B5%8F%E8%A7%88%E5%99%A8%E4%BD%9C%E4%B8%BA%E4%BB%A3%E7%90%86%E4%BB%8E%E5%85%AC%E7%BD%91%E6%94%BB%E5%87%BB%E5%86%85%E7%BD%91/</link>
				<pubDate>Mon, 15 Apr 2019 00:00:00 +0000</pubDate>
				<guid>https://madneal.com/post/%E4%BD%BF%E7%94%A8%E6%B5%8F%E8%A7%88%E5%99%A8%E4%BD%9C%E4%B8%BA%E4%BB%A3%E7%90%86%E4%BB%8E%E5%85%AC%E7%BD%91%E6%94%BB%E5%87%BB%E5%86%85%E7%BD%91/</guid>
				<description>本文围绕《使用浏览器作为代理从公网攻击内网》展开，重点梳理介绍、可疑行为：公网到局域网的连接和同源策略不会阻止本地攻击吗？等内容，提炼背景、思路与实践注意点。</description>
			</item>
	</channel>
</rss>
