Recently, I have been asked several times about what TLS is and how it works. Unfortunately, I failed to give them a detailed answers though I have learned that before. These days, I spent some time on reviewing it, and decidede to post it on my blog, hoping it will help you recall the knowledge […]

SQL Injection is a kind of vulnerability that allows attackers to insert some codes into original SQL statements to trigger some evil function, such as dumping the database or writing webshell. In this note, I will share some ideas about SQL injection. [……] Read more

This is a rough translation from one article on my old Chinese blog. The original one was written on Sept. 19th, 2017. Last weekend, when I was playing a CTF game, I got an interesting challenge about GraphQL. That was my first time to see GraphQL. At that time, I spent some time on Google, […]