<?xml version="1.0" encoding="UTF-8"?>
<rss xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:atom="http://www.w3.org/2005/Atom" xmlns:media="http://search.yahoo.com/mrss/" version="2.0"><channel><title>网络攻防研究</title><link>https://tencent.hb.cn</link><atom:link href="https://tencent.hb.cn/rss.xml" rel="self" type="application/rss+xml"/><description>雨落秋垣</description><generator>Halo v2.25.4</generator><language>zh-cn</language><image><url>https://tencent.hb.cn/upload/favicon.png</url><title>网络攻防研究</title><link>https://tencent.hb.cn</link></image><lastBuildDate>Sun, 5 Jul 2026 13:15:27 GMT</lastBuildDate><item><title><![CDATA[构建Java侵入式实时监控与动态拦截系统：从应用层到网络层的纵深防御]]></title><link>https://tencent.hb.cn/archives/gou-jian-javaqin-ru-shi-shi-shi-jian-kong-yu-dong-tai-lan-jie-xi-tong-cong-ying-yong-ceng-dao-wang-luo-ceng-de-zong-shen-fang-yu</link><description><![CDATA[<img src="https://tencent.hb.cn/plugins/feed/assets/telemetry.gif?title=%E6%9E%84%E5%BB%BAJava%E4%BE%B5%E5%85%A5%E5%BC%8F%E5%AE%9E%E6%97%B6%E7%9B%91%E6%8E%A7%E4%B8%8E%E5%8A%A8%E6%80%81%E6%8B%A6%E6%88%AA%E7%B3%BB%E7%BB%9F%EF%BC%9A%E4%BB%8E%E5%BA%94%E7%94%A8%E5%B1%82%E5%88%B0%E7%BD%91%E7%BB%9C%E5%B1%82%E7%9A%84%E7%BA%B5%E6%B7%B1%E9%98%B2%E5%BE%A1&amp;url=/archives/gou-jian-javaqin-ru-shi-shi-shi-jian-kong-yu-dong-tai-lan-jie-xi-tong-cong-ying-yong-ceng-dao-wang-luo-ceng-de-zong-shen-fang-yu" width="1" height="1" alt="" style="opacity:0;">一、技术背景与需求概述 在2024-2026年的技术背景下，Java应用面临的安全环境日益复杂且充满挑战。网络攻击已从早期的单点、简单漏洞利用，演变为体系化、自动化的持续威胁。SQL注入与XSS（跨站脚本）攻击依然是Web应用最高频、最危险的威胁之一，同时，端口扫描、异常连接等网络层侦察与入侵行为，]]></description><guid isPermaLink="false">/archives/gou-jian-javaqin-ru-shi-shi-shi-jian-kong-yu-dong-tai-lan-jie-xi-tong-cong-ying-yong-ceng-dao-wang-luo-ceng-de-zong-shen-fang-yu</guid><dc:creator>雨落秋垣</dc:creator><enclosure url="https://tencent.hb.cn/apis/api.storage.halo.run/v1alpha1/thumbnails/-/via-uri?uri=%2Fupload%2Fu%3D631926634%2C27992308%26fm%3D253%26app%3D138%26f%3DJPEG.webp&amp;size=m" type="image/jpeg" length="0"/><category>应用安全</category><pubDate>Wed, 24 Jun 2026 13:19:58 GMT</pubDate></item><item><title><![CDATA[网络攻防纪元：AI驱动攻击的全面爆发与智能防御体系重构]]></title><link>https://tencent.hb.cn/archives/wang-luo-gong-fang-ji-yuan-aiqu-dong-gong-ji-de-quan-mian-bao-fa-yu-zhi-neng-fang-yu-ti-xi-chong-gou</link><description><![CDATA[<img src="https://tencent.hb.cn/plugins/feed/assets/telemetry.gif?title=%E7%BD%91%E7%BB%9C%E6%94%BB%E9%98%B2%E7%BA%AA%E5%85%83%EF%BC%9AAI%E9%A9%B1%E5%8A%A8%E6%94%BB%E5%87%BB%E7%9A%84%E5%85%A8%E9%9D%A2%E7%88%86%E5%8F%91%E4%B8%8E%E6%99%BA%E8%83%BD%E9%98%B2%E5%BE%A1%E4%BD%93%E7%B3%BB%E9%87%8D%E6%9E%84&amp;url=/archives/wang-luo-gong-fang-ji-yuan-aiqu-dong-gong-ji-de-quan-mian-bao-fa-yu-zhi-neng-fang-yu-ti-xi-chong-gou" width="1" height="1" alt="" style="opacity:0;">2026年，网络安全领域正在经历一场前所未有的范式革命。过去的网络攻防是“人与人”的博弈，而今天，随着人工智能深度嵌入攻击生命周期，攻防天平正在发生严重倾斜。2026年前五个月的真实事件表明，AI已经从攻击者的“辅助工具”进化为“攻击大脑”，网络攻击正式跨入“工业化”与“自主化”时代。 一、 攻防失]]></description><guid isPermaLink="false">/archives/wang-luo-gong-fang-ji-yuan-aiqu-dong-gong-ji-de-quan-mian-bao-fa-yu-zhi-neng-fang-yu-ti-xi-chong-gou</guid><dc:creator>雨落秋垣</dc:creator><enclosure url="https://tencent.hb.cn/apis/api.storage.halo.run/v1alpha1/thumbnails/-/via-uri?uri=%2Fupload%2Fdb84d18aed479645c833f4079efadf97.webp&amp;size=m" type="image/jpeg" length="0"/><category>基础设施安全</category><pubDate>Thu, 28 May 2026 12:24:00 GMT</pubDate></item><item><title><![CDATA[Strict WAF - 严格的 Java Web 应用防火墙]]></title><link>https://tencent.hb.cn/archives/strict-waf---yan-ge-de-java-web-ying-yong-fang-huo-qiang</link><description><![CDATA[<img src="https://tencent.hb.cn/plugins/feed/assets/telemetry.gif?title=Strict%20WAF%20-%20%E4%B8%A5%E6%A0%BC%E7%9A%84%20Java%20Web%20%E5%BA%94%E7%94%A8%E9%98%B2%E7%81%AB%E5%A2%99&amp;url=/archives/strict-waf---yan-ge-de-java-web-ying-yong-fang-huo-qiang" width="1" height="1" alt="" style="opacity:0;">📋 项目概述 这是一个完整的、基于严格模式的 Java Web 应用防火墙（WAF）策略代码。它提供了多层安全防护，能够有效防御常见的 Web 攻击。 📁 文件清单 WAF/ ├── StrictWAF.java # 核心 WAF 引擎（500+ 行） ├── WAFConfig.j]]></description><guid isPermaLink="false">/archives/strict-waf---yan-ge-de-java-web-ying-yong-fang-huo-qiang</guid><dc:creator>雨落秋垣</dc:creator><enclosure url="https://tencent.hb.cn/apis/api.storage.halo.run/v1alpha1/thumbnails/-/via-uri?uri=%2Fupload%2Fe27992f2c4547b53c019c00e0e67f098.webp&amp;size=m" type="image/jpeg" length="0"/><category>数据安全</category><pubDate>Tue, 7 Apr 2026 14:53:12 GMT</pubDate></item><item><title><![CDATA[中国联通大数据计费与业务分析综合存储过程]]></title><link>https://tencent.hb.cn/archives/zhong-guo-lian-tong-da-shu-ju-ji-fei-yu-ye-wu-fen-xi-zong-he-cun-chu-guo-cheng</link><description><![CDATA[<img src="https://tencent.hb.cn/plugins/feed/assets/telemetry.gif?title=%E4%B8%AD%E5%9B%BD%E8%81%94%E9%80%9A%E5%A4%A7%E6%95%B0%E6%8D%AE%E8%AE%A1%E8%B4%B9%E4%B8%8E%E4%B8%9A%E5%8A%A1%E5%88%86%E6%9E%90%E7%BB%BC%E5%90%88%E5%AD%98%E5%82%A8%E8%BF%87%E7%A8%8B&amp;url=/archives/zhong-guo-lian-tong-da-shu-ju-ji-fei-yu-ye-wu-fen-xi-zong-he-cun-chu-guo-cheng" width="1" height="1" alt="" style="opacity:0;">一、存储过程总体架构与设计思想 本存储过程命名为 sp_unicom_bigdata_processing，旨在处理中国联通海量的用户上网记录、通话详单和业务数据，实现透明计费、用户行为分析、实时查询支持等关键业务功能。设计借鉴了联通在大数据平台建设中的实践经验，特别是其基于Hadoop构建的分布式]]></description><guid isPermaLink="false">/archives/zhong-guo-lian-tong-da-shu-ju-ji-fei-yu-ye-wu-fen-xi-zong-he-cun-chu-guo-cheng</guid><dc:creator>雨落秋垣</dc:creator><enclosure url="https://tencent.hb.cn/apis/api.storage.halo.run/v1alpha1/thumbnails/-/via-uri?uri=%2Fupload%2F5a112c6e95750f5131febe2e826306bf.webp&amp;size=m" type="image/jpeg" length="0"/><category>数据安全</category><pubDate>Tue, 3 Mar 2026 16:05:44 GMT</pubDate></item><item><title><![CDATA[中国联通业务场景下的MySQL复杂存储过程设计与实现]]></title><link>https://tencent.hb.cn/archives/zhong-guo-lian-tong-ye-wu-chang-jing-xia-de-mysqlfu-za-cun-chu-guo-cheng-she-ji-yu-shi-xian</link><description><![CDATA[<img src="https://tencent.hb.cn/plugins/feed/assets/telemetry.gif?title=%E4%B8%AD%E5%9B%BD%E8%81%94%E9%80%9A%E4%B8%9A%E5%8A%A1%E5%9C%BA%E6%99%AF%E4%B8%8B%E7%9A%84MySQL%E5%A4%8D%E6%9D%82%E5%AD%98%E5%82%A8%E8%BF%87%E7%A8%8B%E8%AE%BE%E8%AE%A1%E4%B8%8E%E5%AE%9E%E7%8E%B0&amp;url=/archives/zhong-guo-lian-tong-ye-wu-chang-jing-xia-de-mysqlfu-za-cun-chu-guo-cheng-she-ji-yu-shi-xian" width="1" height="1" alt="" style="opacity:0;">一、存储过程概述与业务背景 MySQL存储过程是一组为了完成特定功能而预先编译并存储在数据库中的SQL语句集，它可以通过指定的名称被调用执行。在中国联通这样的大型电信运营商业务系统中，存储过程因其性能优化、代码复用和安全控制的优势而被广泛应用。特别是在处理用户账单生成、套餐变更、资源分配、数据批量迁]]></description><guid isPermaLink="false">/archives/zhong-guo-lian-tong-ye-wu-chang-jing-xia-de-mysqlfu-za-cun-chu-guo-cheng-she-ji-yu-shi-xian</guid><dc:creator>雨落秋垣</dc:creator><enclosure url="https://tencent.hb.cn/apis/api.storage.halo.run/v1alpha1/thumbnails/-/via-uri?uri=%2Fupload%2Ffd0dbf8ef580a95e339385076eb63c7c.webp&amp;size=m" type="image/jpeg" length="0"/><category>数据安全</category><pubDate>Fri, 27 Feb 2026 15:44:00 GMT</pubDate></item><item><title><![CDATA[gRPC 协议的简单介绍以及应用]]></title><link>https://tencent.hb.cn/archives/grpc-xie-yi-de-jian-dan-jie-shao-yi-ji-ying-yong</link><description><![CDATA[<img src="https://tencent.hb.cn/plugins/feed/assets/telemetry.gif?title=gRPC%20%E5%8D%8F%E8%AE%AE%E7%9A%84%E7%AE%80%E5%8D%95%E4%BB%8B%E7%BB%8D%E4%BB%A5%E5%8F%8A%E5%BA%94%E7%94%A8&amp;url=/archives/grpc-xie-yi-de-jian-dan-jie-shao-yi-ji-ying-yong" width="1" height="1" alt="" style="opacity:0;">gRPC（Google Remote Procedure Call）是一个现代、开源、高性能的远程过程调用（RPC）框架，由Google开发并基于其内部Stubby系统演化而来。它旨在高效地连接数据中心内和跨数据中心的服务，支持负载均衡、跟踪、健康检查和身份验证，并适用于微服务、移动应用、浏览器与后]]></description><guid isPermaLink="false">/archives/grpc-xie-yi-de-jian-dan-jie-shao-yi-ji-ying-yong</guid><dc:creator>雨落秋垣</dc:creator><enclosure url="https://tencent.hb.cn/apis/api.storage.halo.run/v1alpha1/thumbnails/-/via-uri?uri=%2Fupload%2F5d0f4960536c42f37f393d47f9d794a2-fzMI.webp&amp;size=m" type="image/jpeg" length="0"/><category>数据安全</category><pubDate>Thu, 19 Feb 2026 13:00:16 GMT</pubDate></item><item><title><![CDATA[HTTP 重定向到 HTTPS 的状态码选择]]></title><link>https://tencent.hb.cn/archives/http-chong-ding-xiang-dao-https-de-zhuang-tai-ma-xuan-ze</link><description><![CDATA[<img src="https://tencent.hb.cn/plugins/feed/assets/telemetry.gif?title=HTTP%20%E9%87%8D%E5%AE%9A%E5%90%91%E5%88%B0%20HTTPS%20%E7%9A%84%E7%8A%B6%E6%80%81%E7%A0%81%E9%80%89%E6%8B%A9&amp;url=/archives/http-chong-ding-xiang-dao-https-de-zhuang-tai-ma-xuan-ze" width="1" height="1" alt="" style="opacity:0;">在将HTTP请求重定向到HTTPS时，选择正确的状态码至关重要，这直接关系到请求方法（如POST）是否会改变、SEO权重是否传递以及用户体验。综合来看，对于常规的网站访问（主要是GET请求），使用301永久重定向是标准且推荐的做法；但对于涉及POST等非GET请求的API或表单提交，必须使用307（]]></description><guid isPermaLink="false">/archives/http-chong-ding-xiang-dao-https-de-zhuang-tai-ma-xuan-ze</guid><dc:creator>雨落秋垣</dc:creator><enclosure url="https://tencent.hb.cn/apis/api.storage.halo.run/v1alpha1/thumbnails/-/via-uri?uri=%2Fupload%2F7b50f5d1027cbb4edd1a6af74c7179ac.webp&amp;size=m" type="image/jpeg" length="0"/><category>密码学与加密技术</category><pubDate>Thu, 12 Feb 2026 12:41:35 GMT</pubDate></item><item><title><![CDATA[基于地理位置的智能代理分流：B→C→B重试机制与OpenResty实现全解析]]></title><link>https://tencent.hb.cn/archives/ji-yu-di-li-wei-zhi-de-zhi-neng-dai-li-fen-liu-b-c-bchong-shi-ji-zhi-yu-openrestyshi-xian-quan-jie-xi</link><description><![CDATA[<img src="https://tencent.hb.cn/plugins/feed/assets/telemetry.gif?title=%E5%9F%BA%E4%BA%8E%E5%9C%B0%E7%90%86%E4%BD%8D%E7%BD%AE%E7%9A%84%E6%99%BA%E8%83%BD%E4%BB%A3%E7%90%86%E5%88%86%E6%B5%81%EF%BC%9AB%E2%86%92C%E2%86%92B%E9%87%8D%E8%AF%95%E6%9C%BA%E5%88%B6%E4%B8%8EOpenResty%E5%AE%9E%E7%8E%B0%E5%85%A8%E8%A7%A3%E6%9E%90&amp;url=/archives/ji-yu-di-li-wei-zhi-de-zhi-neng-dai-li-fen-liu-b-c-bchong-shi-ji-zhi-yu-openrestyshi-xian-quan-jie-xi" width="1" height="1" alt="" style="opacity:0;">一、整体架构与需求回顾 💎 核心目标与原始需求 您需要构建一个智能反向代理网关，其核心目标是根据最终访问的目标网站的地理位置，动态且智能地选择不同的代理出口IP，以优化网络访问速度，同时规避某些区域的网络限制或访问特定内容。 具体而言，您拥有三台服务器： A服务器（北京IP）：作为统一的]]></description><guid isPermaLink="false">/archives/ji-yu-di-li-wei-zhi-de-zhi-neng-dai-li-fen-liu-b-c-bchong-shi-ji-zhi-yu-openrestyshi-xian-quan-jie-xi</guid><dc:creator>雨落秋垣</dc:creator><enclosure url="https://tencent.hb.cn/apis/api.storage.halo.run/v1alpha1/thumbnails/-/via-uri?uri=%2Fupload%2Fbe2810ca559bfed8d1182a0b41142082-rsUC.webp&amp;size=m" type="image/jpeg" length="0"/><category>应用安全</category><pubDate>Tue, 3 Feb 2026 15:05:53 GMT</pubDate></item><item><title><![CDATA[简单的在宝塔面板的Docker环境中为网站同时启用IPv6支持]]></title><link>https://tencent.hb.cn/archives/jian-dan-de-zai-bao-ta-mian-ban-de-dockerhuan-jing-zhong-wei-wang-zhan-tong-shi-qi-yong-ipv6zhi-chi</link><description><![CDATA[<img src="https://tencent.hb.cn/plugins/feed/assets/telemetry.gif?title=%E7%AE%80%E5%8D%95%E7%9A%84%E5%9C%A8%E5%AE%9D%E5%A1%94%E9%9D%A2%E6%9D%BF%E7%9A%84Docker%E7%8E%AF%E5%A2%83%E4%B8%AD%E4%B8%BA%E7%BD%91%E7%AB%99%E5%90%8C%E6%97%B6%E5%90%AF%E7%94%A8IPv6%E6%94%AF%E6%8C%81&amp;url=/archives/jian-dan-de-zai-bao-ta-mian-ban-de-dockerhuan-jing-zhong-wei-wang-zhan-tong-shi-qi-yong-ipv6zhi-chi" width="1" height="1" alt="" style="opacity:0;">一、前提条件：确保服务器已配置IPv6 在配置Docker之前，必须确保宿主机（即你的服务器）已正确配置并启用了IPv6。如果你的云服务商提供了IPv6地址，但尚未配置，可以参考以下方法： 手动配置网络接口：编辑网卡配置文件（如 /etc/sysconfig/network-scripts/ifcf]]></description><guid isPermaLink="false">/archives/jian-dan-de-zai-bao-ta-mian-ban-de-dockerhuan-jing-zhong-wei-wang-zhan-tong-shi-qi-yong-ipv6zhi-chi</guid><dc:creator>雨落秋垣</dc:creator><enclosure url="https://tencent.hb.cn/apis/api.storage.halo.run/v1alpha1/thumbnails/-/via-uri?uri=%2Fupload%2F909yu5789.webp&amp;size=m" type="image/jpeg" length="0"/><category>应用安全</category><pubDate>Sat, 17 Jan 2026 16:12:01 GMT</pubDate></item><item><title><![CDATA[基于Spring Boot与WebSocket的混合云网络实时流量监控架构与实践]]></title><link>https://tencent.hb.cn/archives/ji-yu-spring-bootyu-websocketde-hun-he-yun-wang-luo-shi-shi-liu-liang-jian-kong-jia-gou-yu-shi-jian</link><description><![CDATA[<img src="https://tencent.hb.cn/plugins/feed/assets/telemetry.gif?title=%E5%9F%BA%E4%BA%8ESpring%20Boot%E4%B8%8EWebSocket%E7%9A%84%E6%B7%B7%E5%90%88%E4%BA%91%E7%BD%91%E7%BB%9C%E5%AE%9E%E6%97%B6%E6%B5%81%E9%87%8F%E7%9B%91%E6%8E%A7%E6%9E%B6%E6%9E%84%E4%B8%8E%E5%AE%9E%E8%B7%B5&amp;url=/archives/ji-yu-spring-bootyu-websocketde-hun-he-yun-wang-luo-shi-shi-liu-liang-jian-kong-jia-gou-yu-shi-jian" width="1" height="1" alt="" style="opacity:0;">一、混合云网络监控整体架构设计 构建一个适应混合云环境的网络监控系统，其架构设计的核心目标是打破数据孤岛、实现统一的可观测性，并应对环境的动态性与异构性挑战。基于Java Spring Boot技术栈，一个典型的分层解耦、分布式协同的整体架构如下所示。]]></description><guid isPermaLink="false">/archives/ji-yu-spring-bootyu-websocketde-hun-he-yun-wang-luo-shi-shi-liu-liang-jian-kong-jia-gou-yu-shi-jian</guid><dc:creator>雨落秋垣</dc:creator><enclosure url="https://tencent.hb.cn/apis/api.storage.halo.run/v1alpha1/thumbnails/-/via-uri?uri=%2Fupload%2F%25E5%25BE%25AE%25E4%25BF%25A1%25E5%259B%25BE%25E7%2589%2587_20260116183019_8_496-eyHd.webp&amp;size=m" type="image/jpeg" length="0"/><category>数据安全</category><pubDate>Fri, 16 Jan 2026 16:22:55 GMT</pubDate></item><item><title><![CDATA[网安技术（渗透）测试人员必读规则心法]]></title><link>https://tencent.hb.cn/archives/wang-an-ji-shu-shen-tou-ce-shi-ren-yuan-bi-du-gui-ze-xin-fa</link><description><![CDATA[<img src="https://tencent.hb.cn/plugins/feed/assets/telemetry.gif?title=%E7%BD%91%E5%AE%89%E6%8A%80%E6%9C%AF%EF%BC%88%E6%B8%97%E9%80%8F%EF%BC%89%E6%B5%8B%E8%AF%95%E4%BA%BA%E5%91%98%E5%BF%85%E8%AF%BB%E8%A7%84%E5%88%99%E5%BF%83%E6%B3%95&amp;url=/archives/wang-an-ji-shu-shen-tou-ce-shi-ren-yuan-bi-du-gui-ze-xin-fa" width="1" height="1" alt="" style="opacity:0;">网安渗透人必看：技术再牛，不懂这些规则迟早栽跟头 “一位刚入行的朋友，还没拿到任何明确授权，就带着技术探索的兴奋对系统做渗透测试，这份兴奋却让我脊背发凉。” 这句话戳中了无数网安老兵的痛点，也道尽了渗透测试行业最核心的生存逻]]></description><guid isPermaLink="false">/archives/wang-an-ji-shu-shen-tou-ce-shi-ren-yuan-bi-du-gui-ze-xin-fa</guid><dc:creator>雨落秋垣</dc:creator><enclosure url="https://tencent.hb.cn/apis/api.storage.halo.run/v1alpha1/thumbnails/-/via-uri?uri=%2Fupload%2Fd65d65ea38cc6fd51c8a454f79138e4e-JdeO.webp&amp;size=m" type="image/jpeg" length="0"/><category>基础设施安全</category><pubDate>Wed, 14 Jan 2026 15:21:30 GMT</pubDate></item><item><title><![CDATA[图片Base64编码存储与前端展示全流程技术]]></title><link>https://tencent.hb.cn/archives/tu-pian-base64bian-ma-cun-chu-yu-qian-duan-zhan-shi-quan-liu-cheng-ji-shu</link><description><![CDATA[<img src="https://tencent.hb.cn/plugins/feed/assets/telemetry.gif?title=%E5%9B%BE%E7%89%87Base64%E7%BC%96%E7%A0%81%E5%AD%98%E5%82%A8%E4%B8%8E%E5%89%8D%E7%AB%AF%E5%B1%95%E7%A4%BA%E5%85%A8%E6%B5%81%E7%A8%8B%E6%8A%80%E6%9C%AF&amp;url=/archives/tu-pian-base64bian-ma-cun-chu-yu-qian-duan-zhan-shi-quan-liu-cheng-ji-shu" width="1" height="1" alt="" style="opacity:0;">在Web开发中，将图片转换为Base64编码并存入数据库，然后在前端请求时输出并转换为可显示的图片，是一种常见的技术方案。这种方法特别适用于小尺寸图片（如头像、图标等），能够减少HTTP请求次数，简化数据管理流程。然而，对于大型图片文件，这种方法可能会影响性能，因为Base64编码会增加约33%的文]]></description><guid isPermaLink="false">/archives/tu-pian-base64bian-ma-cun-chu-yu-qian-duan-zhan-shi-quan-liu-cheng-ji-shu</guid><dc:creator>雨落秋垣</dc:creator><enclosure url="https://tencent.hb.cn/apis/api.storage.halo.run/v1alpha1/thumbnails/-/via-uri?uri=%2Fupload%2F44c56ef8759fb3b25a52f79021ec6105.webp&amp;size=m" type="image/jpeg" length="0"/><category>数据安全</category><pubDate>Tue, 13 Jan 2026 14:18:23 GMT</pubDate></item><item><title><![CDATA[简单的Android APK加壳方案]]></title><link>https://tencent.hb.cn/archives/jian-dan-de-android-apkjia-ke-fang-an</link><description><![CDATA[<img src="https://tencent.hb.cn/plugins/feed/assets/telemetry.gif?title=%E7%AE%80%E5%8D%95%E7%9A%84Android%20APK%E5%8A%A0%E5%A3%B3%E6%96%B9%E6%A1%88&amp;url=/archives/jian-dan-de-android-apkjia-ke-fang-an" width="1" height="1" alt="" style="opacity:0;">Android APK加壳是一种通过动态加载、代码加密和替换关键组件来保护应用核心代码的技术。其核心思想是在原始APK外部包裹一层“壳”程序，壳程序优先运行，负责解密、加载原始代码，并替换系统关键组件（如Application），从而增加逆向分析的难度。以下将详细阐述加壳的技术方案、关键步骤，并提供]]></description><guid isPermaLink="false">/archives/jian-dan-de-android-apkjia-ke-fang-an</guid><dc:creator>雨落秋垣</dc:creator><enclosure url="https://tencent.hb.cn/apis/api.storage.halo.run/v1alpha1/thumbnails/-/via-uri?uri=%2Fupload%2F487cab55b3b80ae044ab019b1a7a6257.webp&amp;size=m" type="image/jpeg" length="0"/><category>应用安全</category><pubDate>Tue, 13 Jan 2026 14:12:17 GMT</pubDate></item><item><title><![CDATA[APK程序中TCP与HTTPS连接的数据加密安全实践]]></title><link>https://tencent.hb.cn/archives/apkcheng-xu-zhong-tcpyu-httpslian-jie-de-shu-ju-jia-mi-an-quan-shi-jian</link><description><![CDATA[<img src="https://tencent.hb.cn/plugins/feed/assets/telemetry.gif?title=APK%E7%A8%8B%E5%BA%8F%E4%B8%ADTCP%E4%B8%8EHTTPS%E8%BF%9E%E6%8E%A5%E7%9A%84%E6%95%B0%E6%8D%AE%E5%8A%A0%E5%AF%86%E5%AE%89%E5%85%A8%E5%AE%9E%E8%B7%B5&amp;url=/archives/apkcheng-xu-zhong-tcpyu-httpslian-jie-de-shu-ju-jia-mi-an-quan-shi-jian" width="1" height="1" alt="" style="opacity:0;">在移动应用开发领域，APK程序作为Android应用的最终分发形式，其网络通信安全是保护用户数据、防止商业机密泄露和抵御恶意攻击的核心防线。网络通信主要分为基于传输层协议的TCP连接和基于应用层安全协议的HTTPS连接，两者在加密方式、安全机制和实现策略上各有侧重。本文将深入剖析APK程序中这两种连]]></description><guid isPermaLink="false">/archives/apkcheng-xu-zhong-tcpyu-httpslian-jie-de-shu-ju-jia-mi-an-quan-shi-jian</guid><dc:creator>雨落秋垣</dc:creator><enclosure url="https://tencent.hb.cn/apis/api.storage.halo.run/v1alpha1/thumbnails/-/via-uri?uri=%2Fupload%2F0a2e0faa2dae1f95a72cf4efa500df01-HxkH.webp&amp;size=m" type="image/jpeg" length="0"/><category>密码学与加密技术</category><pubDate>Tue, 13 Jan 2026 14:06:31 GMT</pubDate></item><item><title><![CDATA[运营商基站网络安全：从空口加密到智能防御的纵深体系]]></title><link>https://tencent.hb.cn/archives/yun-ying-shang-ji-zhan-wang-luo-an-quan-cong-kong-kou-jia-mi-dao-zhi-neng-fang-yu-de-zong-shen-ti-xi</link><description><![CDATA[<img src="https://tencent.hb.cn/plugins/feed/assets/telemetry.gif?title=%E8%BF%90%E8%90%A5%E5%95%86%E5%9F%BA%E7%AB%99%E7%BD%91%E7%BB%9C%E5%AE%89%E5%85%A8%EF%BC%9A%E4%BB%8E%E7%A9%BA%E5%8F%A3%E5%8A%A0%E5%AF%86%E5%88%B0%E6%99%BA%E8%83%BD%E9%98%B2%E5%BE%A1%E7%9A%84%E7%BA%B5%E6%B7%B1%E4%BD%93%E7%B3%BB&amp;url=/archives/yun-ying-shang-ji-zhan-wang-luo-an-quan-cong-kong-kou-jia-mi-dao-zhi-neng-fang-yu-de-zong-shen-ti-xi" width="1" height="1" alt="" style="opacity:0;">在数字经济时代，5G/5G-A网络作为新型基础设施的核心，正深度赋能千行百业的数字化转型。作为网络接入的物理枢纽，运营商基站的安全已超越传统通信保障范畴，成为关乎国家关键信息基础设施安全、社会生产生活稳定以及用户隐私保护的战略要地。然而，基站，特别是向行业开放的微基站、皮基站，因其部署环境开放、与内]]></description><guid isPermaLink="false">/archives/yun-ying-shang-ji-zhan-wang-luo-an-quan-cong-kong-kou-jia-mi-dao-zhi-neng-fang-yu-de-zong-shen-ti-xi</guid><dc:creator>雨落秋垣</dc:creator><enclosure url="https://tencent.hb.cn/apis/api.storage.halo.run/v1alpha1/thumbnails/-/via-uri?uri=%2Fupload%2F60e69148974a3e3269adf02598742424-zkDv.webp&amp;size=m" type="image/jpeg" length="0"/><category>基础设施安全</category><pubDate>Tue, 13 Jan 2026 13:57:44 GMT</pubDate></item><item><title><![CDATA[2026年中国网络安全发展]]></title><link>https://tencent.hb.cn/archives/2026nian-zhong-guo-wang-luo-an-quan-fa-zhan</link><description><![CDATA[<img src="https://tencent.hb.cn/plugins/feed/assets/telemetry.gif?title=2026%E5%B9%B4%E4%B8%AD%E5%9B%BD%E7%BD%91%E7%BB%9C%E5%AE%89%E5%85%A8%E5%8F%91%E5%B1%95&amp;url=/archives/2026nian-zhong-guo-wang-luo-an-quan-fa-zhan" width="1" height="1" alt="" style="opacity:0;">如今，数字浪潮奔涌不息，网络空间已成为继陆、海、空、天之后的第五疆域，其安全与稳定直接关系到国家主权、安全和发展利益。迈入2026年，随着新修订的《中华人民共和国网络安全法》（以下简称《网络安全法》）正式施行，我国网络安全法治建设进入一个崭新的历史阶段。这部基础性法律的首次重大修改，不仅是应对人工智]]></description><guid isPermaLink="false">/archives/2026nian-zhong-guo-wang-luo-an-quan-fa-zhan</guid><dc:creator>雨落秋垣</dc:creator><enclosure url="https://tencent.hb.cn/apis/api.storage.halo.run/v1alpha1/thumbnails/-/via-uri?uri=%2Fupload%2F98d3e2c736df2f8e3d9fd930013b37ed.webp&amp;size=m" type="image/jpeg" length="0"/><category>基础设施安全</category><pubDate>Mon, 12 Jan 2026 16:00:40 GMT</pubDate></item></channel></rss>