Skip to content

标题: WEB前端逆向看过的参考资源

创建: 2024-07-15 14:13 更新: 链接: https://scz.617.cn/web/202407151413.txt

我搞WEB前端逆向的初衷与wasm逆向工程有关。wasm这种接近native的计算能力,从 网络安全角度看,好的坏的都会用到,事实上已经普及。过去完全未接触过,后知后 觉地看到fireeye分析恶意wasm的blog,惭愧。

这不是给手机用户看的,请用PC浏览器查看并下载,再用无自动折行阅读模式查看。

这个TXT将学习过程中认真看过的参考资源罗列一下,说不定有些想入此门的同行, 或可参考。后面的URL,绝大多数看过、动手实践过,并非走马观花,或者放狗搜一 堆链接置于此间充数。实际看过的,比后面罗列的更多,那些看不上眼的并未收录, 只收录了曾经在某个瞬间切实产生过帮助的。有些收录以当下水平看,也就那么回事, 但从无到有渐进时,曾经有用过,并未后期修正掉,恰恰适合想入此门的同行。

若你像我一样认真看这些URL并实践一番,基本上就和我此刻的WEB前端逆向水平一致, 离WEB前端逆向专家还很遥远,但绝对能有效反忽悠,顺便还能下点电影、电子书什 么的。

从无到有时,没有捷径,老老实实看基础文档,最高效、最实惠,所谓磨刀不误砍柴 功。我看wasm时,就看了不少2015、2017年的文档,看一些理念的起源、发展,这种 可能产生不了直接收益,但可能有冰山下的收益,后面收录了少许。

优先看英文官方文档,不要一听英文就吓得掉头。我的公共英语渣得没脸提,但专业 英语阅读无障碍,这得益于1999年初看W. Richard Stevens的《UNP vol I》,再后 来就习以为常了。某些搞网安的小年轻,对英文可能是有什么误解,一言难尽得很。

说个有点相关的,上个月在微博顺嘴提了一句,「初学Python的,若是有耐心将自带 的python3xx.chm从头到脚看一遍,比你从其他资料入门、进阶,要靠谱得多。这个 道理,许多人不懂」。后来发生一件令人困惑的事,出现许多与CS、IT、网安无关的 ID,对此深表认同。

再说个不强相关的,学习方法很重要。天赋决定天花板,勤奋决定地板,学习方法决 定地板抬升速率。不管你信不信,我推荐看看《矛盾论》、《实践论》两篇著作。


https://webassembly.org/ https://webassembly.org/getting-started/developers-guide/

WebAssembly without Emscripten https://schellcode.github.io/webassembly-without-emscripten https://schellingb.github.io/ClangWasm/

Compiling a New C/C++ Module to WebAssembly https://developer.mozilla.org/en-US/docs/WebAssembly/C_to_wasm

Compiling an Existing C Module to WebAssembly https://developer.mozilla.org/en-US/docs/WebAssembly/existing_C_to_wasm (emcc)

Using the WebAssembly JavaScript API https://developer.mozilla.org/en-US/docs/WebAssembly/Using_the_JavaScript_API https://github.com/mdn/webassembly-examples/tree/main/js-api-examples (WebAssembly.Global)

Javy https://github.com/bytecodealliance/javy (JS to WebAssembly toolchain)

WebAssembly资料精选 https://github.com/wasmlang/awesome-wasm-zh

Awesome Wasm https://github.com/mbasso/awesome-wasm

Awesome WebAssembly Tools https://github.com/vshymanskyy/awesome-wasm-tools


In-browser mining: Coinhive and WebAssembly - Robert Neumann, Abel Toro [2018-04-19] https://www.forcepoint.com/blog/x-labs/browser-mining-coinhive-and-webassembly (404) https://web.archive.org/web/20190609000928/https://www.forcepoint.com/blog/x-labs/browser-mining-coinhive-and-webassembly (在浏览器中禁用wasm)

How to Disable WebAssembly (WASM) https://github.com/stevespringett/disable-webassembly

Analyzing WebAssembly binaries - Wasm Reverse Engineering - John Bergbom [2018-06-28] https://www.forcepoint.com/blog/x-labs/analyzing-webassembly-binaries (F12可以调试wasm,演示wasm调用js函数)

Analyzing WebAssembly binaries: initial feel and behavioral analysis - John Bergbom [2018-10-03] https://www.forcepoint.com/blog/security-labs/analyzing-webassembly-binaries-initial-feel-and-behavioral-analysis (404) https://web.archive.org/web/20221130154219/https://www.forcepoint.com/blog/x-labs/analyzing-webassembly-binaries-initial-feel-and-behavioral-analysis https://github.com/dominictarr/quicksort.wasm https://github.com/dominictarr/quicksort.wasm/blob/master/quicksort.wasm (没啥意思,用go,不如用nodejs)

Manual reverse engineering of WebAssembly: static code analysis - John Bergbom [2018-10-11] https://www.forcepoint.com/blog/security-labs/manual-reverse-engineering-webassembly-static-code-analysis (404) https://web.archive.org/web/20181015220731/https://www.forcepoint.com/blog/security-labs/manual-reverse-engineering-webassembly-static-code-analysis (对wasm汇编代码进行手工反编译)

WebAssembly的静态手动逆向分析 - [2018-11-19] https://bbs.kanxue.com/thread-247856.htm (前文的中译版)

Reverse Engineering WebAssembly - Nicolas Falliere nico@pnfsoftware.com [2018-07-17] https://www.pnfsoftware.com/reversing-wasm.pdf (据说JEB可反编译wasm,但我未成功,缺插件)

Binary Security of WebAssembly - Daniel Lehmann [2020-06-20] https://www.usenix.org/system/files/sec20-lehmann.pdf https://github.com/sola-st/wasm-binary-security

Implicit evaluation stack. Functions cannot access local variables or the evaluation stack of other functions. The evaluation stack, globals, and locals are managed by the VM. Managed data, i.e., local variables, global variables, values on the evaluation stack, and return addresses, reside in dedicated storage handled directly by the VM. WebAssembly code can only interact with managed data implicitly through instructions, but not directly modify its underlying storage. In contrast to native code, there are no return addresses on the unmanaged stack.


Wasm Notetaker (CTF) https://ctftime.org/writeup/34226 (wasm2wat --generate-names --fold-exprs --inline-exports --inline-imports -o some.wat some.wasm)


(3) A crash course in assembly - Lin Clark [2017-02-28] https://hacks.mozilla.org/2017/02/a-crash-course-in-assembly/ (汇编、中间语言)

(4) Creating and working with WebAssembly modules - Lin Clark [2017-02-28] https://hacks.mozilla.org/2017/02/creating-and-working-with-webassembly-modules/ (介绍wasm的汇编形式)

(5) What makes WebAssembly fast - Lin Clark [2017-02-28] https://hacks.mozilla.org/2017/02/what-makes-webassembly-fast/

(6) Where is WebAssembly now and what's next - Lin Clark [2017-02-28] https://hacks.mozilla.org/2017/02/where-is-webassembly-now-and-whats-next/


(1) A crash course in memory management - Lin Clark [2017-06-14] https://hacks.mozilla.org/2017/06/a-crash-course-in-memory-management/

(2) A cartoon intro to ArrayBuffers and SharedArrayBuffers - Lin Clark [2017-06-14] https://hacks.mozilla.org/2017/06/a-cartoon-intro-to-arraybuffers-and-sharedarraybuffers/

(3) Avoiding race conditions in SharedArrayBuffers with Atomics - Lin Clark [2017-06-14] https://hacks.mozilla.org/2017/06/avoiding-race-conditions-in-sharedarraybuffers-with-atomics/


(1) Creating a WebAssembly module instance with JavaScript - Lin Clark [2017-07-19] https://hacks.mozilla.org/2017/07/creating-a-webassembly-module-instance-with-javascript/

(2) Memory in WebAssembly (and why it's safer than you think) - Lin Clark [2017-07-19] https://hacks.mozilla.org/2017/07/memory-in-webassembly-and-why-its-safer-than-you-think/ (在js与wasm之间交换数据)

(3) WebAssembly table imports, what are they - Lin Clark [2017-07-19] https://hacks.mozilla.org/2017/07/webassembly-table-imports-what-are-they/ (call_indirect)


How to create minimal wasm module with plain C/C++ - [2022-02-11] https://news.ycombinator.com/item?id=30991235 https://github.com/ern0/howto-wasm-minimal

How to build webassembly files with nothing other than standard Clang/llvm https://github.com/PetterS/clang-wasm

WebAssembly Dynamic Linking https://github.com/WebAssembly/tool-conventions/blob/main/DynamicLinking.md (__memory_base/__table_base/__indirect_function_table)

A fast and secure runtime for WebAssembly https://github.com/bytecodealliance/wasmtime

The leading Wasm Runtime supporting WASIX, WASI and Emscripten https://github.com/wasmerio/wasmer

The Wasmer JavaScript SDK https://github.com/wasmerio/wasmer-js https://github.com/wasmerio/wasmer-js/tree/0.x/packages/wasi https://github.com/wasmerio/wasmer-js/tree/v0.12.0/packages/wasi

WebAssembly System Interface (WASI) https://wasi.dev/ https://github.com/bytecodealliance/wasi.dev


WebAssembly Core Specification https://webassembly.github.io/spec/core/ (多页版) https://webassembly.github.io/spec/core/bikeshed/index.html (单页版 比PDF全) https://webassembly.github.io/spec/core/_download/WebAssembly.pdf (一直在更新)

Memory Instructions https://webassembly.github.io/spec/core/binary/instructions.html (有i32.store编码方式)

Memory Instructions https://webassembly.github.io/spec/core/exec/instructions.html (有i32.store语义细节)

https://webassembly.github.io/spec/core/binary/values.html (有u32的编解码介绍)

Memory Instructions https://webassembly.github.io/spec/core/binary/instructions.html

Index of Instructions https://webassembly.github.io/spec/core/appendix/index-instructions.html

WebAssembly Text Format (WAT) https://webassembly.github.io/spec/core/text/index.html

WebAssembly Binary Format https://webassembly.github.io/spec/core/binary/index.html (010 Editor有wasm.bt模板)

WebAssembly System Interface (WASI) https://nodejs.org/api/wasi.html https://github.com/nodejs/node/blob/main/doc/api/wasi.md

WebAssembly System Interface (WASI) https://github.com/WebAssembly/WASI

WASI API Reference https://wasix.org/docs/api-reference https://wasix.org/docs/api-reference/wasi/fd_write https://github.com/WebAssembly/WASI/blob/main/legacy/preview1/docs.md

WebAssembly Reference Manual https://github.com/sunfishcode/wasm-reference-manual https://github.com/sunfishcode/wasm-reference-manual/blob/master/WebAssembly.md (LEB128)


Raw WebAssembly - Surma [2019-05-17] https://dassur.ma/things/raw-wasm/ (介绍wasm的汇编形式)

Compiling C to WebAssembly without Emscripten - Surma [2019-05-28] https://dassur.ma/things/c-to-webassembly/ https://surma.dev/things/c-to-webassembly/ (__data_end/__heap_base) (-flto -Wl,--lto-O3) (extern unsigned char __heap_base;) (实现简单的malloc)

编译c到wasm - Liu WeiMin [2021-05-01] https://r32.github.io/other/2021-05-01-wasm.html https://github.com/R32/wasm-c https://github.com/R32/wasm-c/blob/master/src/_malloc.c (作者自己实现了一个malloc/free)

Compiling C to WebAssembly using clang/LLVM and WASI - [2019-04-07] https://00f.net/2019/04/07/compiling-to-webassembly-with-llvm-and-clang/

Compiling C to WebAssembly and Running It without Emscripten - Richard L. Apodaca [2019-10-17] https://depth-first.com/articles/2019/10/16/compiling-c-to-webassembly-and-running-it-without-emscripten/ (__heap_base)


Learning WebAssembly Series https://blog.ttulka.com/learning-webassembly-series/ (只有如下几篇需要看)

Learning WebAssembly #2: Wasm Binary Format - Tomas Tulka [2021-01-04] https://blog.ttulka.com/learning-webassembly-2-wasm-binary-format/ (Integers in WebAssembly are LEB128 encoded)

Learning WebAssembly #3: Wat Programming Basics - Tomas Tulka [2021-01-04] https://blog.ttulka.com/learning-webassembly-3-wat-programming-basics/ (详解wat编程,递归调用示例)

Learning WebAssembly #4: Wasm Memory and Working with Strings - Tomas Tulka [2021-01-04] https://blog.ttulka.com/learning-webassembly-4-wasm-memory-and-working-with-strings/ (用wat编程时从js导入memory)

Learning WebAssembly #5: Running Wasm in the Browser - Tomas Tulka [2021-01-04] https://blog.ttulka.com/learning-webassembly-5-running-wasm-in-the-browser/ (在js/wasm中均可访问的全局变量,WebAssembly.Global)

Learning WebAssembly #6: Running Wasm in Node.js - Tomas Tulka [2021-01-06] https://blog.ttulka.com/learning-webassembly-6-running-wasm-in-nodejs/

Learning WebAssembly #7: Introducing WASI - Tomas Tulka [2021-01-09] https://blog.ttulka.com/learning-webassembly-7-introducing-wasi/ (在wat中调用fd_read/fd_write)


WASI-enabled WebAssembly C/C++ toolchain https://github.com/WebAssembly/wasi-sdk https://github.com/WebAssembly/wasi-sdk/releases (自带clang、lld那一堆)

WASI libc implementation for WebAssembly https://github.com/WebAssembly/wasi-libc

WebAssembly lld port https://lld.llvm.org/WebAssembly.html (wasm-ld参数手册)


WABT: The WebAssembly Binary Toolkit https://github.com/WebAssembly/wabt https://github.com/WebAssembly/wabt/releases https://github.com/WebAssembly/wabt/releases/download/1.0.35/wabt-1.0.35-windows.tar.gz https://webassembly.github.io/wabt/demo/ (online) https://webassembly.github.io/wabt/demo/wat2wasm/index.html https://webassembly.github.io/wabt/demo/wasm2wat/index.html

wat2wasm https://webassembly.github.io/wabt/doc/wat2wasm.1.html

wasm2wat https://webassembly.github.io/wabt/doc/wasm2wat.1.html

wasm-objdump https://webassembly.github.io/wabt/doc/wasm-objdump.1.html

wasm-decompile https://webassembly.github.io/wabt/doc/wasm-decompile.1.html

wasm2c https://webassembly.github.io/wabt/doc/wasm2c.1.html


Binaryen https://github.com/WebAssembly/binaryen https://github.com/WebAssembly/binaryen/releases https://github.com/WebAssembly/binaryen/releases/download/version_117/binaryen-version_117-x86_64-windows.tar.gz https://github.com/WebAssembly/binaryen/wiki/ (Optimizer and compiler/toolchain library for WebAssembly)


用js实现fd_write

Creating an own WASI function - Dennis Kawurek [2023-01-19] https://blog.dkwr.de/development/wasi-load-fd-write/ (与DOM互动) (处理"application/wasm"已无必要)

Building a minimal WASI polyfill for browsers - ndesmic [2023-02-28] https://dev.to/ndesmic/building-a-minimal-wasi-polyfill-for-browsers-4nel https://github.com/ndesmic/wasm-cross/blob/v0/browser/wasi.js (此版fd_write实现得最简洁,演示DataView.setInt32)

WebAssembly bare bones WASI browser polyfill https://www.wasmtutor.com/webassembly-barebones-wasi (a basic browser WASI polyfill)

WebAssembly security: potentials and pitfalls - John Bergbom [2018-06-19] https://www.forcepoint.com/blog/x-labs/webassembly-potentials-and-pitfalls


How to access WebAssembly linear memory from C/C++ - [2017-10-14] https://stackoverflow.com/questions/46748572/how-to-access-webassembly-linear-memory-from-c-c

How can I return a JavaScript string from a WebAssembly function - [2016-12-27] https://stackoverflow.com/questions/41353389/how-can-i-return-a-javascript-string-from-a-webassembly-function


Ghidra Wasm plugin with disassembly and decompilation support https://github.com/nneonneo/ghidra-wasm-plugin https://github.com/nneonneo/ghidra-wasm-plugin/releases


WASM逆向分析 - Hk_Mayfly [2020-05-27] https://www.cnblogs.com/Mayfly-nymph/p/12974921.html


FLARE Script Series: Reverse Engineering WebAssembly Modules Using the idawasm IDA Pro Plugin - Willi Ballenthin [2018-10-05] http://www.fireeye.com/blog/threat-research/2018/10/reverse-engineering-webassembly-modules-using-the-idawasm-ida-pro-plugin.html (没了) https://web.archive.org/web/20190403043506/https://www.fireeye.com/blog/threat-research/2018/10/reverse-engineering-webassembly-modules-using-the-idawasm-ida-pro-plugin.html https://malware.news/t/flare-script-series-reverse-engineering-webassembly-modules-using-the-idawasm-ida-pro-plugin/23336 (含wasm_emu.py的介绍)

https://github.com/athre0z/wasm (基础库) https://github.com/williballenthin/ida-netnode (基础库) https://github.com/mandiant/idawasm (旧版插件) https://github.com/huangxiangyao/idawasm (新版插件) (IDA Pro plugin that implements the loader and processor to disassemble wasm)


WebAssembly module for IDA Pro https://github.com/sophoslabs/WebAssembly/tree/master/Tools/IDA-Wasm https://github.com/sophoslabs/WebAssembly/blob/master/Tools/IDA-Wasm/wasm_loader.py https://github.com/sophoslabs/WebAssembly/blob/master/Tools/IDA-Wasm/wasm_processor.py (在IDA 8.4.1中没跑起来,但框架可参考)


https://en.wikipedia.org/wiki/LEB128

Integer Literals in WebAssembly Binary - [2022-05-31] https://stackoverflow.com/questions/72442137/integer-literals-in-webassembly-binary


https://github.com/golang/go https://github.com/golang/go/wiki/WebAssembly https://github.com/golang/go/tree/master/misc/wasm https://github.com/golang/go/blob/master/misc/wasm/wasm_exec.html https://github.com/golang/go/blob/master/misc/wasm/wasm_exec.js https://github.com/golang/go/blob/master/misc/wasm/wasm_exec_node.js

The Go Playground https://go.dev/play/ (在线测试Go代码)

https://go.dev/doc/install https://go.dev/dl/ https://go.dev/dl/go1.22.3.windows-amd64.msi https://go.dev/dl/go1.22.3.windows-amd64.zip (便携版)

TinyGo Go compiler for small places https://github.com/tinygo-org/tinygo https://github.com/tinygo-org/tinygo/releases https://github.com/tinygo-org/tinygo/releases/download/v0.31.2/tinygo0.31.2.windows-amd64.zip https://tinygo.org/getting-started/ https://tinygo.org/getting-started/install/windows/ https://tinygo.org/docs/guides/build https://tinygo.org/docs/guides/webassembly/wasm/

https://pkg.go.dev/syscall/js https://pkg.go.dev/syscall/js#Value.Set https://pkg.go.dev/syscall/js#Value.String


Golang WebAssembly - Tibor Hercz [2022-04-22] https://xebia.com/blog/golang-webassembly/ https://github.com/tiborhercz/go-wasm-example

Running Go code inside a NodeJS app with WASM Part 1 - [2023-02-13] https://pedromarquez.dev/blog/2023/2/node_golang_wasm

Running Go code inside a NodeJS app with WASM Part 2 - [2023-02-24] https://pedromarquez.dev/blog/2023/2/node_golang_wasm_p2 https://github.com/pfernandom/nodejs-go-wasm/blob/main/node/wasm_exec.js (在nodejs环境中使用wasm_exec.js,现已无需魔改)


Learning Golang through WebAssembly Part 3, Interacting with JavaScript from Go - [2019-02-06] https://www.aaron-powell.com/posts/2019-02-06-golang-wasm-3-interacting-with-js-from-go/ (wasm直接操作DOM) (介绍Go编写wasm的基本套路)

Learning Golang through WebAssembly Part 4, Sending a Response to JavaScript - [2019-02-07] https://www.aaron-powell.com/posts/2019-02-07-golang-wasm-4-response-to-javascript/ (对js.FuncOf()的介绍已过时,但思路可借鉴) (JS calling Go and back again) (Value.Invoke)

Learning Golang through WebAssembly Part 5, Compiling With Webpack - [2019-02-08] https://www.aaron-powell.com/posts/2019-02-08-golang-wasm-5-compiling-with-webpack/ https://github.com/aaronpowell/webpack-golang-wasm-async-loader


golang crypt包的AES加密函数的使用 - CodingCode [2020-03-13] https://www.jianshu.com/p/47e8c137ecd4

Crypto.js decrypt with key and iv (vector) in byte arrays - [2015-11-11] https://stackoverflow.com/questions/33660331/crypto-js-decrypt-with-key-and-iv-vector-in-byte-arrays

How to decrypt AES with CryptoJS - [2016-09-03] https://stackoverflow.com/questions/39311514/how-to-decrypt-aes-with-cryptojs

js在浏览器端对二进制流进行AES加密和解密 https://www.cnblogs.com/chris-oil/p/8602968.html


https://emscripten.org/ https://emscripten.org/docs/getting_started/downloads.html

FAQ https://emscripten.org/docs/getting_started/FAQ.html (onRuntimeInitialized,-sMODULARIZE=1) (EXPORTED_FUNCTIONS、EMSCRIPTEN_KEEPALIVE均可导出函数) (-sENVIRONMENT=web)

Emscripten Tutorial https://emscripten.org/docs/getting_started/Tutorial.html

Emscripten Compiler Frontend (emcc) https://emscripten.org/docs/tools_reference/emcc.html (-sEXPORTED_FUNCTIONS=foo,bar)

Building to WebAssembly https://emscripten.org/docs/compiling/WebAssembly.html (onRuntimeInitialized)

Module object https://emscripten.org/docs/api_reference/module.html (onRuntimeInitialized、instantiateWasm)

Interacting with code https://emscripten.org/docs/porting/connecting_cpp_and_javascript/Interacting-with-code.html (重要,必看) (EM_JS EM_ASM getValue setValue)

JavaScript API https://emscripten.org/docs/api_reference/preamble.js.html (ccall cwrap getValue setValue) (UTF8ToString stringToUTF8 lengthBytesUTF8) (AsciiToString stackTrace HEAPU8)

Settings that control the emscripten compiler https://github.com/emscripten-core/emscripten/blob/main/src/settings.js (WASM_ASYNC_COMPILATION ENVIRONMENT NODEJS_CATCH_EXIT INVOKE_RUN) (MODULARIZE EXPORT_NAME)

Emscripten Compiler Settings https://emscripten.org/docs/tools_reference/settings_reference.html (DYNCALLS EMBIND_AOT DYNAMIC_EXECUTION)

Embind https://emscripten.org/docs/porting/connecting_cpp_and_javascript/embind.html (C++与js交互 EMSCRIPTEN_BINDINGS)

WebAssembly Standalone https://github.com/emscripten-core/emscripten/wiki/WebAssembly-Standalone

Emscripten: An LLVM-to-WebAssembly Compiler https://github.com/kripken/emscripten

Emscripting a C library to Wasm - Surma [2018-03-05] https://web.dev/articles/emscripting-a-c-library (Module.cwrap)


C/C++面向WebAssembly编程 https://www.cntofu.com/book/150/index.html

https://www.cntofu.com/book/150/zh/ch2-c-js/ch2-02-implement-c-api-in-js.md (--js-library LibraryManager.library)

https://www.cntofu.com/book/150/zh/ch2-c-js/ch2-04-data-exchange.md (Pointer_stringify allocateUTF8)

https://www.cntofu.com/book/150/zh/ch2-c-js/ch2-07-ccall-cwrap.md (ccall/cwrap潜在风险,用stack,不用heap)

Module定制 https://www.cntofu.com/book/150/zh/ch3-runtime/ch3-05-module.md (--pre-js --post-js)

https://www.cntofu.com/book/150/zh/ch4-techniques/ch4-06-int64-issue.md (int64)


Compiling to WebAssembly: It's Happening! - Alon Zakai [2015-12-17] https://hacks.mozilla.org/2015/12/compiling-to-webassembly-its-happening/ (关于wasm、asm.js的历史)

https://kripken.github.io/talks/wasm.html

Shrinking WebAssembly and JavaScript code sizes in Emscripten - Alon Zakai [2018-01-30] https://hacks.mozilla.org/2018/01/shrinking-webassembly-and-javascript-code-sizes-in-emscripten/ (提及ccall、EM_ASM)

Outside the web: standalone WebAssembly binaries using Emscripten - Alon Zakai [2019-11-21] https://v8.dev/blog/emscripten-standalone-wasm (-sSTANDALONE_WASM=1)


Emscripten SDK https://github.com/emscripten-core/emsdk https://github.com/emscripten-core/emsdk/tags


Proxy https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Proxy

handler.apply() https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Proxy/Proxy/apply

The target must be a callable itself. That is, it must be a function object.

handler.get() https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Proxy/Proxy/get

handler.set() https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Proxy/Proxy/set

The set() method should return a boolean value. Return true to indicate that assignment succeeded. If the set() method returns false, and the assignment happened in strict-mode code, a TypeError will be thrown.

handler.getPrototypeOf() https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Proxy/Proxy/getPrototypeOf

Reflect.get() https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Reflect/get

Reflect.set() https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Reflect/set

Proxy and Reflect https://javascript.info/proxy (Proxy.revocable)


Function.prototype.bind() https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Function/bind

Object.prototype.proto https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Object/proto


Override web content and HTTP response headers locally - Sofia Emelianova [2023-04-12] https://developer.chrome.com/docs/devtools/overrides

Overriding HTTP response headers in Chrome - [2023-05-04] https://www.michalspacek.com/overriding-http-response-headers-in-chrome

Overriding HTTP response content in Chrome - [2023-10-05] https://www.michalspacek.com/overriding-http-response-content-in-chrome


Babel is a JavaScript compiler https://babeljs.io/ https://babeljs.io/setup https://babeljs.io/docs/

@babel/types https://babeljs.io/docs/babel-types

AST Explorer https://astexplorer.net/


Can I execute a string command in Node - [2016-02-19] https://stackoverflow.com/questions/35507899/can-i-execute-a-string-command-in-node (演示vm.runInContext、eval)

https://www.npmjs.com/package/eval (现在_eval的filename参数不再是optional,必须提供string类型,示例有误)


Can you add HTTPS functionality to a python flask web server - [2015-04-05] https://stackoverflow.com/questions/29458548/can-you-add-https-functionality-to-a-python-flask-web-server/65152383 (提到ssl_context='adhoc')

Running Your Flask Application Over HTTPS - Miguel Grinberg [2017-06-04] https://blog.miguelgrinberg.com/post/running-your-flask-application-over-https (提到ssl_context='adhoc'、Let's Encrypt)

Chrome disable SSL checking for sites - [2014-10-15] https://stackoverflow.com/questions/26388405/chrome-disable-ssl-checking-for-sites

Simple Python 3 HTTPS Server (SSL/TLS) https://gist.github.com/SeanPesce/af5f6b7665305b4c45941634ff725b7a

Python 3 Simple HTTPS server https://gist.github.com/stephenbradshaw/a2b72b5b58c93ca74b54f7747f18a481 (用法已过时,不推荐,评论区有新用法)

simple-https-server.py https://gist.github.com/DannyHinshaw/a3ac5991d66a2fe6d97a569c6cdac534 (用法已过时,不推荐,评论区有新用法)

Creating an HTTPS server in Python - [2023-07-20] https://www.piware.de/2011/01/creating-an-https-server-in-python/


https://unpkg.com/axios https://unpkg.com/axios/dist/axios.min.js https://unpkg.com/[email protected]/dist/axios.min.js https://unpkg.com/[email protected]/dist/axios.min.js

How to make HTTP requests with Axios - Faraz Kelhini [2023-11-29] https://blog.logrocket.com/how-to-make-http-requests-like-a-pro-with-axios/ (有transformRequest可用)

reactjs make https (not http) requests with axios - [2018-12-02] https://stackoverflow.com/questions/53576923/reactjs-make-https-not-http-requests-with-axios (Usually localhost is http and you will be making http calls in localhost)

Axios change http to https - [2020-05-15] https://stackoverflow.com/questions/61828245/axios-change-http-to-https (提到meta http-equiv="Content-Security-Policy")

Can't send a axios request from https to http server - [2022-12-10] https://stackoverflow.com/questions/74756751/cant-send-a-axios-request-from-https-to-http-server (解释"Mixed Content Blocking")

How to get Chrome to allow mixed content - [2013-08-19] https://stackoverflow.com/questions/18321032/how-to-get-chrome-to-allow-mixed-content (提到chrome://flags/,其他方案已过时)

Content-Security-Policy (CSP) https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy

CSP source values https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/Sources (解释default-src的值)

CSP: upgrade-insecure-requests https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/upgrade-insecure-requests

What is mixed content - [2019-09-07] https://web.dev/articles/what-is-mixed-content

Fixing mixed content - [2019-09-07] https://web.dev/articles/fixing-mixed-content (提到Content Security Policy (CSP)) (Content-Security-Policy: upgrade-insecure-requests)

Mixed Content https://w3c.github.io/webappsec-mixed-content/

Upgradeable Content (optionally-blockable) https://w3c.github.io/webappsec-mixed-content/#category-upgradeable

Blockable Content https://w3c.github.io/webappsec-mixed-content/#category-blockable

Getting ERR_CERT_AUTHORITY_INVALID with axios - [2019-03-27] https://stackoverflow.com/questions/55381447/getting-err-cert-authority-invalid-with-axios

How to ignore SSL - [2016-11-14] https://github.com/axios/axios/issues/535


What is the motivation behind the introduction of preflight CORS requests - [2013-03-13] https://stackoverflow.com/questions/15381105/what-is-the-motivation-behind-the-introduction-of-preflight-cors-requests (preflight requests are not a security thing)

An absence of Access-Control-Allow-Origin doesn't prevent the browser from sending requests, it merely prevents JS from being able to read the data in the response.

How to skip the OPTIONS preflight request - [2014-04-09] https://stackoverflow.com/questions/22968406/how-to-skip-the-options-preflight-request (Cache-Control will trigger preflight) (提到--disable-web-security)

Why is an OPTIONS request sent and can I disable it - [2015-04-29] https://stackoverflow.com/questions/29954037/why-is-an-options-request-sent-and-can-i-disable-it (对Access-Control-Max-Age有额外说明) (提到"Network/Disable cache"对preflight的影响) (提到--disable-web-security)

Why aren't POST requests always preflighted - [2015-06-19] https://stackoverflow.com/questions/30937595/why-arent-post-requests-always-preflighted

Why is there no preflight in CORS for POST requests with standard content-type - [2016-09-27] https://stackoverflow.com/questions/39725955/why-is-there-no-preflight-in-cors-for-post-requests-with-standard-content-type (保持向后兼容性)

Stop sending preflight requests from axios.post - [2019-08-27] https://stackoverflow.com/questions/57669964/stop-sending-preflight-requests-from-axios-post

how remove options before post - [2017-05-05] https://github.com/axios/axios/issues/888

Cross-Origin Resource Sharing (CORS) https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS

Simple requests https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS#simple_requests

Preflighted requests https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS#preflighted_requests

Preflight request https://developer.mozilla.org/en-US/docs/Glossary/Preflight_request

Access-Control-Max-Age https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Max-Age


How to include JavaScript file or library in Chrome console - [2011-03-12] https://stackoverflow.com/questions/5282228/how-to-include-javascript-file-or-library-in-chrome-console

Load local javascript file in chrome for testing - [2013-12-23] https://stackoverflow.com/questions/20748630/load-local-javascript-file-in-chrome-for-testing

How to launch html using Chrome at "--allow-file-access-from-files" mode - [2013-09-03] https://stackoverflow.com/questions/18586921/how-to-launch-html-using-chrome-at-allow-file-access-from-files-mode


Ajax-hook原理解析 - lazydu [2017-01-18] https://www.jianshu.com/p/7337ac624b8e https://juejin.cn/post/6844903470181384206

爬虫神器 用它可以实时处理和保存Ajax数据 - 崔庆才 [2020-06-01] https://mp.weixin.qq.com/s/rGdjdgBjVhl8Ig0x9Yq0QA (演示flask、axios、ajaxhook、selenium)

Scrape Center (练习站) https://scrape.center/

ajax-hook https://github.com/wendux/Ajax-hook https://github.com/wendux/ajax-hook/blob/master/dist/ https://raw.githubusercontent.com/wendux/Ajax-hook/master/dist/ajaxhook.min.js https://raw.githubusercontent.com/wendux/Ajax-hook/master/dist/ajaxhook.min.js.map https://raw.githubusercontent.com/wendux/Ajax-hook/master/dist/ajaxhook.js


XMLHttpRequest (XHR) https://developer.mozilla.org/en-US/docs/Web/API/XMLHttpRequest

XMLHttpRequest: load event https://developer.mozilla.org/en-US/docs/Web/API/XMLHttpRequest/load_event

XMLHttpRequest: readystatechange event https://developer.mozilla.org/en-US/docs/Web/API/XMLHttpRequest/readystatechange_event

XMLHttpRequest: readyState property https://developer.mozilla.org/en-US/docs/Web/API/XMLHttpRequest/readyState


Python 3网络爬虫开发实战(第二版)_崔庆才 反爬虫AST原理与还原混淆实战_李岳阳


后面是些我自己分享的只言片语,有兴趣者亦可观之。


《WebAssembly入门简介》 https://scz.617.cn/web/202405140839.txt

《WebAssembly逆向工程简介》 https://scz.617.cn/web/202405211056.txt

《WEB前端逆向随笔》 https://scz.617.cn/web/202406251509.txt

《WEB前端逆向反反调试一例》 https://scz.617.cn/web/202406281614.txt

《WEB前端逆向定位ts后处理代码》 https://scz.617.cn/web/202406301627.txt

《WEB前端逆向获取EME解密密钥》 https://scz.617.cn/web/202407121439.txt