<?xml version="1.0" encoding="utf-8" standalone="yes"?><rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom"><channel><title>Posts on Vivian's Blog</title><link>https://vvnblog.com/posts/</link><description>Recent content in Posts on Vivian's Blog</description><generator>Hugo -- gohugo.io</generator><language>zh-tw</language><copyright>Copyright © 2026 Vivian All Rights Reserved.</copyright><lastBuildDate>Wed, 08 Jul 2026 00:00:00 +0000</lastBuildDate><atom:link href="https://vvnblog.com/posts/index.xml" rel="self" type="application/rss+xml"/><item><title>原來打 AI 不只有 Prompt Injection｜HTB Certified Offensive AI Expert(COAE) 心得</title><link>https://vvnblog.com/posts/coae-exam/</link><pubDate>Wed, 08 Jul 2026 00:00:00 +0000</pubDate><guid>https://vvnblog.com/posts/coae-exam/</guid><description>以為攻擊 AI 就只有 Prompt Injection？HTB COAE 讓我見識到 AI 攻擊的另一片天地。</description></item><item><title>本來只是想拿 Duo Power 徽章跟貼紙，結果被 Cloud Security 衝擊了一番｜我的 CCSP 心得</title><link>https://vvnblog.com/posts/ccsp-exam/</link><pubDate>Sat, 09 May 2026 00:00:00 +0000</pubDate><guid>https://vvnblog.com/posts/ccsp-exam/</guid><description>零雲端經驗一頭栽進 CCSP，本來只想收集徽章和貼紙，最後被 Cloud Security 狠狠上了一課。</description></item><item><title>使用 AI、理解 AI、攻擊 AI｜我的 2026 Q1 HTB AI Red Teamer 學習之旅</title><link>https://vvnblog.com/posts/ai-red-teamer-learn/</link><pubDate>Mon, 16 Mar 2026 00:00:00 +0000</pubDate><guid>https://vvnblog.com/posts/ai-red-teamer-learn/</guid><description>當 AI 從工具變成攻擊目標，滲透測試會長什麼樣子？記錄我從使用、理解到攻擊 AI 的一季學習歷程。</description></item><item><title>我沒有超人模式，只有慢慢找回的節奏｜一位資安工程師媽媽的 2023–2025 年成長與 2026 年展望</title><link>https://vvnblog.com/posts/no-superhero-mode-2023-2025/</link><pubDate>Thu, 01 Jan 2026 00:00:00 +0000</pubDate><guid>https://vvnblog.com/posts/no-superhero-mode-2023-2025/</guid><description>沒有超人模式，也能一步步往前。一位資安工程師媽媽在工作與育兒的夾縫中，兩年考取 OSCP 與 CISSP 的真實節奏。</description></item><item><title>走出技術框架｜我的 CISSP 準備之旅</title><link>https://vvnblog.com/posts/cissp-exam/</link><pubDate>Tue, 07 Oct 2025 00:00:00 +0000</pubDate><guid>https://vvnblog.com/posts/cissp-exam/</guid><description>習慣動手打靶的技術腦，要怎麼切換成管理者的思維？我用三個月準備 CISSP，走出熟悉的技術框架。</description></item><item><title>在職媽媽也能通過 OSCP+｜育兒、工作與證照挑戰之間的走鋼索人生</title><link>https://vvnblog.com/posts/oscp-exam/</link><pubDate>Mon, 28 Apr 2025 00:00:00 +0000</pubDate><guid>https://vvnblog.com/posts/oscp-exam/</guid><description>兩度落榜，一邊帶小孩一邊備考，在職媽媽如何在有限時間裡走完 OSCP+ 這條鋼索？</description></item><item><title>基礎滲透 GraphQL 架構</title><link>https://vvnblog.com/posts/graphql-leak-info/</link><pubDate>Fri, 19 Jul 2024 00:00:00 +0000</pubDate><guid>https://vvnblog.com/posts/graphql-leak-info/</guid><description>一個沒關掉的 Introspection Query，就讓我列舉出整個 GraphQL schema。從實戰案例看這個常見卻致命的設定疏失。</description></item><item><title>Secure、HttpOnly、SameSite:守護 Cookie 的御三家屬性</title><link>https://vvnblog.com/posts/cookie/</link><pubDate>Thu, 23 May 2024 00:00:00 +0000</pubDate><guid>https://vvnblog.com/posts/cookie/</guid><description>一個沒設好的 Cookie，足以讓攻擊者偽裝成你。認識 Secure、HttpOnly、SameSite 這三道防線，以及怎麼開啟它們。</description></item><item><title>JWT 運作原理</title><link>https://vvnblog.com/posts/jwt/</link><pubDate>Thu, 11 Apr 2024 00:00:00 +0000</pubDate><guid>https://vvnblog.com/posts/jwt/</guid><description>一組用點號分隔的字串，如何撐起現代網站的登入驗證？拆解 JWT 的三段結構，以及用它時最容易踩的雷。</description></item><item><title>如何關閉 NetGear M4300 API 功能</title><link>https://vvnblog.com/posts/netgear-m4300/</link><pubDate>Thu, 13 Jul 2023 00:00:00 +0000</pubDate><guid>https://vvnblog.com/posts/netgear-m4300/</guid><description>交換器竟然藏著一個開放的 API？從一則弱掃告警出發，一步步用指令關掉 NetGear M4300 的隱藏服務。</description></item><item><title>提高網路安全性效率:EDL / EBL</title><link>https://vvnblog.com/posts/edl/</link><pubDate>Wed, 15 Mar 2023 00:00:00 +0000</pubDate><guid>https://vvnblog.com/posts/edl/</guid><description>還在一個一個手動把惡意 IP 加進防火牆？EDL / EBL 讓防火牆自動抓清單，把時間還給更重要的資安工作。</description></item></channel></rss>