SecWiki周刊(第180期)
2017/08/07-2017/08/13
安全资讯
中国网络安全产业全景报告2017Q2
https://mp.weixin.qq.com/s?__biz=MzI0MDY2MzE5NQ==&mid=2247484424&idx=1&sn=d785d945308c5e6f465a1b761bb6fc3b&scene=0#wechat_redirect
https://mp.weixin.qq.com/s?__biz=MzI0MDY2MzE5NQ==&mid=2247484424&idx=1&sn=d785d945308c5e6f465a1b761bb6fc3b&scene=0#wechat_redirect
窃隐私,传明文,京东劣举挑战网安法
http://www.4hou.com/info/news/7104.html
http://www.4hou.com/info/news/7104.html
军工四证——武器装备科研生产单位保密资质认证
http://www.toutiao.com/i6452537530297352717/
http://www.toutiao.com/i6452537530297352717/
连载黑客小说《杀手》第十七章 阴与阳,0与1,攻与防
http://www.jianshu.com/p/288c62014476
http://www.jianshu.com/p/288c62014476
DNA序列竟被编成恶意软件感染计算机
http://www.aqniu.com/hack-geek/27376.html
http://www.aqniu.com/hack-geek/27376.html
安全技术
华西安全网(cha.hxsec.com)密码泄露查询接口研究
http://anhkgg.github.io/hxsec-search-pwd-interface-analyze/
http://anhkgg.github.io/hxsec-search-pwd-interface-analyze/
OpenDLP: 免费&开源的DLP 系统
https://github.com/ezarko/opendlp
https://github.com/ezarko/opendlp
GitHub 万星推荐:黑客成长技术清单
http://www.4hou.com/info/news/7061.html
http://www.4hou.com/info/news/7061.html
Metinfo 5.3.17 前台SQL注入漏洞分析
https://www.leavesongs.com/PENETRATION/metinfo-5.3.17-sql-injection.html
https://www.leavesongs.com/PENETRATION/metinfo-5.3.17-sql-injection.html
开源CTF平台框架合辑
https://github.com/We5ter/Create_Your_CTFs
https://github.com/We5ter/Create_Your_CTFs
Bypass 360主机卫士SQL注入防御
http://www.cnblogs.com/xiaozi/p/7275134.html
http://www.cnblogs.com/xiaozi/p/7275134.html
ThinkPHP5.0.10-3.2.3缓存函数设计缺陷可导致Getshell
https://xianzhi.aliyun.com/forum/read/1973.html
https://xianzhi.aliyun.com/forum/read/1973.html
Peach对Modbus功能码的模糊测试
http://uknowsec.cn/posts/notes/Peach%E5%AF%B9Modbus%E5%8A%9F%E8%83%BD%E7%A0%81%E7%9A%84%E6%A8%A1%E7%B3%8A%E6%B5%8B%E8%AF%95.html
http://uknowsec.cn/posts/notes/Peach%E5%AF%B9Modbus%E5%8A%9F%E8%83%BD%E7%A0%81%E7%9A%84%E6%A8%A1%E7%B3%8A%E6%B5%8B%E8%AF%95.html
Acunetix11 API Documentation
https://h4rdy.me/index.php/archives/91/
https://h4rdy.me/index.php/archives/91/
看我如何从54G日志中溯源web应用攻击路径
https://secvul.com/topics/715.html
https://secvul.com/topics/715.html
免杀 MSF Windows Payload 的方法与实践
https://mp.weixin.qq.com/s/OxgJIIPaXMXqrY5lPdukdA
https://mp.weixin.qq.com/s/OxgJIIPaXMXqrY5lPdukdA
NSA开发的工控ICS/SCADA态势感知开源工具Grassmarlin(附下载地址)
http://www.freebuf.com/sectool/143106.html
http://www.freebuf.com/sectool/143106.html
Vuzzer自动漏洞挖掘工具简单分析附使用介绍
http://www.freebuf.com/sectool/143123.html
http://www.freebuf.com/sectool/143123.html
玩转linux系统之Linux内网渗透
https://thief.one/2017/08/09/2/
https://thief.one/2017/08/09/2/
IoT Village 物联网安全技术PPT和视频资料
https://www.iotvillage.org/#dc25_schedule
https://www.iotvillage.org/#dc25_schedule
Termite: 跳板机管理工具
http://rootkiter.com/Termite/
http://rootkiter.com/Termite/
域渗透神器Empire安装和简单使用
http://mp.weixin.qq.com/s/VqrUTW9z-yi3LqNNy-lE-Q
http://mp.weixin.qq.com/s/VqrUTW9z-yi3LqNNy-lE-Q
UDP tunnel:绕过UDP屏蔽或QoS
https://github.com/wangyu-/udp2raw-tunnel/blob/master/doc/README.zh-cn.md
https://github.com/wangyu-/udp2raw-tunnel/blob/master/doc/README.zh-cn.md
河马WEBSHELL扫描器1.2 发布,有UI
http://blog.shellpub.com/2017/08/09/%E6%B2%B3%E9%A9%ACwebshell%E6%89%AB%E6%8F%8F%E5%99%A8v1_2.html
http://blog.shellpub.com/2017/08/09/%E6%B2%B3%E9%A9%ACwebshell%E6%89%AB%E6%8F%8F%E5%99%A8v1_2.html
由视频系统SQL注入到服务器权限
https://bbs.ichunqiu.com/thread-25827-1-1.html?from=sec
https://bbs.ichunqiu.com/thread-25827-1-1.html?from=sec
内网渗透中主机发现的小技巧
http://mp.weixin.qq.com/s/fg8f7ydniZiQZ87niDTwqA
http://mp.weixin.qq.com/s/fg8f7ydniZiQZ87niDTwqA
Shellcode Via XSL, And DotNetToJScript
https://gist.github.com/subTee/7c926f51181945d20594eb91e8f4064b
https://gist.github.com/subTee/7c926f51181945d20594eb91e8f4064b
USB-based attacks USB 攻击论文
http://www.sciencedirect.com/science/article/pii/S0167404817301578
http://www.sciencedirect.com/science/article/pii/S0167404817301578
Solving a CTF Challenge with S2E
https://adrianherrera.github.io/post/google-ctf-2016/?from=timeline
https://adrianherrera.github.io/post/google-ctf-2016/?from=timeline
APT28 Targets Hospitality Sector, Presents Threat to Travelers
https://www.fireeye.com/blog/threat-research/2017/08/apt28-targets-hospitality-sector.html
https://www.fireeye.com/blog/threat-research/2017/08/apt28-targets-hospitality-sector.html
pychrome: A Python Package for the Google Chrome Dev Protocol
https://github.com/fate0/pychrome
https://github.com/fate0/pychrome
渗透测试指南之域用户组的范围
http://www.4hou.com/penetration/7016.html
http://www.4hou.com/penetration/7016.html
Angr:一个具有动态符号执行和静态分析的二进制分析工具
http://www.freebuf.com/sectool/143056.html
http://www.freebuf.com/sectool/143056.html
通过Burp以及自定义的Sqlmap Tamper进行二次SQL注入
http://www.4hou.com/system/6945.html
http://www.4hou.com/system/6945.html
BetterZip For macOS 破解实战(Patch公钥、黑名单检测、签名校验、Keygen等)
http://www.chinapyg.com/thread-91890-1-1.html
http://www.chinapyg.com/thread-91890-1-1.html
记一次Github项目被fork后的删除经历
https://bbs.ichunqiu.com/thread-25588-1-1.html?from=sec
https://bbs.ichunqiu.com/thread-25588-1-1.html?from=sec
64位系统下的Office后门利用
http://www.4hou.com/technology/6782.html
http://www.4hou.com/technology/6782.html
解锁更多姿势——手机锁屏安全研究
https://security.tencent.com/index.php/blog/msg/118
https://security.tencent.com/index.php/blog/msg/118
FileScan: 敏感文件扫描 / 二次判断降低误报率
https://github.com/Mosuan/FileScan
https://github.com/Mosuan/FileScan
windows环境下的信息收集i
http://mp.weixin.qq.com/s/37xtTdjVetMg5P1WaJvYvA
http://mp.weixin.qq.com/s/37xtTdjVetMg5P1WaJvYvA
Windows Exploitation Tricks: Arbitrary Directory Creation to Arbitrary File Read
https://googleprojectzero.blogspot.dk/2017/08/windows-exploitation-tricks-arbitrary.html
https://googleprojectzero.blogspot.dk/2017/08/windows-exploitation-tricks-arbitrary.html
我是如何通过fuzz apache httpd服务发现CVE-2017-7668
http://www.4hou.com/technology/6738.html
http://www.4hou.com/technology/6738.html
一种劫持COM服务器并绕过微软反恶意软件扫描接口(AMSI)的方法
http://www.4hou.com/technology/7018.html
http://www.4hou.com/technology/7018.html
scan_webshell: 简单的webshell扫描
https://github.com/erevus-cn/scan_webshell
https://github.com/erevus-cn/scan_webshell
《工业控制系统信息安全防护能力评估工作管理办法》解读
http://www.miit.gov.cn/n1146285/n1146352/n3054355/n3057656/n3057672/c5761113/content.html
http://www.miit.gov.cn/n1146285/n1146352/n3054355/n3057656/n3057672/c5761113/content.html
Modern Alchemy: Turning XSS into RCE
https://blog.doyensec.com/2017/08/03/electron-framework-security.html
https://blog.doyensec.com/2017/08/03/electron-framework-security.html
三种特征向量对深度学习攻击检测的影响
http://bobao.360.cn/learning/detail/4224.html
http://bobao.360.cn/learning/detail/4224.html
Office 在64位操作系统的持久控制
https://3gstudent.github.io/Office-Persistence-on-x64-operating-system/
https://3gstudent.github.io/Office-Persistence-on-x64-operating-system/
Python 机器学习教程
https://github.com/MorvanZhou/tutorials/blob/master/README.md?hmsr=toutiao.io&utm_medium=toutiao.io&utm_source=toutiao.io
https://github.com/MorvanZhou/tutorials/blob/master/README.md?hmsr=toutiao.io&utm_medium=toutiao.io&utm_source=toutiao.io
栈溢出利用之Return to dl-resolve
https://mp.weixin.qq.com/s?__biz=MzI5MDQ2NjExOQ==&mid=2247484641&idx=1&sn=f2cfc0cdee49c7c03d6a40e1f6f682ec&chksm=ec1e34c9db69bddfc676074d3da23a72606038902a53c00fedaaad884505dc8db444cbd7ab39#rd
https://mp.weixin.qq.com/s?__biz=MzI5MDQ2NjExOQ==&mid=2247484641&idx=1&sn=f2cfc0cdee49c7c03d6a40e1f6f682ec&chksm=ec1e34c9db69bddfc676074d3da23a72606038902a53c00fedaaad884505dc8db444cbd7ab39#rd
All your devs are belong to us: how to backdoor the Atom editor
http://blog.thinkst.com/2017/08/all-your-devs-are-belong-to-us-how-to.html
http://blog.thinkst.com/2017/08/all-your-devs-are-belong-to-us-how-to.html
看我如何基于Python&Facepp打造智能监控系统
http://www.freebuf.com/geek/143186.html
http://www.freebuf.com/geek/143186.html
高通加解密引擎提权漏洞解析
http://www.iceswordlab.com/2017/08/07/qualcomm-crypto-engine-vulnerabilities-exploits/
http://www.iceswordlab.com/2017/08/07/qualcomm-crypto-engine-vulnerabilities-exploits/
绕过主机卫士进行注入的两种姿势
https://bbs.ichunqiu.com/thread-25534-1-1.html?from=sec
https://bbs.ichunqiu.com/thread-25534-1-1.html?from=sec
一文看尽深度学习RNN:为啥就它适合语音识别、NLP与机器翻译
https://mp.weixin.qq.com/s?src=3×tamp=1502478296&ver=1&signature=wYB4AAcs0Nbz*6P0S22UU9pvnJi7uqjFh0SsUoleVepVWn5N3NE6XnrgiBAHiSJUL7jOIpBS9NlWOgrTCzqT5J2QFEd-vwFO3zABQ8MkTH41MJ6n7FjwfIndD-gLPvHyDEMy*3wFBAElUKgZJhz5IVm-nFmCb1GhKXZQ5CMT5c4=
https://mp.weixin.qq.com/s?src=3×tamp=1502478296&ver=1&signature=wYB4AAcs0Nbz*6P0S22UU9pvnJi7uqjFh0SsUoleVepVWn5N3NE6XnrgiBAHiSJUL7jOIpBS9NlWOgrTCzqT5J2QFEd-vwFO3zABQ8MkTH41MJ6n7FjwfIndD-gLPvHyDEMy*3wFBAElUKgZJhz5IVm-nFmCb1GhKXZQ5CMT5c4=
二维码引发诈骗案到成功追回赃款-社会工程学
https://bbs.ichunqiu.com/thread-25601-1-1.html?from=sec
https://bbs.ichunqiu.com/thread-25601-1-1.html?from=sec
关于xss的防护与绕过科普
http://mp.weixin.qq.com/s/cJxDb5vWTSPzRKWlEB3GCQ
http://mp.weixin.qq.com/s/cJxDb5vWTSPzRKWlEB3GCQ
做到这一点,你也可以成为优秀的程序员
https://mp.weixin.qq.com/s/8Bl105G8ZsE_jy5mbrIy_g
https://mp.weixin.qq.com/s/8Bl105G8ZsE_jy5mbrIy_g
Industrial Control System (ICS) security 工控系统安全相关资源
https://github.com/hslatman/awesome-industrial-control-system-security
https://github.com/hslatman/awesome-industrial-control-system-security
SSRF, Memcached and other key-value injections in the wild
https://medium.com/@d0znpp/ssrf-memcached-and-other-key-value-injections-in-the-wild-c8d223bd856f
https://medium.com/@d0znpp/ssrf-memcached-and-other-key-value-injections-in-the-wild-c8d223bd856f
利用CLR实现一种无需管理员权限的后门
http://www.4hou.com/technology/6863.html
http://www.4hou.com/technology/6863.html
Flask0.1源码阅读——请求处理和响应
https://jiayi.space/post/flask0.1yuan-ma-yue-du-qing-qiu-chu-li-he-xiang-ying
https://jiayi.space/post/flask0.1yuan-ma-yue-du-qing-qiu-chu-li-he-xiang-ying
Electron hack —— 跨平台 XSS
https://mp.weixin.qq.com/s/DgjJ6uKtuUPFQhgztL69RQ
https://mp.weixin.qq.com/s/DgjJ6uKtuUPFQhgztL69RQ
大力出奇迹:Web架构中的安全问题一例
http://www.polaris-lab.com/index.php/archives/369/
http://www.polaris-lab.com/index.php/archives/369/
IsThisLegit+Phinn:采用了机器学习算法的开源网络钓鱼防御与检测工具
http://www.freebuf.com/sectool/142955.html
http://www.freebuf.com/sectool/142955.html
腾讯安全反病毒实验室:揭秘“挂马”黑产最新态势
http://www.freebuf.com/articles/system/143217.html
http://www.freebuf.com/articles/system/143217.html
Office高级威胁漏洞在野利用分析
https://cert.360.cn/static/files/Office%E9%AB%98%E7%BA%A7%E5%A8%81%E8%83%81%E6%BC%8F%E6%B4%9E%E5%9C%A8%E9%87%8E%E5%88%A9%E7%94%A8%E5%88%86%E6%9E%90.pdf
https://cert.360.cn/static/files/Office%E9%AB%98%E7%BA%A7%E5%A8%81%E8%83%81%E6%BC%8F%E6%B4%9E%E5%9C%A8%E9%87%8E%E5%88%A9%E7%94%A8%E5%88%86%E6%9E%90.pdf
2017上半年移动安全报告
http://blog.avlsec.com/2017/08/4817/report/
http://blog.avlsec.com/2017/08/4817/report/
如何通过简单的网页文件从MacOS中盗取文件?
http://www.4hou.com/system/7012.html
http://www.4hou.com/system/7012.html
Analysis Results of Zeus.Variant.Panda
https://cyberwtf.files.wordpress.com/2017/07/panda-whitepaper.pdf
https://cyberwtf.files.wordpress.com/2017/07/panda-whitepaper.pdf
mysql-插入优化Disk seeks are evil, so let’s avoid them, pt. 4
https://www.percona.com/blog/2010/06/18/disk-seeks-are-evil-so-lets-avoid-them-pt-4/
https://www.percona.com/blog/2010/06/18/disk-seeks-are-evil-so-lets-avoid-them-pt-4/
post-exploitation-persistence-with-application-shims-intro
http://blacksunhackers.club/2016/08/post-exploitation-persistence-with-application-shims-intro/
http://blacksunhackers.club/2016/08/post-exploitation-persistence-with-application-shims-intro/
SecWiki周刊(第179期)
https://www.sec-wiki.com/weekly/179
https://www.sec-wiki.com/weekly/179
-----微信ID:SecWiki-----
SecWiki,12年来一直专注安全技术资讯分析!
SecWiki:https://www.sec-wiki.com本期原文地址: SecWiki周刊(第180期)
