SecWiki周刊(第203期)
2018/01/15-2018/01/21
安全资讯
运营商劫持加入挖矿大军 波及十余省辽宁重灾区
https://baijia.baidu.com/s?id=1589640059149841889&wfr=pc&fr=new_lst
https://baijia.baidu.com/s?id=1589640059149841889&wfr=pc&fr=new_lst
阿里安全归零实验室首度揭秘真实的“黄牛软件江湖”
https://mp.weixin.qq.com/s/QUe0N9Z4lkz3UsFbux-Dqg
https://mp.weixin.qq.com/s/QUe0N9Z4lkz3UsFbux-Dqg
解读两办《关于推进城市安全发展的意见》
https://mp.weixin.qq.com/s/rsrieCI2zItZBcHVn22Q5A
https://mp.weixin.qq.com/s/rsrieCI2zItZBcHVn22Q5A
2017年最受风投青睐的20家网络安全厂商榜单
https://mp.weixin.qq.com/s/ShTWSy27FXuqWJxTnfCzLg
https://mp.weixin.qq.com/s/ShTWSy27FXuqWJxTnfCzLg
网络安全行业全景图(2018年1月)发布
http://www.aqniu.com/industry/30888.html
http://www.aqniu.com/industry/30888.html
新时代背景下的新型智慧城市网络安全
https://mp.weixin.qq.com/s/8cksJnDwqFRSpjy2iX42Fg
https://mp.weixin.qq.com/s/8cksJnDwqFRSpjy2iX42Fg
爱因斯坦计划最新进展(201710)
http://blog.51cto.com/yepeng/2062038
http://blog.51cto.com/yepeng/2062038
以色列网络安全市场趋势观察
http://new.qq.com/omn/20180116/20180116A0SH3Y.html
http://new.qq.com/omn/20180116/20180116A0SH3Y.html
安全技术
TheWebConf 2018(WWW) – CCF A 级会议论文录用列表
https://www2018.thewebconf.org/program/security-and-privacy/
https://www2018.thewebconf.org/program/security-and-privacy/
NDSS 2018 Programme Symposium 会议录用列表
https://www.ndss-symposium.org/ndss2018/programme/
https://www.ndss-symposium.org/ndss2018/programme/
腾讯2017年度网络黑产威胁源研究报告
https://book.yunzhan365.com/odqt/yzzl/mobile/index.html
https://book.yunzhan365.com/odqt/yzzl/mobile/index.html
RPO(Relative Path Overwrite)相对路径覆盖攻击技术浅析
http://blog.nsfocus.net/rpo-attack/
http://blog.nsfocus.net/rpo-attack/
卡巴斯基应急响应指南分享
http://www.freebuf.com/articles/es/159652.html
http://www.freebuf.com/articles/es/159652.html
jvm-sandbox: JVM沙箱容器,一种JVM的非侵入式运行期AOP解决方案
https://github.com/alibaba/jvm-sandbox
https://github.com/alibaba/jvm-sandbox
FeeiCN/GSIL: Github Sensitive Information Leakage(Github敏感信息泄露)
https://github.com/FeeiCN/GSIL
https://github.com/FeeiCN/GSIL
yulong-hids: 一款由 YSRC 开发的入侵检测系统
https://github.com/ysrc/yulong-hids
https://github.com/ysrc/yulong-hids
ElastAlert监控日志告警Web攻击行为
http://www.freebuf.com/articles/web/160254.html
http://www.freebuf.com/articles/web/160254.html
黑客修仙之道之pentest wiki 下
https://bbs.ichunqiu.com/thread-32264-1-1.html?from=sec
https://bbs.ichunqiu.com/thread-32264-1-1.html?from=sec
一种深度隐蔽的后门方式(二)
https://www.anquanke.com/post/id/93542
https://www.anquanke.com/post/id/93542
微信亿级用户异常检测框架的设计与实践
https://mp.weixin.qq.com/s/nXYrUgEhaCo4patd1YovOw
https://mp.weixin.qq.com/s/nXYrUgEhaCo4patd1YovOw
Whats APT:浅谈APT攻击
http://www.freebuf.com/column/160412.html
http://www.freebuf.com/column/160412.html
搭建基于SonarQube的自动化安全代码检测平台
https://m.aliyun.com/yunqi/articles/357247
https://m.aliyun.com/yunqi/articles/357247
如何通过TTL调试光猫
https://paper.seebug.org/506/
https://paper.seebug.org/506/
DedeCMS V5.7 SP2前台任意文件删除
https://xianzhi.aliyun.com/forum/topic/1963
https://xianzhi.aliyun.com/forum/topic/1963
记一次挖掘存储型XSS漏洞过程
http://www.secist.com/archives/5388.html
http://www.secist.com/archives/5388.html
vscode extension 钓鱼
https://d0n9.github.io/2018/01/17/vscode%20extension%20%E9%92%93%E9%B1%BC/
https://d0n9.github.io/2018/01/17/vscode%20extension%20%E9%92%93%E9%B1%BC/
常见 Web 安全攻防总结
http://www.danding.net/2018/01/%e5%b8%b8%e8%a7%81-web-%e5%ae%89%e5%85%a8%e6%94%bb%e9%98%b2%e6%80%bb%e7%bb%93/
http://www.danding.net/2018/01/%e5%b8%b8%e8%a7%81-web-%e5%ae%89%e5%85%a8%e6%94%bb%e9%98%b2%e6%80%bb%e7%bb%93/
awesome-threat-detection: awesome threat detection and hunting resources
https://github.com/0x4D31/awesome-threat-detection
https://github.com/0x4D31/awesome-threat-detection
通过CVE-2017-17215学习路由器漏洞分析,从入坑到放弃
http://www.freebuf.com/vuls/160040.html
http://www.freebuf.com/vuls/160040.html
自建搜索引擎:一个用于搜索安全技术文章的工具
http://www.4hou.com/technology/9868.html
http://www.4hou.com/technology/9868.html
浅谈动态爬虫与去重(续)
https://www.anquanke.com/post/id/95294
https://www.anquanke.com/post/id/95294
挖洞技巧:信息泄露之总结
https://www.anquanke.com/post/id/94787
https://www.anquanke.com/post/id/94787
Expiring Payloads in the Metasploit Framework
https://www.gironsec.com/blog/2018/01/expiring-payloads-in-the-metasploit-framework/
https://www.gironsec.com/blog/2018/01/expiring-payloads-in-the-metasploit-framework/
CloudFlair: Bypassing Cloudflare using Internet-wide scan data
https://blog.christophetd.fr/bypassing-cloudflare-using-internet-wide-scan-data/
https://blog.christophetd.fr/bypassing-cloudflare-using-internet-wide-scan-data/
2017年度安全报告--IoT安全威胁
https://cert.360.cn/static/files/2017%E5%B9%B4%E5%BA%A6%E5%AE%89%E5%85%A8%E6%8A%A5%E5%91%8A--IoT%E5%AE%89%E5%85%A8%E5%A8%81%E8%83%81.pdf
https://cert.360.cn/static/files/2017%E5%B9%B4%E5%BA%A6%E5%AE%89%E5%85%A8%E6%8A%A5%E5%91%8A--IoT%E5%AE%89%E5%85%A8%E5%A8%81%E8%83%81.pdf
NTDSDumpEx: NTDS.dit offline dumper with non-elevated
https://github.com/zcgonvh/NTDSDumpEx
https://github.com/zcgonvh/NTDSDumpEx
卫星系统——酒店后端全链路日志收集工具介绍
https://tech.meituan.com/satellite_system.html
https://tech.meituan.com/satellite_system.html
net_guard:利用 ARP 协议探测网络中未知设备
https://github.com/joarleymoraes/net_guard
https://github.com/joarleymoraes/net_guard
DeDeCMS v5.7 密码修改漏洞分析
https://lorexxar.cn/2018/01/19/dedecms-vul1/
https://lorexxar.cn/2018/01/19/dedecms-vul1/
74cms v4.2.3前台任意文件读取
https://mp.weixin.qq.com/s/TnS8f8B1ntC3qvd4noc7nA
https://mp.weixin.qq.com/s/TnS8f8B1ntC3qvd4noc7nA
DEDECMS 任意重置管理员密码
https://xianzhi.aliyun.com/forum/topic/1959
https://xianzhi.aliyun.com/forum/topic/1959
构建数据时代的数据安全体系
https://mp.weixin.qq.com/s/_Wdi6RZfchA5g5Dp7TmWYg
https://mp.weixin.qq.com/s/_Wdi6RZfchA5g5Dp7TmWYg
likexian/stathub-go: A smart Hub for holding server Stat
https://github.com/likexian/stathub-go
https://github.com/likexian/stathub-go
Satori 变种正在通过替换钱包地址盗取 ETH 数字代币
http://blog.netlab.360.com/art-of-steal-satori-variant-is-robbing-eth-bitcoin-by-replacing-wallet-address/
http://blog.netlab.360.com/art-of-steal-satori-variant-is-robbing-eth-bitcoin-by-replacing-wallet-address/
对TRITON工业恶意软件的分析(下)
https://www.anquanke.com/post/id/95355
https://www.anquanke.com/post/id/95355
BurpSuite插件:JEECMS签名助手
http://www.polaris-lab.com/index.php/archives/419/
http://www.polaris-lab.com/index.php/archives/419/
对TRITON工业恶意软件的分析(上)
https://www.anquanke.com/post/id/95198
https://www.anquanke.com/post/id/95198
Detecting Chrome headless, new techniques
https://antoinevastel.github.io/bot%20detection/2018/01/17/detect-chrome-headless-v2.html
https://antoinevastel.github.io/bot%20detection/2018/01/17/detect-chrome-headless-v2.html
浅谈高级威胁情报对于安全建设的意义与思考(下)
https://xianzhi.aliyun.com/forum/topic/1935?from=timeline
https://xianzhi.aliyun.com/forum/topic/1935?from=timeline
Network Attack Map Collection 攻击地图集合
http://maps-us.bid/network-attack-map.html
http://maps-us.bid/network-attack-map.html
SecWiki周刊(第202期)
https://www.sec-wiki.com/weekly/202
https://www.sec-wiki.com/weekly/202
基于DNS的数据挖掘与分析
http://www.freebuf.com/articles/web/160431.html
http://www.freebuf.com/articles/web/160431.html
‘RubyMiner’ Cryptominer Affects 30% of WW Networks
https://research.checkpoint.com/rubyminer-cryptominer-affects-30-ww-networks/
https://research.checkpoint.com/rubyminer-cryptominer-affects-30-ww-networks/
SigPloiter/GTScan: The Nmap Scanner for Telco
https://github.com/SigPloiter/GTScan
https://github.com/SigPloiter/GTScan
用汇编语言(ARM 32位)编写TCP Bind Shell的菜鸟教程
http://www.4hou.com/info/news/9959.html
http://www.4hou.com/info/news/9959.html
Automating VMware RPC Request Sniffing
https://www.zerodayinitiative.com/blog/2018/1/19/automating-vmware-rpc-request-sniffing
https://www.zerodayinitiative.com/blog/2018/1/19/automating-vmware-rpc-request-sniffing
-----微信ID:SecWiki-----
SecWiki,12年来一直专注安全技术资讯分析!
SecWiki:https://www.sec-wiki.com本期原文地址: SecWiki周刊(第203期)
