SecWiki周刊(第107期)
2016/03/14-2016/03/20
安全资讯
China to create its own DARPA
http://www.sciencemag.org/news/2016/03/china-create-its-own-darpa
http://www.sciencemag.org/news/2016/03/china-create-its-own-darpa
安全技术
sql-injection-cheat-sheet
https://www.netsparker.com/blog/web-security/sql-injection-cheat-sheet/
https://www.netsparker.com/blog/web-security/sql-injection-cheat-sheet/
流量劫持攻击之链路劫持剖析
http://drops.wooyun.org/tips/13661
http://drops.wooyun.org/tips/13661
OrangeScan: 在线子域名信息收集工具
https://github.com/0xbug/OrangeScan
https://github.com/0xbug/OrangeScan
2015绿盟科技工控安保框架白皮书
http://blog.nsfocus.net/wp-content/uploads/2016/03/2015_NSFOCUS_ICS_Security_Framework_Whitepaper.pdf
http://blog.nsfocus.net/wp-content/uploads/2016/03/2015_NSFOCUS_ICS_Security_Framework_Whitepaper.pdf
浅谈一次针对公网PLC恶意操作行为的简单分析
http://plcscan.org/blog/2016/03/security-analysis-from-siemens-s7-plc-cpubuffer/
http://plcscan.org/blog/2016/03/security-analysis-from-siemens-s7-plc-cpubuffer/
0ctf writeup
http://drops.wooyun.org/tips/13791
http://drops.wooyun.org/tips/13791
GongDa vs. Korean News
https://www.fireeye.com/blog/threat-research/2016/03/gongda_vs_koreanne.html
https://www.fireeye.com/blog/threat-research/2016/03/gongda_vs_koreanne.html
云、管、端三重失守,大范围挂马攻击分析
http://drops.wooyun.org/papers/13755
http://drops.wooyun.org/papers/13755
pyyaml-tags-parse-to-command-execution
http://blog.knownsec.com/2016/03/pyyaml-tags-parse-to-command-execution/
http://blog.knownsec.com/2016/03/pyyaml-tags-parse-to-command-execution/
Taiwan Presidential Election: A Case Study on Thematic Targeting
http://pwc.blogs.com/cyber_security_updates/2016/03/taiwant-election-targetting.html
http://pwc.blogs.com/cyber_security_updates/2016/03/taiwant-election-targetting.html
QQ模拟登录实现之四两拨千斤(基于V8引擎)
http://drops.wooyun.org/tips/13556
http://drops.wooyun.org/tips/13556
vulnerability-in-net-signedxml
https://coding.abel.nu/2016/03/vulnerability-in-net-signedxml/
https://coding.abel.nu/2016/03/vulnerability-in-net-signedxml/
Tracking changes in years-long espionage campaign against Tibetans
https://citizenlab.org/2016/03/shifting-tactics/
https://citizenlab.org/2016/03/shifting-tactics/
collection of tools for security research, CTFs
https://github.com/eugenekolo/sec-tools
https://github.com/eugenekolo/sec-tools
设备唯一标识的思考
http://www.ylzhu.com/?p=9
http://www.ylzhu.com/?p=9
Exploit Kits in 2015: Scale and Distribution
http://blog.trendmicro.com/trendlabs-security-intelligence/exploit-kits-2015-scale-distribution/
http://blog.trendmicro.com/trendlabs-security-intelligence/exploit-kits-2015-scale-distribution/
-----微信ID:SecWiki-----
SecWiki,12年来一直专注安全技术资讯分析!
SecWiki:https://www.sec-wiki.com本期原文地址: SecWiki周刊(第107期)
