SecWiki周刊(第108期)
2016/03/21-2016/03/27
安全资讯
安全技术
[移动安全]  Android系统漏洞提权
http://bigniu.com/article/view/1
[移动安全]  再谈APP网络端口开放问题
http://bigniu.com/article/view/10
[移动安全]  APP程序中的短信验证码真的安全么?
http://bigniu.com/article/view/15
[移动安全]  短信接口处理不当,被狂刷上万短信
http://bigniu.com/article/view/23
[漏洞分析]  64-bit Linux stack smashing tutorial: Part 1
http://blog.techorganic.com/2015/04/10/64-bit-linux-stack-smashing-tutorial-part-1/
[Web安全]  FuzzerPwd: Fuzzer常见的弱口令作为字典
https://github.com/yunxu1/FuzzerPwd
[会议]  BASec Meetup March’16
http://www.inforsec.org/wp/?p=689
[漏洞分析]  64-bit Linux stack smashing tutorial: Part 2
http://blog.techorganic.com/2015/04/21/64-bit-linux-stack-smashing-tutorial-part-2/
[Web安全]  IE安全系列之——RES Protocol
http://drops.wooyun.org/papers/13898
[工具]  Bugfighter C/C++
http://www.bugfighter-soft.com/index.php
[漏洞分析]  infosec-central resources files
https://www.infosec-central.com/resources/files/
[漏洞分析]  64-bit Linux stack smashing tutorial: Part 3
http://blog.techorganic.com/2016/03/18/64-bit-linux-stack-smashing-tutorial-part-3/
[漏洞分析]  Analyzing HTTPS Encrypted Traffic to Identify User’s Operating System, Browser a
http://arxiv.org/vc/arxiv/papers/1603/1603.04865v1.pdf
[编程技术]  Fuzzing workflows; a fuzz job from start to finish
http://foxglovesecurity.com/2016/03/15/fuzzing-workflows-a-fuzz-job-from-start-to-finish/
[无线安全]  315晚会报道的无人机是怎么被劫持的?
https://security.tencent.com/index.php/blog/msg/103
[运维安全]  Hack Like the Bad Guys – Using Tor for Firewall Evasion and Anonymous Remote Access
http://foxglovesecurity.com/2015/11/02/hack-like-the-bad-guys-using-tor-for-firewall-evasion-and-anonymous-remote-access/
[设备安全]  工业控制信息安全资源汇总(国外篇)
http://plcscan.org/blog/2016/03/ics-security-resources-overview-2/
[漏洞分析]  Exploring SSTI in Flask/Jinja2
https://nvisium.com/blog/2016/03/09/exploring-ssti-in-flask-jinja2/
[Web安全]  Exploring SSTI in Flask/Jinja2, Part II
https://nvisium.com/blog/2016/03/11/exploring-ssti-in-flask-jinja2-part-ii/
[漏洞分析]  Car Hacking for Plebs – The Untold Story
http://foxglovesecurity.com/2015/10/26/car-hacking-for-plebs-the-untold-story/
[无线安全]  When Whales Fly – Building a Wireless Pentest Environment using Docker
http://foxglovesecurity.com/2016/02/24/when-whales-fly-building-a-wireless-pentest-environment-using-docker/
[恶意分析]  Let's Analyze: Dridex (Part 1)
http://www.malwaretech.com/2016/03/lets-analyze-dridex-part-1.html
[无线安全]  WIFI WPA1/2 Crack for Windows
http://drops.wooyun.org/wireless/13968
-----微信ID:SecWiki-----
SecWiki,12年来一直专注安全技术资讯分析!
SecWiki:https://www.sec-wiki.com

本期原文地址: SecWiki周刊(第108期)