SecWiki周刊（第109期)

2016/03/28-2016/04/03

安全资讯

[其它] 中国网络空间安全协会会员名单
http://www.aqniu.com/industry/14543.html

安全技术

[漏洞分析] Technical "whitepaper" for afl-fuzz
http://lcamtuf.coredump.cx/afl/technical_details.txt

[其它] Great security list for fun and profit
https://github.com/zbetcheckin/Security_list

[其它] 针对中小企业规划的信息安全策略(日本网络安全协会)
http://www.jnsa.org/result/2016/policy/index.html

[恶意分析] 高级组合技打造“完美” 捆绑后门
http://evi1cg.me/archives/chm_backdoor.html

[编程技术] QQ模拟登录实现后篇
http://drops.wooyun.org/tips/14042

[Web安全] Nmap备忘单：从探索到漏洞利用（Part3）
http://www.freebuf.com/vuls/100580.html

[设备安全] Remote Code Execution in CCTV-DVR affecting over 70 different vendors
http://www.kerneronsec.com/2016/02/remote-code-execution-in-cctv-dvrs-of.html

[编程技术] A Whirlwind Tutorial on Creating Really Teensy ELF Executables for Linux
http://www.muppetlabs.com/~breadbox/software/tiny/teensy.html

[漏洞分析] Binspector - A Binary Format Analysis Tool
http://binspector.github.io/installation/

[其它] OPML-Security-Feeds: A list of OPML Security Feeds
https://github.com/cudeso/OPML-Security-Feeds

[其它] InfoSec architecture
http://netsec.ws/infosec.svg

[编程技术] Reverse Engineering Team
http://www.reteam.org/tools.html

[恶意分析] 一个支付宝木马的分析溯源之旅
http://drops.wooyun.org/papers/14103

[漏洞分析] programlife
http://www.programlife.net/

[漏洞分析] Automatically inferring file syntax with afl-analyze
https://lcamtuf.blogspot.tw/2016/02/say-hello-to-afl-analyze.html

[其它] The Sortix Operating System released V1.0
https://sortix.org/

[编程技术] A "stack smashing" technique protection tool for Linux
http://www.angelfire.com/sk/stackshield/info.html

[编程技术] Penetration Testing/Security Cheatsheets
https://github.com/jshaw87/Cheatsheets

-----微信ID：SecWiki-----
SecWiki，13年来一直专注安全技术资讯分析！
SecWiki：https://www.sec-wiki.com