SecWiki周刊(第117期)
2016/05/23-2016/05/29
安全资讯
麒麟开源堡垒机双因素认证功能(动态口令、CA证书)发布
http://www.oschina.net/news/73706/qilin-baoleiji-dual-certification
http://www.oschina.net/news/73706/qilin-baoleiji-dual-certification
赛门铁克向Blue Coat签发了一个中级证书
http://www.solidot.org/story?sid=48370
http://www.solidot.org/story?sid=48370
安全技术
IEEE Symposium on Security and Privacy 2016
http://www.ieee-security.org/TC/SP2016/program-papers.html
http://www.ieee-security.org/TC/SP2016/program-papers.html
Practical Malware Analysis 恶意代码分析实战中的工具集
https://bluesoul.me/practical-malware-analysis-starter-kit/
https://bluesoul.me/practical-malware-analysis-starter-kit/
OSSIM视频教程
http://www.tudou.com/home/ossim/
http://www.tudou.com/home/ossim/
入CTF坑必不可少的地方
http://zone.wooyun.org/content/27257
http://zone.wooyun.org/content/27257
WebRtcXSS: 利用XSS入侵内网
https://github.com/BlackHole1/WebRtcXSS
https://github.com/BlackHole1/WebRtcXSS
麒麟开源堡垒主机在等保上的合规性分析
http://www.oschina.net/news/73391/qilin_baoleiji-analyse
http://www.oschina.net/news/73391/qilin_baoleiji-analyse
Android App开放网络端口的安全风险-CNCERT2016
http://www.ms509.com/wp-content/uploads/2016/05/Android-App%E5%BC%80%E6%94%BE%E7%BD%91%E7%BB%9C%E7%AB%AF%E5%8F%A3%E7%9A%84%E5%AE%89%E5%85%A8%E9%A3%8E%E9%99%A9-CNCERT2016.pdf
http://www.ms509.com/wp-content/uploads/2016/05/Android-App%E5%BC%80%E6%94%BE%E7%BD%91%E7%BB%9C%E7%AB%AF%E5%8F%A3%E7%9A%84%E5%AE%89%E5%85%A8%E9%A3%8E%E9%99%A9-CNCERT2016.pdf
企业安全加固,持续完善ing
https://github.com/luyg24/IT_security
https://github.com/luyg24/IT_security
2016中国网络安全年会培训资料#密码:6y4y
http://pan.baidu.com/share/link?shareid=743000893&uk=1546786268#path=%252F
http://pan.baidu.com/share/link?shareid=743000893&uk=1546786268#path=%252F
hitb sec conf 2016 ams
https://conference.hitb.org/hitbsecconf2016ams/materials/
https://conference.hitb.org/hitbsecconf2016ams/materials/
用Python的matplotlib来画全球的股票走势图(开源)
http://mp.weixin.qq.com/s?__biz=MzA4MjYwODg0OQ==&mid=2651817742&idx=1&sn=0a63d75dd6ba66285504040cde9eea61
http://mp.weixin.qq.com/s?__biz=MzA4MjYwODg0OQ==&mid=2651817742&idx=1&sn=0a63d75dd6ba66285504040cde9eea61
toolforspider:网络空间指纹扫描工具
https://github.com/nanshihui/toolforspider
https://github.com/nanshihui/toolforspider
awesome-python-cn: Python资源大全中文版
https://github.com/jobbole/awesome-python-cn
https://github.com/jobbole/awesome-python-cn
谛听ditecting-专注工控安全搜索
http://www.ditecting.com/
http://www.ditecting.com/
data_hacking: Click Security Data Hacking Project
https://github.com/ClickSecurity/data_hacking
https://github.com/ClickSecurity/data_hacking
Angular JS模板注入漏洞分析
http://blog.csdn.net/u011721501/article/details/51506364
http://blog.csdn.net/u011721501/article/details/51506364
CapTipper – Explore Malicious HTTP Traffic
http://www.darknet.org.uk/2016/05/captipper-explore-malicious-http-traffic/
http://www.darknet.org.uk/2016/05/captipper-explore-malicious-http-traffic/
How to Create a Network Graph Visualization of Reddit Subreddits
http://minimaxir.com/2016/05/reddit-graph/
http://minimaxir.com/2016/05/reddit-graph/
主流大数据采集平台的架构图解
http://www.ha97.com/5702.html
http://www.ha97.com/5702.html
Fecm: 前端XSS防火墙及后台报警系统
https://github.com/BlackHole1/Fecm
https://github.com/BlackHole1/Fecm
Use Bots of Telegram as a C2 server
http://drops.wooyun.org/tips/16142
http://drops.wooyun.org/tips/16142
JSRC 2016 杭州站#密码:esnv
http://pan.baidu.com/share/link?shareid=2073589828&uk=4060232048
http://pan.baidu.com/share/link?shareid=2073589828&uk=4060232048
hack_tools_for_me: 渗透小工具合集
https://github.com/rootphantomer/hack_tools_for_me
https://github.com/rootphantomer/hack_tools_for_me
自由工作者该如何建立个人品牌
http://yizaoyiwan.com/discussions/848
http://yizaoyiwan.com/discussions/848
渗透测试工具实战技巧合集
http://www.freebuf.com/sectool/105524.html
http://www.freebuf.com/sectool/105524.html
Discovering Subdomains
https://blog.bugcrowd.com/discovering-subdomains
https://blog.bugcrowd.com/discovering-subdomains
2016年Q2《网络安全创新500强》榜单解读
http://www.freebuf.com/news/105229.html
http://www.freebuf.com/news/105229.html
MySQL和PostgreSQL数据库安全配置
http://drops.wooyun.org/%E8%BF%90%E7%BB%B4%E5%AE%89%E5%85%A8/16067
http://drops.wooyun.org/%E8%BF%90%E7%BB%B4%E5%AE%89%E5%85%A8/16067
Malware exploit database
https://security-base.com:8000/
https://security-base.com:8000/
Funny Honey – tracking hackers in cyberspace part1
https://dfir-blog.com/2016/05/17/funny-honey-tracking-hackers-in-cyberspace-part1/
https://dfir-blog.com/2016/05/17/funny-honey-tracking-hackers-in-cyberspace-part1/
Building Advanced XSS Vectors
http://www.slideshare.net/BruteLogic/building-advanced-xss-vectors
http://www.slideshare.net/BruteLogic/building-advanced-xss-vectors
-----微信ID:SecWiki-----
SecWiki,12年来一直专注安全技术资讯分析!
SecWiki:https://www.sec-wiki.com本期原文地址: SecWiki周刊(第117期)
