SecWiki周刊(第124期)
2016/07/11-2016/07/17
安全资讯
新书推荐 - 《漏洞战争》- 泉哥新书 Cybersecurity in the Healthcare Industry Healthcare Hacking NSA Labels Privacy-Centric Internet Users As Extremists – The Merkle 漏洞披露模式的法理与价值:记乌云白帽大会圆桌论坛 Serious Vulnerability Affects Over 120 D-Link Products
安全技术
sqlmap 的源码学习笔记一之目录结构 Some-PoC-oR-ExP: 各种漏洞poc、Exp的收集或编写 2016乌云白帽大会视频-0709#密码1olm 使用GnuRadio + OpenLTE + SDR 搭建4G LTE 基站(上) A fork of AFL for fuzzing Windows binaries srsLTE: Open source 3GPP LTE library nginx的proxy_pass使用https(SSL加密) 小话企业安全能力建设 Exploiting Windows DRIVERS: Double-fetch Race Condition Vulnerability PoshC2 – Powershell C2 Rails Webconsole DNS Rebinding lead to Remote code execution fenghuangscanner_v3:常见服务端口弱口令扫描器 使用预先算好的字符串hash逆向分析shellcode Incident Response Forensic Framework: nightHawk Response XSS Hunter is Now Open Source MYSQL提权总结 Cisco Talos software Project Triforce: Run AFL on Everything! 掌阅iReader某站Python漏洞挖掘 Google BigQuery: Analyze all the code of Github A Case Study in Attacking KeePass – Part 1 2016乌云白帽大会企业场讲点儿啥? shadow – Firefox Heap Exploitation Tool (jemalloc) Gracker level8 write-up Bluto V2.0 comming The first open source vulnerability scanner for firmwares honeydrive:Honeypot Linux distribution pystock-data: US stock market data since 2009 KeeThief – A Case Study in Attacking KeePass Part 2 BruteXSS - Cross-Site Scripting Bruteforcer X86 Shellcode Obfuscation - Part 3 Radare2 Explorations: New book released! 物联网IoT产品安全checklist#密码: z78I nccgroup Blogs Gaining Control of a .int Domain Name With DNS Trickery Code Review最佳实践 X86 Shellcode Obfuscation - Part 1 Official x64dbg blog 记一次WAF对抗赛详解&全方位绕过WAF My_VBA_Bot - Writ ing Office Macro FUD encoder and other stuff PEFix – simple PE file re-aligner Gracker level5 write-up Writing your own shellcode. 白象的舞步——来自南亚次大陆的网络攻击 [CVE-2016-4794/6162] Two linux kernel bugs Gracker level0 write-up Papertrail - Log management cloud service for free OpenIOC – Sharing Threat Intelligence FreeBSD encryption. Part 1 A Framework for the Analysis of Complex Code-Reuse Attacks ERTS – Exploit Reliability Testing System 小议安卓定位伪造-实战足不出户畅玩pokemon go Project Keyhole - A python framework to automatically backdoor binaries or sour OWASP ZCR Shellcoder tomcatWarDeployer AppSecEU 2016 Videos InfoSecIITK Summer CTF 2016 拥有300万安装量的应用是如何恶意推广刷榜的? Heap spraying high addresses in 32-bit Chrome/Firefox on 64-bit Windows This URL will crash your Ubuntu wget 勒索程序演化与发展趋势(14~16年) Introductory Intel x86: Architecture, Assembly, Applications, & Alliteration X86 Shellcode Obfuscation - Part 2 NeutrinoEK来袭:爱拍网遭敲诈者病毒挂马 Gracker level2 write-up Gracker level1 write-up 谈谈我这三年在前端技术上的成长 FreeBSD encryption. Part 2: The subtleties of daily use. (ru) Project to practice the basic at exploit bufferoverflow bugs. Android WebView 漏洞的利用、局限与终结 Adobe Flash Player prior 11.2.202.621/18.0.0.352/21.0.0.242 buffer overflow Shellcode mapper HuntingTheHunters_2016 ppt exploits PPT Powerpoint Presentations and Slides Fuzzing_and_Patch_Analysis-SAGEly_Advice The Tales of a Bug Bounty Hunter Gracker level3 write-up Gracker level7 write-up Gracker level4 write-up Gracker level6 write-up Gracker level9 write-up-----微信ID:SecWiki-----
SecWiki,12年来一直专注安全技术资讯分析!
SecWiki:https://www.sec-wiki.com
本期原文地址: SecWiki周刊(第124期)