SecWiki周刊(第129期)
2016/08/15-2016/08/21
安全资讯
ISC 2016 | 中国互联网大会的中流砥柱
http://www.mottoin.com/87542.html
http://www.mottoin.com/87542.html
NSA内部黑客组织 专用黑客工具遭网上泄漏
http://www.mottoin.com/87295.html
http://www.mottoin.com/87295.html
Guccifer 2.0揭秘美国选举那些事
http://www.mottoin.com/87116.html
http://www.mottoin.com/87116.html
价值500,000元的Gartner安全新趋势
http://mp.weixin.qq.com/s?__biz=MzAwNDE4Mzc1NA==&mid=2650824525&idx=1&sn=657e615c3a2caf4d6e889e4025e03af1&scene=25#wechat_redirect
http://mp.weixin.qq.com/s?__biz=MzAwNDE4Mzc1NA==&mid=2650824525&idx=1&sn=657e615c3a2caf4d6e889e4025e03af1&scene=25#wechat_redirect
NSA被黑真相,数据从内部流出
http://www.mottoin.com/87655.html
http://www.mottoin.com/87655.html
Windows 10周年更新致数百万摄像头无法正常工作
http://www.mottoin.com/87737.html
http://www.mottoin.com/87737.html
【人物】马杰:创立安全宝,统领百度安全
http://weibo.com/ttarticle/p/show?id=2309404008818181811199
http://weibo.com/ttarticle/p/show?id=2309404008818181811199
ISC2016·安全创客汇谁一举夺魁?
http://mp.weixin.qq.com/s?__biz=MzAwNDE4Mzc1NA==&mid=2650824561&idx=1&sn=3321f396b1261a0bc616760f96bbc41e&scene=1
http://mp.weixin.qq.com/s?__biz=MzAwNDE4Mzc1NA==&mid=2650824561&idx=1&sn=3321f396b1261a0bc616760f96bbc41e&scene=1
八月安全大事件第一期
https://zhuanlan.zhihu.com/p/22030045
https://zhuanlan.zhihu.com/p/22030045
“安全创客汇” 十强初创企业都“强”在哪里?
http://www.aqniu.com/industry/18712.html
http://www.aqniu.com/industry/18712.html
安全技术
美国NSA方程式组织(Equation Group)事件分析
http://www.mottoin.com/87314.html
http://www.mottoin.com/87314.html
Wireshark入门与进阶系列十一之SSL分析
http://blog.csdn.net/qq_29277155/article/details/52144179
http://blog.csdn.net/qq_29277155/article/details/52144179
安全摘记:互联网安全小兵的日常
http://www.freebuf.com/articles/network/111071.html
http://www.freebuf.com/articles/network/111071.html
Cloudflare Resolver
https://cloudflaresolver.com
https://cloudflaresolver.com
使用Powershell反弹Meterpreter Shell
http://www.mottoin.com/87266.html
http://www.mottoin.com/87266.html
NetworkScan Mon: 全网扫描监测系统
http://scan.netlab.360.com/#/dashboard
http://scan.netlab.360.com/#/dashboard
蜜罐中常用协议——HPFEEDS协议
http://www.mottoin.com/87695.html
http://www.mottoin.com/87695.html
社工库数据格式化之Kettle Spoon
http://www.freebuf.com/articles/database/111386.html
http://www.freebuf.com/articles/database/111386.html
PentestPackage:渗透测试常用脚本打包
http://www.mottoin.com/87291.html
http://www.mottoin.com/87291.html
BrupSuite使用Intruder绕过CSRF Token继续爆破
http://www.mottoin.com/87137.html
http://www.mottoin.com/87137.html
你不得不知的几款漏洞扫描器
http://www.mottoin.com/87240.html
http://www.mottoin.com/87240.html
驱散前端安全梦魇——DOMXSS典型场景分析与修复指南
https://security.tencent.com/index.php/blog/msg/107
https://security.tencent.com/index.php/blog/msg/107
隐写技巧——利用PNG文件格式隐藏Payload(一)
http://www.mottoin.com/87685.html
http://www.mottoin.com/87685.html
基于镜像流量的漏洞挖掘思路
http://www.mottoin.com/87670.html
http://www.mottoin.com/87670.html
绕过限制上传文件总结
http://www.mottoin.com/87386.html
http://www.mottoin.com/87386.html
漏洞预警:Zabbix高危SQL注入漏洞,可获取系统权限
http://www.mottoin.com/87500.html
http://www.mottoin.com/87500.html
Disucz 插件漏洞挖掘
http://www.mottoin.com/87461.html
http://www.mottoin.com/87461.html
如何使用SDR+inspectrum逆向分析无线遥控信号
http://mp.weixin.qq.com/s?__biz=MzIxODIzNzgwMw==&mid=2654055375&idx=1&sn=6540b6914eb90b5e1695a9bfc7622567
http://mp.weixin.qq.com/s?__biz=MzIxODIzNzgwMw==&mid=2654055375&idx=1&sn=6540b6914eb90b5e1695a9bfc7622567
Researcher Grabs VPN Password With Tool From NSA Dump
https://motherboard.vice.com/read/researcher-grabs-cisco-vpn-password-with-tool-from-nsa-dump
https://motherboard.vice.com/read/researcher-grabs-cisco-vpn-password-with-tool-from-nsa-dump
Tomcat漏洞详解
http://www.mottoin.com/87173.html
http://www.mottoin.com/87173.html
一款开源代码变异工具:Metame
http://www.mottoin.com/87234.html
http://www.mottoin.com/87234.html
nmap-nse-scripts: collection of nmap NSE scripts
https://github.com/cldrn/nmap-nse-scripts
https://github.com/cldrn/nmap-nse-scripts
heap overflow
http://www.mottoin.com/87277.html
http://www.mottoin.com/87277.html
X-WAF:一款适用中小企业的免费云WAF系统
http://www.mottoin.com/87521.html
http://www.mottoin.com/87521.html
Linux安全防护(1)
http://www.mottoin.com/87524.html
http://www.mottoin.com/87524.html
个人信息泄露的危害到底离你有多远?
http://www.mottoin.com/87551.html
http://www.mottoin.com/87551.html
public-pentesting-reports: 公开的渗透测试报告列表
https://github.com/juliocesarfort/public-pentesting-reports
https://github.com/juliocesarfort/public-pentesting-reports
安卓分析工具Inspeckage介绍
http://www.mottoin.com/87212.html
http://www.mottoin.com/87212.html
Cobra代码扫描规则设计
http://wufeifei.com/scan-engine/
http://wufeifei.com/scan-engine/
缓冲区溢出保护及绕过等等
http://www.mottoin.com/87252.html
http://www.mottoin.com/87252.html
隐写技巧——利用PNG文件格式隐藏Payload(二)
http://www.mottoin.com/87722.html
http://www.mottoin.com/87722.html
Gartner:2016年SIEM(安全信息与事件管理)市场分析
http://yepeng.blog.51cto.com/3101105/1840141
http://yepeng.blog.51cto.com/3101105/1840141
[ABCTF 2016] SE and XSS – The art of phishing and trolling
https://0x90r00t.com/2016/07/24/abctf-2016-se-and-xss-the-art-of-phishing-and-trolling/
https://0x90r00t.com/2016/07/24/abctf-2016-se-and-xss-the-art-of-phishing-and-trolling/
针对Gartner最新安全趋势的全面解读(第二篇)
http://mp.weixin.qq.com/s?__biz=MzAwNDE4Mzc1NA==&mid=2650824596&idx=1&sn=3250a0ffe388658c4b9a525abca776af&scene=1
http://mp.weixin.qq.com/s?__biz=MzAwNDE4Mzc1NA==&mid=2650824596&idx=1&sn=3250a0ffe388658c4b9a525abca776af&scene=1
密码逻辑漏洞小总结
http://www.mottoin.com/87224.html
http://www.mottoin.com/87224.html
N-gram 在安全领域的应用
http://www.mottoin.com/87163.html
http://www.mottoin.com/87163.html
Equation Group Firewall Operations Catalogue
https://musalbas.com/2016/08/16/equation-group-firewall-operations-catalogue.html
https://musalbas.com/2016/08/16/equation-group-firewall-operations-catalogue.html
浅析WAF下的SQLi防御绕过
http://www.mauu.me/?p=247
http://www.mauu.me/?p=247
安卓分析工具Inspeckage介绍
http://xdxd.love/2016/08/09/%E5%AE%89%E5%8D%93%E5%88%86%E6%9E%90%E8%BE%85%E5%8A%A9%E5%B7%A5%E5%85%B7Inspeckage%E4%BB%8B%E7%BB%8D/
http://xdxd.love/2016/08/09/%E5%AE%89%E5%8D%93%E5%88%86%E6%9E%90%E8%BE%85%E5%8A%A9%E5%B7%A5%E5%85%B7Inspeckage%E4%BB%8B%E7%BB%8D/
如何建立自己的威胁情报战略
http://www.mottoin.com/87689.html
http://www.mottoin.com/87689.html
WMI vs. WMI: Monitoring for Malicious Activity
https://www.fireeye.com/blog/threat-research/2016/08/wmi_vs_wmi_monitor.html
https://www.fireeye.com/blog/threat-research/2016/08/wmi_vs_wmi_monitor.html
altdns: Generates permutations, alterations and mutations of subdomains
https://github.com/infosec-au/altdns
https://github.com/infosec-au/altdns
Linux安全防护(2)
http://www.mottoin.com/87610.html
http://www.mottoin.com/87610.html
zabbix高危SQL注入漏洞分析
http://www.mottoin.com/87570.html
http://www.mottoin.com/87570.html
当我们在谈论前端加密时,我们在谈些什么
http://www.mottoin.com/87245.html
http://www.mottoin.com/87245.html
360安全大会工业互联网安全论坛总结
http://www.vonwei.com/post/360ICSSecurity.html
http://www.vonwei.com/post/360ICSSecurity.html
中、小企业如何自建免费的云WAF
http://mp.weixin.qq.com/s?__biz=MzI2NzI2OTExNA==&mid=2247483792&idx=1&sn=162692a4fe75230da84a68b144f344f7
http://mp.weixin.qq.com/s?__biz=MzI2NzI2OTExNA==&mid=2247483792&idx=1&sn=162692a4fe75230da84a68b144f344f7
一些关于内核安全的paper
https://github.com/cloudsec/research
https://github.com/cloudsec/research
PowerShell-AD-Recon: PowerShell Scripts I find useful
https://github.com/PyroTek3/PowerShell-AD-Recon
https://github.com/PyroTek3/PowerShell-AD-Recon
安全专题
网络入侵检测相关的库和产品
https://www.sec-wiki.com/topic/73
https://www.sec-wiki.com/topic/73
-----微信ID:SecWiki-----
SecWiki,13年来一直专注安全技术资讯分析!
SecWiki:https://www.sec-wiki.com本期原文地址: SecWiki周刊(第129期)
