SecWiki周刊(第13期)
2014/05/26-2014/06/01
安全资讯
[Web安全]  互联网新闻研究中心:《美国全球监听行动纪录》
http://yepeng.blog.51cto.com/3101105/1418480
[Web安全]  一周海外安全回顾(5.19-5.25)
http://www.freebuf.com/news/others/35568.html
[恶意分析]  FireEye Announces Network Threat Prevention Platform with IPS
http://www.fireeye.com/blog/corporate/2014/05/fireeye-announces-the-general-availability-of-network-threat-prevention-platform-with-ips.html
[Web安全]  华为高管陈黎芳:中欧应携手应对网络安全挑战
http://www.daxigua.com/archives/299
安全技术
[Web安全]  锤子科技撞库
http://jiajixin.cn/2014/05/24/hack_ttt/
[恶意分析]  Mandiant报告:揭秘一支中国网络间谍部队
http://www.valleytalk.org/wp-content/uploads/2014/05/Mandiant%E6%8A%A5%E5%91%8A%EF%BC%9A%E6%8F%AD%E7%A7%98%E4%B8%80%E6%94%AF%E4%B8%AD%E5%9B%BD%E7%BD%91%E7%BB%9C%E9%97%B4%E8%B0%8D%E9%83%A8%E9%98%9F.pdf
[恶意分析]  Malicious Redirections to Porn Websites
http://blog.sucuri.net/2014/05/website-infections-malicious-redirect-to-porn-website-target-wordpress-and-joomla-users.html
[取证分析]  电子取证之Linux PCI分析
http://www.freebuf.com/articles/system/35490.html
[编程技术]  Bootstrap Markdown:Markdown 编辑器
http://toopay.github.io/bootstrap-markdown/
[数据挖掘]  Analysis of Over 2,000 Computer Science Professors at Top Universities
http://jeffhuang.com/computer_science_professors.html
[Web安全]  内网端口转发方法汇总
http://silic.org/post/Port_Forwarding_from_Intranet_Multiple_Collection
[Web安全]  WAPTF: web application penetration testing framework
https://www.owasp.org/index.php/OWASP_Bywaf_Project
[Web安全]  Acunetix Online Vulnerability Scanner
https://ovs.acunetix.com/#/
[恶意分析]  NGLER EK AND ANOTHER CRYPTOWALL SAMPLE
http://www.malware-traffic-analysis.net/2014/05/28/index.html
[运维安全]  记我配置Nginx代理的遭遇
http://huoding.com/2014/05/27/352
[Web安全]  Flash跨域数据劫持漏洞
http://www.pnigos.com/?p=310
[运维安全]  基于snmp的反射攻击的理论及其实现
http://drops.wooyun.org/tips/2106
[漏洞分析]  五月,渗透师不得不知的微软更新
http://www.freebuf.com/articles/system/35211.html
[Web安全]  [更新]Elasticsearch 代码执行漏洞利用检测工具
http://blog.csdn.net/hujkay/article/details/27071919
[Web安全]  对众测平台的深度分析
http://taosay.net/index.php/2014/05/27/%e5%af%b9%e4%bc%97%e6%b5%8b%e5%b9%b3%e5%8f%b0%e7%9a%84%e6%b7%b1%e5%ba%a6%e5%88%86%e6%9e%90/
[数据挖掘]  浙江大学译美国白宫”大数据“白皮书
http://vdisk.weibo.com/s/GgQB3axicQgj/1401278850
[漏洞分析]  vbs利用webdav漏洞攻击ie
http://blog.sina.com.cn/s/blog_85e506df0101koov.html
[Web安全]  利用insert,update和delete注入获取数据
http://drops.wooyun.org/tips/2078
[Web安全]  [投稿]渗透测试中的密码扫描与破解技巧
http://www.91ri.org/9174.html
[恶意分析]  Analyzing a Malicious iFrame – Following the Eval Trail
http://blog.sucuri.net/2014/05/analyzing-a-malicious-iframe-following-the-eval-trail.html
[恶意分析]  A History of Malware: Part Three, 1993-1999
http://resources.infosecinstitute.com/history-malware-part-three-1993-1999/
[Web安全]  Lua Web Application Security Vulnerabilities
http://seclists.org/fulldisclosure/2014/May/128
[漏洞分析]  逆向基础(五)
http://drops.wooyun.org/tips/2112
[移动安全]  Fake WeChat – New Trojan-Banker
https://www.securelist.com/en/blog/8223/Fake_WeChat_New_Trojan_Banker
[Web安全]  internet trends 2014-052814
http://vdisk.weibo.com/s/vGm_e96IHuUo
[编程技术]  TCP 的那些事儿(上)
http://coolshell.cn/articles/11564.html
[编程技术]  SegmentFault • 每周精选
http://weekly.segmentfault.com/2014/2014-05-28.html
[编程技术]  TCP 的那些事儿(下)
http://coolshell.cn/articles/11609.html
[Web安全]  MITMer:Automated man-in-the-middle attack tool
https://github.com/husam212/MITMer
[编程技术]  基于AWS云平台的高可用应用设计 v1.0
http://share.csdn.net/slides/4324
-----微信ID:SecWiki-----
SecWiki,13年来一直专注安全技术资讯分析!
SecWiki:https://www.sec-wiki.com

本期原文地址: SecWiki周刊(第13期)