SecWiki周刊(第144期)
2016/11/28-2016/12/04
安全资讯
[设备安全]  Mirai现新的利用方式,开始扫描7547端口【需翻墙】
http://pastebin.com/eZrrLGzv
[事件]  超过100万谷歌帐户被Gooligan恶意软件盗取
http://www.mottoin.com/92954.html
[其它]  FIREEYE RESPONDS TO WAVE OF DESTRUCTIVE CYBER ATTACKS IN GULF REGION
https://www.fireeye.com/blog/threat-research/2016/11/fireeye_respondsto.html
[新闻]  以色列凭什么成为全球监控技术的中心?
http://www.freebuf.com/special/120592.html
[新闻]  2017年安全行业八大预测
http://www.aqniu.com/news-views/21474.html
[新闻]  中央网信办等下文:支持高校开设网络安全“特长班”
http://www.toutiao.com/i6304849503455281665/
[新闻]  Firefox 0day被用于攻击Tor用户
http://www.solidot.org/story?sid=50554
[人物]  访谈|通付盾CEO汪德嘉
http://www.aqniu.com/news-views/21423.html
[其它]  黑客小说:杀手 (第十一章 新的阶段)
http://www.jianshu.com/p/a65e09fc5057
安全技术
[移动安全]  BadKernel----一个笔误引发的漏洞
https://github.com/secmob/BadKernel
[Web安全]  玩转CSRF之挖洞实例分享
http://bbs.ichunqiu.com/thread-16169-1-1.html
[Web安全]  AZScanner:自动漏洞扫描器
https://github.com/az0ne/AZScanner
[Web安全]  Burp Suite security automation with Selenium and Jenkins
https://www.securify.nl/blog/SFY20160901/burp_suite_security_automation_with_selenium_and_jenkins.html
[Web安全]  内网渗透定位技术总结
http://www.mottoin.com/92978.html
[漏洞分析]  IE浏览器UAF漏洞CVE-2014-0282的分析与利用
http://www.mottoin.com/92909.html
[Web安全]  hitcon2016 web writeup
http://lorexxar.cn/2016/10/10/hitcon2016/
[其它]  暗网解读:什么事暗网以及如何工作的
https://www.weforum.org/agenda/2016/10/the-dark-web-what-it-is-and-how-it-works
[恶意分析]  德国电信断网:mirai僵尸网络的新变种和旧主控
http://blog.netlab.360.com/a-mirai-botnet-evolvement-new-variant-and-old-c2/
[Web安全]  企业常见服务漏洞检测&修复整理
http://www.mottoin.com/92742.html
[Web安全]  Fofa:三分钟完成全网漏洞报告
https://v.qq.com/x/page/q03509j9ak1.html
[恶意分析]  【漏洞预警】Apache Tomcat远程代码执行漏洞(CVE-2016-8735)
http://www.mottoin.com/93100.html
[其它]  hduisa/HCTF2016: HCTF 2016 CHALLENGES
https://github.com/hduisa/HCTF2016
[Web安全]  使用nmap暴力猜解网站子域名
http://blog.x1622.com/2016/11/subdomain-discovery-with-nmap-and.html
[Web安全]  Layer子域名挖掘机4.2纪念版
http://www.cnseay.com/4482/
[工具]  英国情报机GCHQ发布一款开源数据分析工具:Cyber​​Chef
http://www.mottoin.com/92941.html
[恶意分析]  一个目录穿越引发的注入及后续——XG SDK漏洞回顾与思考
http://www.ms509.com/?p=474
[运维安全]  Mozilla SSL Configuration Generator HTTPS配置文件生成工具
https://mozilla.github.io/server-side-tls/ssl-config-generator/
[Web安全]  拉勾网的安全平台设计、规则化
http://www.jianshu.com/p/a56d3753c296?from=timeline&isappinstalled=0
[漏洞分析]  Analysis of multiple vulnerabilities in AirDroid
https://blog.zimperium.com/analysis-of-multiple-vulnerabilities-in-airdroid/
[恶意分析]  Quick TR069 Botnet Writeup + Triage.
https://morris.guru/quick-tr069-botnet-writeup-triage/
[漏洞分析]  2016 HCTF Crypto 出题总结
http://0x48.pw/2016/11/28/0x28/
[工具]  SharpMeter:Meterpreter反弹shell生成工具(绕过白名单限制)
http://www.mottoin.com/93059.html
[编程技术]  Anti-Anti-Spider: 反爬虫的技术攻关
https://github.com/luyishisi/Anti-Anti-Spider
[数据挖掘]  专栏 | 中文分词工具测评
http://www.jiqizhixin.com/article/1916
[Web安全]  Bypassing SAML 2.0 SSO with XML Signature Attacks
http://research.aurainfosec.io/bypassing-saml20-SSO/
[Web安全]  Google XSS Game Writeup
https://b1ngz.github.io/google-xss-game-writeup/
[Web安全]  在Empire中配置使用Tor
http://www.mottoin.com/92761.html
[漏洞分析]  Google: Announcing OSS-Fuzz: Continuous Fuzzing for Open Source Software
https://security.googleblog.com/2016/12/announcing-oss-fuzz-continuous-fuzzing.html
[编程技术]  单点登录原理与简单实现
http://www.cnblogs.com/ywlaker/p/6113927.htm
[移动安全]  Android木马分析流程及实战
http://www.mottoin.com/93078.html
[恶意分析]  One Bit To Rule A System: Analyzing CVE-2016-7255 Exploit In The Wild
http://blog.trendmicro.com/trendlabs-security-intelligence/one-bit-rule-system-analyzing-cve-2016-7255-exploit-wild/
[Web安全]  渗透Oracle 11g(续)
https://www.t00ls.net/articles-23609.html
[运维安全]  How WeChat uses one censorship policy in China and another internationally
https://citizenlab.org/2016/11/wechat-china-censorship-one-app-two-systems/
[数据挖掘]  XSExtractor: 提取新闻、博客等长文本网页的正文工具
https://github.com/qingyu1229/XSExtractor
[运维安全]  黑产揭秘:“打码平台”那点事儿
https://jaq.alibaba.com/community/art/show?articleid=628
[Web安全]  JSON-handle DomXSS Vulnerability (Ver 1.4.11) 漏洞分析
http://linux.im/2016/11/29/firefox-addon-JSON-handle-DomXSS.html
[其它]  HOW I BYPASSED APPLE'S MOST SECURE ICLOUD ACTIVATION LOCK
http://www.hemanthjoseph.com/2016/11/how-i-bypassed-apples-most-secure-find.html?m=1
[其它]  新人指导心得体会
http://zhenhua-lee.github.io/manmage/mentor.html
[编程技术]  I wrote a password cracking manual
http://www.netmux.com/blog/hash-crack
[工具]  DPAT:渗透测试者的域密码审计工具
https://github.com/clr2of8/DPAT
[Web安全]  DNS-Shell: DNS-Shell is an interactive Shell over DNS channel
https://github.com/sensepost/DNS-Shell
[移动安全]  More Than 1 Million Google Accounts Breached by Gooligan
http://blog.checkpoint.com/2016/11/30/1-million-google-accounts-breached-gooligan/?from=timeline
[恶意分析]  cosa-nostra: 基于家族和图表显示的恶意程序分析工具
https://github.com/joxeankoret/cosa-nostra
[杂志]  SecWiki周刊(第143期)
https://www.sec-wiki.com/weekly/143
[其它]  重新来看变量注入,利用命令执行/提升权限,绕过UAC
https://breakingmalware.com/vulnerabilities/command-injection-and-elevation-environment-variables-revisited/
[Web安全]  FreePBX 13: From Cross-Site Scripting to Remote Command Execution
https://blog.ripstech.com/2016/freepbx-from-cross-site-scripting-to-remote-command-execution/
-----微信ID:SecWiki-----
SecWiki,10年来一直专注安全技术资讯分析!
SecWiki:https://www.sec-wiki.com

本期原文地址: SecWiki周刊(第144期)