SecWiki周刊(第155期)
2017/02/13-2017/02/19
安全资讯
samsung-hypervisor-bypassing-hacking-samsung-knox
https://www.xda-developers.com/samsung-hypervisor-bypassing-hacking-samsung-knox/
https://www.xda-developers.com/samsung-hypervisor-bypassing-hacking-samsung-knox/
ASLR遭破解:这可能是最难修复的大规模漏洞
http://mp.weixin.qq.com/s/L5bXLxftG5LgT2393Y0uYQ
http://mp.weixin.qq.com/s/L5bXLxftG5LgT2393Y0uYQ
苹果36技术引海量刷单:中国iOS手游10亿美元坏账
http://finance.qq.com/a/20170216/015566.htm
http://finance.qq.com/a/20170216/015566.htm
ENISA报告:ICS-SCADA防护建议
http://www.aqniu.com/industry/22866.html
http://www.aqniu.com/industry/22866.html
[APT]梅姨勒姑脱欧忙,一女能顶三个郎
http://mp.weixin.qq.com/s/1tCLq3LGTQOPLKmeDVRCgg
http://mp.weixin.qq.com/s/1tCLq3LGTQOPLKmeDVRCgg
NSRC:情人节如何表达心意?
http://mp.weixin.qq.com/s/eEp5SB4A8L8aBdZzmVtY0g
http://mp.weixin.qq.com/s/eEp5SB4A8L8aBdZzmVtY0g
BIND DNS软件远程DOS漏洞更新修复
http://www.mottoin.com/96060.html
http://www.mottoin.com/96060.html
NJSD Global的初心:全球性的技术视野,高性价比的交流平台 | 大会出品人说
http://www.mottoin.com/96118.html
http://www.mottoin.com/96118.html
The OpenVPN Audit Begins February 15th 2017
https://uwnthesis.wordpress.com/2017/02/17/the-openvpn-audit-begins-february-15th-2017/
https://uwnthesis.wordpress.com/2017/02/17/the-openvpn-audit-begins-february-15th-2017/
RSA 2017旧金山拉开帷幕:首日概况抢先看
http://mp.weixin.qq.com/s?__biz=MzI4MjA1MzkyNA==&mid=2655294932&idx=1&sn=3078d3464883d08dfd5d3a7aa73de2ac&scene=0#wechat_redirect
http://mp.weixin.qq.com/s?__biz=MzI4MjA1MzkyNA==&mid=2655294932&idx=1&sn=3078d3464883d08dfd5d3a7aa73de2ac&scene=0#wechat_redirect
RSAC 2017关注五大热门议题
http://www.aqniu.com/industry/22838.html
http://www.aqniu.com/industry/22838.html
英国在过去的三个月内188个主要网络被攻击
http://www.mottoin.com/96066.html
http://www.mottoin.com/96066.html
RSA 2017大会亮点产品一瞥
http://www.freebuf.com/fevents/127076.html
http://www.freebuf.com/fevents/127076.html
关机后你的手机号就是别人的了!
http://mp.weixin.qq.com/s?__biz=MjM5OTk2MTMxOQ==&mid=2727827969&idx=1&sn=11e01e3112000b1510c5f60ce4adb9f3&scene=0#wechat_redirect
http://mp.weixin.qq.com/s?__biz=MjM5OTk2MTMxOQ==&mid=2727827969&idx=1&sn=11e01e3112000b1510c5f60ce4adb9f3&scene=0#wechat_redirect
一个资深安全从业者对《网络产品和服务安全审查办法》的思考
http://www.aqniu.com/news-views/22835.html
http://www.aqniu.com/news-views/22835.html
安全技术
Web安全扫描器Netsparker 4.8.0.13139破解版
http://www.mottoin.com/95973.html
http://www.mottoin.com/95973.html
Google: Peering into the Aquarium [PDF]
https://www.documentcloud.org/documents/3461560-Google-Aquarium-Clean.html
https://www.documentcloud.org/documents/3461560-Google-Aquarium-Clean.html
安全开发与安全运营难道不可调和吗?从攻击角度来看 或有协作的通道
http://toutiao.secjia.com/secure-development-and-secure-operations
http://toutiao.secjia.com/secure-development-and-secure-operations
深入理解Android卷1,卷2,Wifi卷 PDF版
https://pan.baidu.com/s/1bpDvOKJ#list/path=%2F
https://pan.baidu.com/s/1bpDvOKJ#list/path=%2F
2017 CODEGATE CTF PNGParser writeup
http://repwn.com/archives/19/
http://repwn.com/archives/19/
Who Ran Leakedsource.com
https://krebsonsecurity.com/2017/02/who-ran-leakedsource-com/
https://krebsonsecurity.com/2017/02/who-ran-leakedsource-com/
SQLite-lab:基于SQLite设计的SQL注入实践靶场
http://www.mottoin.com/96144.html
http://www.mottoin.com/96144.html
智能网联汽车信息安全建设最佳实践
https://4ce565.lt.yunpan.cn/lk/c5nGYvsuSKxUQ
https://4ce565.lt.yunpan.cn/lk/c5nGYvsuSKxUQ
【原创工具】勒索软件终结者
http://www.freebuf.com/sectool/126342.html
http://www.freebuf.com/sectool/126342.html
ISC 2016安全训练营-安卓app逆向与安全防护
https://github.com/feicong/android-app-sec
https://github.com/feicong/android-app-sec
2016年度中国IDC分类排行榜
http://mp.weixin.qq.com/s/iBVHSsWLHDhILpfF1EfWOw
http://mp.weixin.qq.com/s/iBVHSsWLHDhILpfF1EfWOw
我的WafBypass之道系列(sql,upload,misc)
http://www.thinkings.org/2017/02/13/my-waf-bypass-series-article.html
http://www.thinkings.org/2017/02/13/my-waf-bypass-series-article.html
DEFT Linux 2017.1 数字取证工具箱
http://www.oschina.net/news/81906/deft-linux-2017-1
http://www.oschina.net/news/81906/deft-linux-2017-1
TensorFlow练习20: 使用深度学习破解字符验证码
http://blog.topspeedsnail.com/archives/10858
http://blog.topspeedsnail.com/archives/10858
安卓系统里最好用的VPN工具汇总
http://www.freebuf.com/sectool/126572.html
http://www.freebuf.com/sectool/126572.html
我的ELK搭建笔记(Windows 日志收集)
http://mp.weixin.qq.com/s?__biz=MzI5ODE0ODA5MQ==&mid=2652277948&idx=1&sn=96ceb072aeda6cb94d64d9feff98393a&scene=0#wechat_redirect
http://mp.weixin.qq.com/s?__biz=MzI5ODE0ODA5MQ==&mid=2652277948&idx=1&sn=96ceb072aeda6cb94d64d9feff98393a&scene=0#wechat_redirect
彻底解决python编码之殇
http://thief.one/2017/02/16/%E8%A7%A3%E5%86%B3Python2-x%E7%BC%96%E7%A0%81%E4%B9%8B%E6%AE%87/
http://thief.one/2017/02/16/%E8%A7%A3%E5%86%B3Python2-x%E7%BC%96%E7%A0%81%E4%B9%8B%E6%AE%87/
mongoaudit: MongoDB 审计与测试工具
https://github.com/stampery/mongoaudit
https://github.com/stampery/mongoaudit
RECON Brussels 2017 slide download
https://recon.cx/2017/brussels/slides/
https://recon.cx/2017/brussels/slides/
wafpassproject: 各种WAF 测试与 Bypass用例
https://github.com/wafpassproject/wafpass
https://github.com/wafpassproject/wafpass
DedeCMS V5.7SP1正式版GetShell漏洞分析
http://www.cnbraid.com/2017/dedecms-csrf-override-shell.html
http://www.cnbraid.com/2017/dedecms-csrf-override-shell.html
Samples of Security Related Data
http://www.secrepo.com
http://www.secrepo.com
十个最佳TOR替代品
http://www.mottoin.com/95977.html
http://www.mottoin.com/95977.html
通过DIVA了解APP安全问题
http://www.mottoin.com/95379.html
http://www.mottoin.com/95379.html
数据至上的人工智能时代,最好的公开数据集
https://mp.weixin.qq.com/s?__biz=MzA3MzI4MjgzMw==&mid=2650723201&idx=4&sn=129442fb2c4eec7a7fdbc1c99463e123
https://mp.weixin.qq.com/s?__biz=MzA3MzI4MjgzMw==&mid=2650723201&idx=4&sn=129442fb2c4eec7a7fdbc1c99463e123
使用 NGINX 流控和 fail2ban 防止 CC 攻击
https://hacpai.com/article/1486914848288
https://hacpai.com/article/1486914848288
Tater:一个基于powershell的windows提权工具
http://www.mottoin.com/95972.html
http://www.mottoin.com/95972.html
The AnC attack 漏洞利用新技术
https://www.vusec.net/projects/anc/
https://www.vusec.net/projects/anc/
外卖O2O的用户画像实践
http://tech.meituan.com/waimai-ups.html
http://tech.meituan.com/waimai-ups.html
基于Redis的分布式锁到底安全吗(上)?
http://mp.weixin.qq.com/s/JTsJCDuasgIJ0j95K8Ay8w
http://mp.weixin.qq.com/s/JTsJCDuasgIJ0j95K8Ay8w
黑苹果安装教程
http://thief.one/2017/02/13/%E8%81%94%E6%83%B3Z470%E9%BB%91%E8%8B%B9%E6%9E%9C%E6%95%99%E7%A8%8B/
http://thief.one/2017/02/13/%E8%81%94%E6%83%B3Z470%E9%BB%91%E8%8B%B9%E6%9E%9C%E6%95%99%E7%A8%8B/
【RSA2017专题】盘点RSA 2017展台上的那些威胁情报产品
http://www.freebuf.com/news/127067.html
http://www.freebuf.com/news/127067.html
Jenkins-LDAP (CVE-2016-9299) 反序列化漏洞分析
https://www.iswin.org/2017/01/25/Jenkins-LDAP-Deserializable-Vulnerablity-CVE-2016-9299-Analysis/
https://www.iswin.org/2017/01/25/Jenkins-LDAP-Deserializable-Vulnerablity-CVE-2016-9299-Analysis/
Python多线程鸡年不鸡肋
http://thief.one/2017/02/17/Python%E5%A4%9A%E7%BA%BF%E7%A8%8B%E9%B8%A1%E5%B9%B4%E4%B8%8D%E9%B8%A1%E8%82%8B/
http://thief.one/2017/02/17/Python%E5%A4%9A%E7%BA%BF%E7%A8%8B%E9%B8%A1%E5%B9%B4%E4%B8%8D%E9%B8%A1%E8%82%8B/
跨浏览器指纹追踪技术:毫无障碍的查看你的浏览记录
http://www.4hou.com/info/news/3380.html
http://www.4hou.com/info/news/3380.html
使用BurpSuite攻击JavaScript Web服务代理
http://www.mottoin.com/96195.html
http://www.mottoin.com/96195.html
pbtk: A toolset for reverse engineering and fuzzing Protobuf-based apps
https://github.com/marin-m/pbtk
https://github.com/marin-m/pbtk
CrimeBreak系列@犯罪预测
http://mp.weixin.qq.com/s?__biz=MzIzMzE2OTQyNA==&mid=2648946472&idx=1&sn=3d8bc747b64afda9a7c554b8a30659a0&scene=0#wechat_redirect
http://mp.weixin.qq.com/s?__biz=MzIzMzE2OTQyNA==&mid=2648946472&idx=1&sn=3d8bc747b64afda9a7c554b8a30659a0&scene=0#wechat_redirect
A simple way for detection the remote user's antivirus-原理:检测网页
https://vah13.github.io/AVDetection/
https://vah13.github.io/AVDetection/
安天移动安全&中国电信云堤联合报告《Dark Mobile Bank之钓鱼篇》
http://blog.avlsec.com/2017/02/4445/dark-mobile-bank/
http://blog.avlsec.com/2017/02/4445/dark-mobile-bank/
Mac上首次出现word宏恶意软件,可窃取用户敏感数据
http://www.4hou.com/info/news/3364.html
http://www.4hou.com/info/news/3364.html
whichCDN: 网站 CDN 服务商识别工具
https://github.com/Nitr4x/whichCDN
https://github.com/Nitr4x/whichCDN
在Linux中使用C语言实现控制流保护(CFG)
http://bobao.360.cn/learning/detail/3497.html
http://bobao.360.cn/learning/detail/3497.html
HTA-T09-How-to-Go-from-Responding-to-Hunting-with-Sysinternals-Sysmon
https://onedrive.live.com/view.aspx?resid=D026B4699190F1E6!2843&ithint=file%2cpptx&app=PowerPoint&authkey=!AMvCRTKB_V1J5ow
https://onedrive.live.com/view.aspx?resid=D026B4699190F1E6!2843&ithint=file%2cpptx&app=PowerPoint&authkey=!AMvCRTKB_V1J5ow
Introducing Malboxes: a Tool to Build Malware Analysis Virtual Machines
http://gosecure.net/2017/02/16/introducing-malboxes-a-tool-to-build-malware-analysis-virtual-machines/
http://gosecure.net/2017/02/16/introducing-malboxes-a-tool-to-build-malware-analysis-virtual-machines/
“无文件”恶意程序攻击技术还原
http://www.4hou.com/technology/3331.html
http://www.4hou.com/technology/3331.html
Banking Trojans: Ursnif Global Distribution Networks Identified
http://researchcenter.paloaltonetworks.com/2017/02/unit42-banking-trojans-ursnif-global-distribution-networks-identified/
http://researchcenter.paloaltonetworks.com/2017/02/unit42-banking-trojans-ursnif-global-distribution-networks-identified/
Pentester Lab课程通关流程详解
http://www.freebuf.com/articles/rookie/126735.html
http://www.freebuf.com/articles/rookie/126735.html
New Xagent Mac Malware Linked with the APT28
https://labs.bitdefender.com/2017/02/new-xagent-mac-malware-linked-with-the-apt28/
https://labs.bitdefender.com/2017/02/new-xagent-mac-malware-linked-with-the-apt28/
A look into the Russian-speaking ransomware ecosystem
https://securelist.com/analysis/publications/77544/a-look-into-the-russian-speaking-ransomware-ecosystem/
https://securelist.com/analysis/publications/77544/a-look-into-the-russian-speaking-ransomware-ecosystem/
Analyzing Exposed Cyber Assets in the United States
http://blog.trendmicro.com/trendlabs-security-intelligence/whats-shodan-analyzing-exposed-cyber-assets-united-states/
http://blog.trendmicro.com/trendlabs-security-intelligence/whats-shodan-analyzing-exposed-cyber-assets-united-states/
attacking-windows-nvidia-driverWiki
https://googleprojectzero.blogspot.com/2017/02/attacking-windows-nvidia-driver.html
https://googleprojectzero.blogspot.com/2017/02/attacking-windows-nvidia-driver.html
Penetration Testing Tools Cheat Sheet
https://highon.coffee/blog/penetration-testing-tools-cheat-sheet/
https://highon.coffee/blog/penetration-testing-tools-cheat-sheet/
ENISA Threat Landscape 2016 report: cyber-threats becoming top priority
https://www.enisa.europa.eu/publications/enisa-threat-landscape-report-2016
https://www.enisa.europa.eu/publications/enisa-threat-landscape-report-2016
反检测技术之反病毒检测
http://paper.seebug.org/222/
http://paper.seebug.org/222/
2017 Security Blogger Awards 安全博客奖项列表
https://devops.com/2017-social-security-blogger-awards-open-voting/
https://devops.com/2017-social-security-blogger-awards-open-voting/
写学术论文的策略(含拖延症处方)
https://www.douban.com/note/584364368/
https://www.douban.com/note/584364368/
2016中国高级持续性威胁研究报告
https://ti.360.com/upload/report/file/28-2016APT-201702120743.pdf
https://ti.360.com/upload/report/file/28-2016APT-201702120743.pdf
超声波追踪技术可以暴露Tor用户的真实信息(去匿名化,含视频)
http://www.freebuf.com/articles/wireless/125138.html
http://www.freebuf.com/articles/wireless/125138.html
Static analysis tools for PHP (PHP静态分析工具列表)
https://github.com/exakat/php-static-analysis-tools
https://github.com/exakat/php-static-analysis-tools
内网渗透中获取域管权限
http://www.mottoin.com/96262.html
http://www.mottoin.com/96262.html
SMTP over XXE − how to send emails using Java's XML parser
https://shiftordie.de/blog/2017/02/18/smtp-over-xxe/
https://shiftordie.de/blog/2017/02/18/smtp-over-xxe/
SecWiki周刊(第154期)
https://www.sec-wiki.com/weekly/154
https://www.sec-wiki.com/weekly/154
The Private Sector and Active Defense against Cyber Threats.
chrome-extension://ikhdkkncnoglghljlkmcimlnlhkeamad/pdf-viewer/web/viewer.html?file=https%3A%2F%2Fcchs.gwu.edu%2Fsites%2Fcchs.gwu.edu%2Ffiles%2Fdownloads%2FCCHS-ActiveDefenseReportFINAL.pdf
chrome-extension://ikhdkkncnoglghljlkmcimlnlhkeamad/pdf-viewer/web/viewer.html?file=https%3A%2F%2Fcchs.gwu.edu%2Fsites%2Fcchs.gwu.edu%2Ffiles%2Fdownloads%2FCCHS-ActiveDefenseReportFINAL.pdf
Exec OS Command Via MSSQL
https://evi1cg.me/archives/Exec_OS_Command_Via_MSSQL.html
https://evi1cg.me/archives/Exec_OS_Command_Via_MSSQL.html
Blocking-resistant communication through domain fronting
https://www.bamsoftware.com/papers/fronting/
https://www.bamsoftware.com/papers/fronting/
Web客户端追踪(上)—Cookie追踪
http://www.arkteam.net/?p=1550
http://www.arkteam.net/?p=1550
第39次《中国互联网络发展状况统计报告》
http://cnnic.cn/hlwfzyj/hlwxzbg/hlwtjbg/201701/P020170123364672657408.pdf
http://cnnic.cn/hlwfzyj/hlwxzbg/hlwtjbg/201701/P020170123364672657408.pdf
这款可能来自伊朗的Mac恶意程序,已经在针对美国国防工业了
http://www.freebuf.com/articles/system/126605.html
http://www.freebuf.com/articles/system/126605.html
IoT_Attack_Surface_Areas
https://www.owasp.org/index.php/OWASP_Internet_of_Things_Project#tab=IoT_Attack_Surface_Areas
https://www.owasp.org/index.php/OWASP_Internet_of_Things_Project#tab=IoT_Attack_Surface_Areas
-----微信ID:SecWiki-----
SecWiki,13年来一直专注安全技术资讯分析!
SecWiki:https://www.sec-wiki.com本期原文地址: SecWiki周刊(第155期)
