SecWiki周刊(第163期)
2017/04/10-2017/04/16
安全资讯
2016网络安全威胁的回顾与展望《公开版》
http://www.antiy.cn/report/2016_Antiy_Annual_Security_Report.html
http://www.antiy.cn/report/2016_Antiy_Annual_Security_Report.html
一个“假”黄 APP 迁出的 7亿黑产
https://www.easyaq.com/news/1175865002.shtml
https://www.easyaq.com/news/1175865002.shtml
安全技术
XSS挑战之旅---游戏通关攻略
https://xianzhi.aliyun.com/forum/read/1462.html
https://xianzhi.aliyun.com/forum/read/1462.html
owasp top 10 2017 中文版pdf
http://sec.didichuxing.com/static/upload/attachment//article//20170414/1492212201311144335.pdf
http://sec.didichuxing.com/static/upload/attachment//article//20170414/1492212201311144335.pdf
方程式ETERNALBLUE 之fb.py的复现
https://mp.weixin.qq.com/s/GEe9vWcRUIQpQPEe95fzOw?ptlang=2052&ADUIN=1353059044&ADSESSION=1492262423&ADTAG=CLIENT.QQ.5473_.0&ADPUBNO=26569
https://mp.weixin.qq.com/s/GEe9vWcRUIQpQPEe95fzOw?ptlang=2052&ADUIN=1353059044&ADSESSION=1492262423&ADTAG=CLIENT.QQ.5473_.0&ADPUBNO=26569
关于Safe DOG的文件上传bypass – 科拉实验室
http://blog.cora-lab.org/193.html
http://blog.cora-lab.org/193.html
CVE-2016-10229:linux 内核远程代码执行漏洞
http://bobao.360.cn/learning/detail/3728.html
http://bobao.360.cn/learning/detail/3728.html
Hacking Docker:Registry API 未授权访问
http://www.polaris-lab.com/index.php/archives/253/
http://www.polaris-lab.com/index.php/archives/253/
WEB渗透测试中回显的一些技巧
http://mp.weixin.qq.com/s/2gSqaX8xXH8pSKz3aLouIw
http://mp.weixin.qq.com/s/2gSqaX8xXH8pSKz3aLouIw
高级安卓逆向(Vantage Point 2016)
https://regmedia.co.uk/2016/09/02/hacking_soft_tokens_-_bernhard_mueller.pdf
https://regmedia.co.uk/2016/09/02/hacking_soft_tokens_-_bernhard_mueller.pdf
Chinese-Names-Corpus: 中文人名语料库
https://github.com/wainshine/Chinese-Names-Corpus
https://github.com/wainshine/Chinese-Names-Corpus
外挂分析技术入门
http://gslab.qq.com/jc/
http://gslab.qq.com/jc/
针对 CVE-2017-0199 的无交互漏洞利用
https://www.mdsec.co.uk/2017/04/exploiting-cve-2017-0199-hta-handler-vulnerability/
https://www.mdsec.co.uk/2017/04/exploiting-cve-2017-0199-hta-handler-vulnerability/
CVE-2017-0199: In the Wild Attacks Leveraging HTA Handler
https://www.fireeye.com/blog/threat-research/2017/04/cve-2017-0199-hta-handler.html
https://www.fireeye.com/blog/threat-research/2017/04/cve-2017-0199-hta-handler.html
说说Powersploit在内网渗透中的使用
http://www.freebuf.com/sectool/131275.html
http://www.freebuf.com/sectool/131275.html
[CVE-2017-3881]思科Catalyst 交换机RCE漏洞分析
http://www.mottoin.com/100358.html
http://www.mottoin.com/100358.html
IDAPython:一个可以解放双手的 IDA 插件
http://bobao.360.cn/learning/detail/3730.html
http://bobao.360.cn/learning/detail/3730.html
【技术分享】手把手教你栈溢出从入门到放弃(上)
http://bobao.360.cn/learning/detail/3717.html
http://bobao.360.cn/learning/detail/3717.html
Python安全运维实战:针对几种特定隐藏方式的Webshell查杀
http://www.freebuf.com/articles/web/131350.html
http://www.freebuf.com/articles/web/131350.html
jumpserver: 开源跳板机(堡垒机):认证,授权,审计,自动化运维
https://github.com/jumpserver/jumpserver
https://github.com/jumpserver/jumpserver
路由器漏洞挖掘
https://www.blackhat.com/presentations/bh-usa-09/LINDNER/BHUSA09-Lindner-RouterExploit-SLIDES.pdf
https://www.blackhat.com/presentations/bh-usa-09/LINDNER/BHUSA09-Lindner-RouterExploit-SLIDES.pdf
PHPCMS v9.6.0 任意文件上传漏洞分析
http://paper.seebug.org/273/
http://paper.seebug.org/273/
浏览器信息收集: 利用 PowerShell 无文件读取 Chrome Cookie
http://www.mottoin.com/100495.html
http://www.mottoin.com/100495.html
应急响应大合集:用于安全事件响应的工具与资源列表
https://github.com/meirwah/awesome-incident-response/blob/master/README_ch.md
https://github.com/meirwah/awesome-incident-response/blob/master/README_ch.md
XSSight:自动化XSS漏洞扫描以及Payload注入
https://github.com/UltimateHackers/XSSight
https://github.com/UltimateHackers/XSSight
Arduino+Avr libc制作Badusb原理及示例讲解
http://www.freebuf.com/articles/system/131363.html
http://www.freebuf.com/articles/system/131363.html
文件包含漏洞(绕过姿势)
http://thief.one/2017/04/10/2/
http://thief.one/2017/04/10/2/
二进制漏洞利用的youtube频道
https://www.youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w
https://www.youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w
Go SCP - Go 语言安全编码指南
https://github.com/Checkmarx/Go-SCP
https://github.com/Checkmarx/Go-SCP
hitbsecconf2017ams
http://conference.hitb.org/hitbsecconf2017ams/materials/
http://conference.hitb.org/hitbsecconf2017ams/materials/
针对CVE-2015-2545漏洞研究分析
http://www.4hou.com/technology/4218.html
http://www.4hou.com/technology/4218.html
Influential Security Papers 四大会议有影响力的论文统计
http://www.sec.cs.tu-bs.de/~konrieck/topnotch/
http://www.sec.cs.tu-bs.de/~konrieck/topnotch/
深度分析CVE-2017-0007是如何绕过防护措施的
http://www.4hou.com/technology/4098.html
http://www.4hou.com/technology/4098.html
Android代码混淆技术总结(一)
http://www.droidsec.cn/android代码混淆技术总结(一)/
http://www.droidsec.cn/android代码混淆技术总结(一)/
CVE-2017-7233分析 — Django is_safe_url() URL跳转过滤函数Bypass
http://www.mottoin.com/100545.html
http://www.mottoin.com/100545.html
针对提权小神器Sherlock的分析与利用
http://www.freebuf.com/sectool/131393.html
http://www.freebuf.com/sectool/131393.html
安全开发基线检查 checklist
https://github.com/FallibleInc/security-guide-for-developers/blob/master/security-checklist-zh.md
https://github.com/FallibleInc/security-guide-for-developers/blob/master/security-checklist-zh.md
如何利用sdclt.exe绕过UAC?
http://www.4hou.com/technology/4221.html
http://www.4hou.com/technology/4221.html
在windows 10的子系统linux上安装Metasploit
https://gist.github.com/dafthack/8aa4ff60cd9352448a372ce1a7b2e27e
https://gist.github.com/dafthack/8aa4ff60cd9352448a372ce1a7b2e27e
LimeSDR Getting Started Quickly | LimeSDR上手指南
https://cn0xroot.com/2017/04/12/limesdr-getting-started-quickly/
https://cn0xroot.com/2017/04/12/limesdr-getting-started-quickly/
CVE-2017-2416 GIF表情引发的远程代码执行
https://blog.flanker017.me/cve-2017-2416-gif-rce-chn/
https://blog.flanker017.me/cve-2017-2416-gif-rce-chn/
OWASP Top 10 - 2017 RC1-English
https://github.com/OWASP/Top10/blob/master/2017/OWASP%20Top%2010%20-%202017%20RC1-English.pdf
https://github.com/OWASP/Top10/blob/master/2017/OWASP%20Top%2010%20-%202017%20RC1-English.pdf
Anatomy of a Hack: SQLi via Crypto
https://www.notsosecure.com/anatomy-hack-sqli-via-crypto/
https://www.notsosecure.com/anatomy-hack-sqli-via-crypto/
色情资源引发的百度网盘之战
http://thief.one/2017/04/12/2/
http://thief.one/2017/04/12/2/
自动化监控 Twitter 关键词
https://yihui.name/cn/2017/04/watch-twitter/
https://yihui.name/cn/2017/04/watch-twitter/
metasploit之移植S2-045漏洞代码模块实战提权
http://www.4hou.com/technology/4181.html
http://www.4hou.com/technology/4181.html
ip2region: 准确率99.9%的IP地址定位库
https://github.com/lionsoul2014/ip2region
https://github.com/lionsoul2014/ip2region
A Magento breach analysis (part 1)
https://gwillem.gitlab.io/2017/04/12/magento-breach-analysis/
https://gwillem.gitlab.io/2017/04/12/magento-breach-analysis/
Analysis of a CVE-2017-0199 Malicious RTF Document
https://blog.nviso.be/2017/04/12/analysis-of-a-cve-2017-0199-malicious-rtf-document/
https://blog.nviso.be/2017/04/12/analysis-of-a-cve-2017-0199-malicious-rtf-document/
实战栈溢出:三个漏洞搞定一台路由器
https://zhuanlan.zhihu.com/p/26271959
https://zhuanlan.zhihu.com/p/26271959
和我一步步部署 kubernetes 集群
https://github.com/opsnull/follow-me-install-kubernetes-cluster
https://github.com/opsnull/follow-me-install-kubernetes-cluster
一个半自动化命令注入漏洞Fuzz工具
http://www.polaris-lab.com/index.php/archives/243/
http://www.polaris-lab.com/index.php/archives/243/
fuzz payload
https://github.com/foospidy/payloads/
https://github.com/foospidy/payloads/
通过移动传感器窃取PIN:实际风险与用户感知
https://arxiv.org/pdf/1605.05549v1.pdf
https://arxiv.org/pdf/1605.05549v1.pdf
Android 8.0 新特性及开发指南
http://www.4hou.com/technology/4270.html
http://www.4hou.com/technology/4270.html
Public Android Vulnerability Information (CVE PoCs etc)
https://github.com/derrekr/android_security
https://github.com/derrekr/android_security
企业开发运维工具链中的攻与防
https://insomnihack.ch/wp-content/uploads/2017/04/CG-KJ-devoops-2017_22Mar-insomnia.pdf
https://insomnihack.ch/wp-content/uploads/2017/04/CG-KJ-devoops-2017_22Mar-insomnia.pdf
phpcms漏洞
http://thief.one/2017/04/12/1/
http://thief.one/2017/04/12/1/
如何安全擦除磁盘数据
http://www.zdnet.com/article/how-to-securely-erase-hard-drives-hdds-and-solid-state-drives-ssds/
http://www.zdnet.com/article/how-to-securely-erase-hard-drives-hdds-and-solid-state-drives-ssds/
WordPress Plugin Security Testing Cheat Sheet 插件代码审计列表
https://github.com/CaledoniaProject/wordpress_plugin_security_testing_cheat_sheet
https://github.com/CaledoniaProject/wordpress_plugin_security_testing_cheat_sheet
WPForce:适用于后渗透的WordPress安全检测工具
http://www.mottoin.com/100381.html
http://www.mottoin.com/100381.html
Protecting customers and evaluating risk – MSRC
https://blogs.technet.microsoft.com/msrc/2017/04/14/protecting-customers-and-evaluating-risk/?from=timeline&isappinstalled=0
https://blogs.technet.microsoft.com/msrc/2017/04/14/protecting-customers-and-evaluating-risk/?from=timeline&isappinstalled=0
CVE-2017-0199——首个Microsoft Office RTF漏洞
http://www.4hou.com/technology/4260.html
http://www.4hou.com/technology/4260.html
icsmaster: 整合工控安全相关资源(ICS/SCADA Security Resource)
https://github.com/w3h/icsmaster
https://github.com/w3h/icsmaster
OSX/iOS逆向资源合集
https://github.com/michalmalik/osx-re-101
https://github.com/michalmalik/osx-re-101
SSRF in Java
https://xianzhi.aliyun.com/forum/read/1476.html
https://xianzhi.aliyun.com/forum/read/1476.html
PENQUIN’S MOONLIT MAZE The Dawn of Nation-State Digital Espionage
https://securelist.com/files/2017/04/Penquins_Moonlit_Maze_PDF_eng.pdf
https://securelist.com/files/2017/04/Penquins_Moonlit_Maze_PDF_eng.pdf
警惕Ubuntu APT源污染
http://mp.weixin.qq.com/s/6aQlXRRgZJSLUVBisBGHvQ
http://mp.weixin.qq.com/s/6aQlXRRgZJSLUVBisBGHvQ
Implementation of our S&P16 paper: A Tough Call: Mitigating Advanced Code-Reuse
https://github.com/vusec/typearmor
https://github.com/vusec/typearmor
VPN SECURITY - PART 6 Building and Testing Your Own VPN
http://resources.infosecinstitute.com/building-virtual-private-network-infrastructure-testing/
http://resources.infosecinstitute.com/building-virtual-private-network-infrastructure-testing/
Stuxnet drivers: detailed analysis
http://artemonsecurity.blogspot.jp/2017/04/stuxnet-drivers-detailed-analysis.html
http://artemonsecurity.blogspot.jp/2017/04/stuxnet-drivers-detailed-analysis.html
非常规网络安全报告 —— 黑客报告2017 !
http://zhuanlan.51cto.com/art/201704/536554.htm
http://zhuanlan.51cto.com/art/201704/536554.htm
Django框架下的安全开发:胖哈勃(Pwnhub)诞生记
http://mp.weixin.qq.com/s/1tlUpqdQFHm63gMDmzk6sg
http://mp.weixin.qq.com/s/1tlUpqdQFHm63gMDmzk6sg
EFF's New Wordlists for Random Passphrases
https://www.eff.org/deeplinks/2016/07/new-wordlists-random-passphrases
https://www.eff.org/deeplinks/2016/07/new-wordlists-random-passphrases
Python编码之殇续集(速八之夜)
http://thief.one/2017/04/14/1/
http://thief.one/2017/04/14/1/
GithubLeakAlert: find credential associated with an host
https://github.com/misterch0c/GithubLeakAlert
https://github.com/misterch0c/GithubLeakAlert
安全加固原型:PaX for Android( Pixel XL测试版)
http://www.solidot.org/story?sid=52053
http://www.solidot.org/story?sid=52053
ETW的入侵检测(part1)
https://blogs.technet.microsoft.com/office365security/hidden-treasure-intrusion-detection-with-etw-part-1/
https://blogs.technet.microsoft.com/office365security/hidden-treasure-intrusion-detection-with-etw-part-1/
pyinotify:Linux文件系统监控工具
https://github.com/seb-m/pyinotify
https://github.com/seb-m/pyinotify
Getting started with 3G
https://cn0xroot.com/2017/04/11/getting-started-with-3g-ip-access-nano3gopenbscosmocom-bb-part-1/
https://cn0xroot.com/2017/04/11/getting-started-with-3g-ip-access-nano3gopenbscosmocom-bb-part-1/
2016 年 MacOS 上的恶意软件总结分析
http://conference.hitb.org/hitbsecconf2017ams/materials/D1T4%20-%20Patrick%20Wardle%20-%20Meet%20and%20Greet%20with%20the%20MacOS%20Malware%20Class%20of%202016.pdf
http://conference.hitb.org/hitbsecconf2017ams/materials/D1T4%20-%20Patrick%20Wardle%20-%20Meet%20and%20Greet%20with%20the%20MacOS%20Malware%20Class%20of%202016.pdf
Over The Air: Exploiting Broadcom’s Wi-Fi Stack (Part 2)
https://googleprojectzero.blogspot.jp/2017/04/over-air-exploiting-broadcoms-wi-fi_11.html
https://googleprojectzero.blogspot.jp/2017/04/over-air-exploiting-broadcoms-wi-fi_11.html
Analyse SQL injection attempts in web server logs
https://github.com/z00nx/reversemap
https://github.com/z00nx/reversemap
深度学习在自然语言处理中的应用
http://geek.csdn.net/news/detail/190707
http://geek.csdn.net/news/detail/190707
Hunt domain names using DNSDumpster, WHOIS, Reverse WHOIS, (TODO: Shodan)
https://github.com/nethunteros/punter
https://github.com/nethunteros/punter
SecWiki周刊(第162期)
https://www.sec-wiki.com/weekly/162
https://www.sec-wiki.com/weekly/162
-----微信ID:SecWiki-----
SecWiki,13年来一直专注安全技术资讯分析!
SecWiki:https://www.sec-wiki.com本期原文地址: SecWiki周刊(第163期)
