SecWiki周刊（第164期)

SecWiki周刊（第164期）

2017/04/17-2017/04/23

安全资讯

[Web安全] 任意伪造域名-你能分辨出钓鱼网站的域名吗
http://m.bobao.360.cn/learning/appdetail/3736.html

[恶意分析] App Store 刷榜黑幕大揭秘
https://mp.weixin.qq.com/s/vQv_a4eCP_-NHJPlevhKaw

安全技术

[漏洞分析] 学习使用Clang Libfuzzer Fuzz C/Cpp代码
https://github.com/Dor1s/libfuzzer-workshop/tree/master/lessons

[Web安全] Apache Log4j反序列化漏洞(CVE-2017-5645)
http://thief.one/2017/04/19/2/

[Web安全] Esteemaudit漏洞复现过程
http://www.freebuf.com/articles/system/132171.html

[Web安全] CVE-2017-0199漏洞复现过程
http://mp.weixin.qq.com/s/NQxeuoULv7Htrzc5nYuglw

[漏洞分析] NSA Explodingcan 漏洞分析与调试
http://mp.weixin.qq.com/s/onK68ANqHHtEMLITOfacmg

[工具] NSA/fuzzbunch
https://github.com/fuzzbunch/fuzzbunch

[漏洞分析] Edge – SOP bypass courtesy of the reading mode
https://www.brokenbrowser.com/sop-bypass-abusing-read-protocol/

[漏洞分析] NSA Eternalblue SMB 漏洞分析
http://blogs.360.cn/360safe/2017/04/17/nsa-eternalblue-smb/

[其它] 木马实现技术概述
http://im1gd.me/2017/03/30/%E6%9C%A8%E9%A9%AC%E5%AE%9E%E7%8E%B0%E6%8A%80%E6%9C%AF%E6%A6%82%E8%BF%B0/

[Web安全] 浅谈漏洞挖掘及代码审计(一)
https://mp.weixin.qq.com/s?__biz=MzI4NjEyMDk0MA==&mid=2649846516&idx=1&sn=5b6ad8c01668ae9003f373e4eafe5d4f&chksm=f3e41c77c49395614c45be09b79316c5bdea4f19261d9179e9a021e7b8eb83e247896a56a3f8&mpshare=1&scene=1&srcid=0421OGxIsWyMHknwlle2T7Mg&key=b7f28e3

[运维安全] Linux、Windows提权命令速记
http://im1gd.me/2017/03/30/linux/

[恶意分析] EternalPulsar实践
https://medium.com/@xNymia/eternalpulsar-a-practical-example-of-a-made-up-name-629737170a9e

[Web安全] 子域名挖掘修改版
http://im1gd.me/2016/12/20/subdomain/

[恶意分析] 利用机器学习实时对抗Java恶意软件
https://blogs.technet.microsoft.com/mmpc/2017/04/20/combating-a-wave-of-java-malware-with-machine-learning-in-real-time/

[漏洞分析] Eternalromance (永恒浪漫) 漏洞分析
http://blogs.360.cn/360safe/2017/04/19/eternalromance-analyze/

[数据挖掘] 打造免费企业安全：便宜没好货吗？（一）
https://eth.space/qi-ye-an-quan-bian-yi-mei-hao-huo-ma-yi/

[Web安全] Web Service 渗透测试从入门到精通
http://bobao.360.cn/learning/detail/3741.html

[Web安全] sicklepoc:Web扫描器开源
http://www.codersec.net/2017/04/sicklepoc%E5%BC%80%E6%BA%90/

[Web安全] leakPasswd: Python 密码泄露查询模块
https://github.com/lauixData/leakPasswd

[编程技术] weibo_terminater: 微博终结者爬虫
https://github.com/jinfagang/weibo_terminater

[编程技术] 基于Python与Face++实现人脸识别
http://www.freebuf.com/articles/terminal/131755.html

[其它] D2T4 - Emmanuel Gadaix - A Surprise Encounter With a Telco APT
https://conference.hitb.org/hitbsecconf2017ams/materials/D2T4%20-%20Emmanuel%20Gadaix%20-%20A%20Surprise%20Encounter%20With%20a%20Telco%20APT.pdf

[编程技术] python-uncompyle6: Python 反编译工具
https://github.com/rocky/python-uncompyle6

[编程技术] Boostnote：开源的程序员专属笔记应用工具
https://boostnote.io/#download

[Web安全] MySQL注入攻击与防御
http://blog.sycsec.com/?p=1005

[恶意分析] Malcom Malware Communication Analyzer y Bro IDS. Parte I
https://seguridadyredes.wordpress.com/2014/01/27/visualizacion-y-analisis-de-trafico-de-red-con-malcom-malware-communication-analyzer-y-bro-ids-parte-i/

[Web安全] 每周技术分享第三期--科普WAF
https://mp.weixin.qq.com/s?__biz=MjM5NDM1OTM0Mg==&mid=2651050493&idx=1&sn=1d81ff6aff52fa93f329522021bf93e0&scene=0#wechat_redirect

[编程技术] Black Hat Python: Infinite possibilities with the Scapy Module
http://bt3gl.github.io/black-hat-python-infinite-possibilities-with-the-scapy-module.html

[编程技术] VulnTrack
https://www.soldierx.com/sxlabs/VulnTrack

[工具] Windows绝赞应用
https://emlvirus.gitbooks.io/windows-apps-that-amaze-us/

[视频] 8dot8 on Vimeo
https://vimeo.com/secconfchile

[漏洞分析] A quick analysis of the latest Shadow Brokers dump
https://labs.nettitude.com/blog/a-quick-analysis-of-the-latest-shadow-brokers-dump/

[设备安全] Run virtual routers with docker
https://github.com/plajjan/vrnetlab

[漏洞分析] 深入分析NSA用了5年的IIS漏洞
http://xlab.tencent.com/cn/2017/04/18/nsa-iis-vulnerability-analysis/

[书籍] 安全相关免费电子书集合
https://github.com/Hack-with-Github/Free-Security-eBooks-from-PacktPub

[漏洞分析] awesome-cve-poc:A curated list of CVE PoCs
https://github.com/qazbnm456/awesome-cve-poc

[漏洞分析] Exploit toolkit CVE-2017-0199 - v2.0
https://github.com/bhdresh/CVE-2017-0199

[漏洞分析] The Shadow over Android Heap exploitation assistance for Android’s libc allocato
https://census-labs.com/media/shadow-infiltrate-2017.pdf

[Web安全] Cheetah:一款基于字典的webshell密码爆破工具
https://github.com/sunnyelf/cheetah/blob/master/README_zh.md

[移动安全] Android malware anti-emulation techniques
https://blogs.sophos.com/2017/04/13/android-malware-anti-emulation-techniques/

[恶意分析] 深度！近期所谓“优酷数据泄露事件”的客观事实还原
http://www.4hou.com/info/observation/4408.html

[漏洞分析] 通过云Fuzz挖掘TCPDump的漏洞
https://www.softscheck.com/en/identifying-security-vulnerabilities-with-cloud-fuzzing/

[编程技术] GitLab 的员工手册-远程办公协作
https://about.gitlab.com/handbook/

[文档] Benchmarks: 常用服务器、数据库、中间件安全配置基线
https://github.com/re4lity/Benchmarks

[其它] [0day] Text/Plain Considered Harmful
https://jankopecky.net/index.php/2017/04/18/0day-textplain-considered-harmful/

[数据挖掘] Studies in AI & Pixels & Waves - #5
http://bt3gl.github.io/studies-in-ai-pixels-waves-5.html

[杂志] 【重磅推荐】安全客2017季刊第一期新鲜出炉！
http://bobao.360.cn/news/detail/4101.html

[Web安全] Metasploit Framework docker 版本
https://github.com/phocean/dockerfile-msf

[编程技术] python奇技淫巧
http://thief.one/2017/04/19/1/

[漏洞分析] Exploit Monday: Updating Device Guard Code Integrity Policies
http://www.exploit-monday.com/2016/12/updating-device-guard-code-integrity.html?m=1

[运维安全] doublepulsar-c2-traffic-decryptor: 网络层检测DOUBLEPULSAR攻击
https://github.com/countercept/doublepulsar-c2-traffic-decryptor

[漏洞分析] Design flaws in Lastpass 2FA implementation
http://www.martinvigo.com/design-flaws-lastpass-2fa-implementation/

[数据挖掘] THUOCL：清华大学开放中文词库
http://thuocl.thunlp.org/

[恶意分析] Automating APT Scanning with Loki Scanner and Splunk
http://www.redblue.team/2017/04/automating-apt-scanning-with-loki.html

[运维安全] 使用业务和技术有关的上下文对网络威胁情报（CTI）进行排序
https://mp.weixin.qq.com/s?__biz=MzI4NzU2NjU4NQ==&mid=2247484419&idx=1&sn=a2f2980c5c1d8e028f8fe32d89ee0c82&scene=0#wechat_redirect

[编程技术] PowerShell Gallery | PowerShellCookbook 1.3.6
https://www.powershellgallery.com/packages/PowerShellCookbook/1.3.6

[恶意分析] Magnitude EK delivers Cerber | Zerophage Malware
https://zerophagemalware.com/2017/04/21/magnitude-ek-delivers-cerber/

[数据挖掘] Twitter账户活动情况分析工具 – Simple Twitter Profile Analyzer
http://www.freebuf.com/sectool/131658.html

[Web安全] SSL&TLS安全测试
https://www.aptive.co.uk/blog/tls-ssl-security-testing/

[数据挖掘] Studies in AI & Pixels & Waves - #11
http://bt3gl.github.io/studies-in-ai-pixels-waves-11.html

[Web安全] Tamper Chrome
https://github.com/google/tamperchrome

[运维安全] 浅谈linux安全加固
http://mp.weixin.qq.com/s/y8np-sFzik15x09536QA5w

[文档] 2016年网络安全威胁的回顾与展望
http://www.antiy.com/response/2016_Antiy_Annual_Security_Report/2016_Antiy_Annual_Security_Report.pdf

[数据挖掘] Studies in AI & Pixels & Waves - #8
http://bt3gl.github.io/studies-in-ai-pixels-waves-8.html

[数据挖掘] Studies in AI & Pixels & Waves - #7
http://bt3gl.github.io/studies-in-ai-pixels-waves-7.html

[漏洞分析] 通过APC实现Dll注入——绕过Sysmon监控
http://www.4hou.com/technology/4393.html

[设备安全] 2016-2017年第一季度工业控制网络安全态势白皮书
http://www.freebuf.com/articles/paper/131812.html

[设备安全] ARM Releases Machine Readable Architecture Specification
https://alastairreid.github.io/alastairreid.github.io/ARM-v8a-xml-release/

[Web安全] Into the symmetry: Meh : CSRF in Facebook Delegated Account Recovery
http://blog.intothesymmetry.com/2017/04/meh-csrf-in-facbook-delegated-account.html

[工具] jSQL Injection: herramienta automatizada en Java para realizar ataques SQL
http://blog.elhacker.net/2017/04/jsql-injection-herramienta-automatizada-java-ataques-inyeccion-sql.html

[其它] SEC Consult: Abusing NVIDIA's node.js to bypass application whitelisting
http://blog.sec-consult.com/2017/04/application-whitelisting-application.html

[数据挖掘] Studies in AI & Pixels & Waves - #10
http://bt3gl.github.io/studies-in-ai-pixels-waves-10.html

[数据挖掘] Studies in AI & Pixels & Waves - #6
http://bt3gl.github.io/studies-in-ai-pixels-waves-6.html

[漏洞分析] IEETWCollector Arbitrary Directory/File Deletion Pr
https://www.exploit-db.com/exploits/41901/

[Web安全] PHP HOOK的若干方法
http://blog.csdn.net/u011721501/article/details/70174924

[无线安全] 全面监听：以斯塔西的名义
https://mp.weixin.qq.com/s?__biz=MzIzMzE2OTQyNA==&mid=2648946510&idx=1&sn=7320198c7519aeb2f15a1f0e13b3c4eb&scene=0#wechat_redirect

[恶意分析] 长城宽带内网严重隐患：边界模糊不清
http://www.4hou.com/technology/4411.html

[移动安全] android 安全编码指南
http://www.jssec.org/dl/android_securecoding_en.pdf

[杂志] SecWiki周刊（第163期)
https://www.sec-wiki.com/weekly/163

[编程技术] A Closer Look at Chrome's Security: Understanding V8
http://bt3gl.github.io/a-closer-look-at-chromes-security-understanding-v8.html

[Web安全] EternalPulsar — A practical example of a made up name
https://hackernoon.com/eternalpulsar-a-practical-example-of-a-made-up-name-629737170a9e

[工具] Android漏洞测试套件
https://github.com/AndroidVTS/android-vts

[编程技术] 百度网盘自动添加资源项目(更新GUI版本)
https://github.com/tengzhangchao/BaiDuPan

[移动安全] All videos of Android Security Symposium 2017
https://www.youtube.com/playlist?list=PL61IkVbNYniXoAXEFtftfElcSDNZoCLpe

[漏洞分析] Memory corruption in Array concat
https://bugs.chromium.org/p/project-zero/issues/detail?id=1095

[恶意分析] Chrome and Firefox Phishing Attack Uses Domains Identical to Known Safe Sites
https://www.wordfence.com/blog/2017/04/chrome-firefox-unicode-phishing/

[运维安全] Hadoop Security for beginners
http://community.cloudera.com/t5/Security-Apache-Sentry/Hadoop-Security-for-beginners/td-p/48576

[设备安全] Introducing CFI in HardenedBSD | SOLDIERX.COM
https://www.soldierx.com/news/Introducing-CFI-HardenedBSD

[Web安全] encoding-web-shells-in-png-idat-chunks
https://www.idontplaydarts.com/2012/06/encoding-web-shells-in-png-idat-chunks/

[设备安全] Smart TV Hack via the Broadcast Signal
https://www.schneier.com/blog/archives/2017/04/smart_tv_hack_v.html

[恶意分析] DNS Intrusion Detection in Office 365
https://blogs.technet.microsoft.com/office365security/dns-intrusion-detection-in-office-365/

[其它] list-of-waf-security-bypass-research
https://www.peerlyst.com/posts/list-of-waf-security-bypass-research-karl-m-1

[数据挖掘] Studies in AI & Pixels & Waves - #9
http://bt3gl.github.io/studies-in-ai-pixels-waves-9.html

[数据挖掘] Studies in AI & Pixels & Waves - #1
http://bt3gl.github.io/studies-in-ai-pixels-waves-1.html

[恶意分析] EITEST CAMPAIGN RIG EK / HOEFLERTEXT CHROME POPUP
http://malware-traffic-analysis.net/2017/04/20/index.html

[Web安全] Bypassing Browser Memory Protections
https://www.blackhat.com/presentations/bh-usa-08/Sotirov_Dowd/bh08-sotirov-dowd.pdf

[数据挖掘] Studies in AI & Pixels & Waves - #3
http://bt3gl.github.io/studies-in-ai-pixels-waves-3.html

[设备安全] Introducing SafeStack in HardenedBSD
https://www.soldierx.com/news/Introducing-SafeStack-HardenedBSD

[运维安全] Ad-LDAP-Enum
http://www.kitploit.com/2017/04/ad-ldap-enum-active-directory-ldap.html

[数据挖掘] Studies in AI & Pixels & Waves - #2
http://bt3gl.github.io/studies-in-ai-pixels-waves-2.html

[数据挖掘] Studies in AI & Pixels & Waves - #4
http://bt3gl.github.io/studies-in-ai-pixels-waves-4.html

-----微信ID：SecWiki-----
SecWiki，13年来一直专注安全技术资讯分析！
SecWiki：https://www.sec-wiki.com

本期原文地址: SecWiki周刊(第164期)

SecWiki周刊（第164期）

最新公告

友情链接

SecWiki公众号

安全学术圈