SecWiki周刊(第171期)
2017/06/05-2017/06/11
安全资讯
中国公布必须接受安全审查的首批网络设备名单
http://www.solidot.org/story?sid=52703
http://www.solidot.org/story?sid=52703
FBI悬赏通缉榜的七大网络罪犯
https://mp.weixin.qq.com/s?__biz=MjM5Njc3NjM4MA==&mid=2651071938&idx=2&sn=a012db8b7ba4c3a8f64a70e4f162720a&scene=0#wechat_redirect
https://mp.weixin.qq.com/s?__biz=MjM5Njc3NjM4MA==&mid=2651071938&idx=2&sn=a012db8b7ba4c3a8f64a70e4f162720a&scene=0#wechat_redirect
Top-Secret NSA Report Details Russian Hacking Effort Days Before 2016 Election
https://theintercept.com/2017/06/05/top-secret-nsa-report-details-russian-hacking-effort-days-before-2016-election/
https://theintercept.com/2017/06/05/top-secret-nsa-report-details-russian-hacking-effort-days-before-2016-election/
WannaCry凶在一时,可他却誓与暗黑斗争一世——MJ0011
http://weibo.com/ttarticle/p/show?id=2309404115696446492253
http://weibo.com/ttarticle/p/show?id=2309404115696446492253
安全技术
基线检查表&安全加固规范(V1.1)|技术讨论
https://xianzhi.aliyun.com/forum/read.php?tid=1702&displayMode=1&page=1&toread=1#tpc
https://xianzhi.aliyun.com/forum/read.php?tid=1702&displayMode=1&page=1&toread=1#tpc
bincat: Binary code static analyser, with IDA integration
https://github.com/airbus-seclab/bincat
https://github.com/airbus-seclab/bincat
Python脚本实现SOCKS4反向代理
http://www.evilclay.com/2017/06/11/SOCKS4%E5%8F%8D%E5%90%91%E4%BB%A3%E7%90%86%E5%AE%9E%E9%AA%8C/
http://www.evilclay.com/2017/06/11/SOCKS4%E5%8F%8D%E5%90%91%E4%BB%A3%E7%90%86%E5%AE%9E%E9%AA%8C/
OWASPCheckList
http://www.lewisec.com/2017/06/07/OWASPCheckList/
http://www.lewisec.com/2017/06/07/OWASPCheckList/
工业物联网安全态势分析报告 I DTU 数据中心态势感知报告
http://plcscan.org/blog/wp-content/uploads/2017/06/data-transfer-unit-dtu-risk-awareness-report.pdf
http://plcscan.org/blog/wp-content/uploads/2017/06/data-transfer-unit-dtu-risk-awareness-report.pdf
TCTF 2017 FINAL WEB PARTIAL WRITEUP
http://www.melodia.pw/?p=902
http://www.melodia.pw/?p=902
Security Fest 2017 安全会议视频
https://www.youtube.com/channel/UCByLDp7r7gHGoO7yYMYFeWQ
https://www.youtube.com/channel/UCByLDp7r7gHGoO7yYMYFeWQ
kernel exploit - Windows/Linux 的各种提权 exp
https://github.com/SecWiki/windows-kernel-exploits
https://github.com/SecWiki/windows-kernel-exploits
AZSpider: 高性能分布式爬虫,基于Flask 数据库采用MongoDB 分布式采用Redis
https://github.com/az0ne/AZSpider/blob/master/AZSpider_.rar
https://github.com/az0ne/AZSpider/blob/master/AZSpider_.rar
基于大数据和机器学习的Web异常参数检测系统Demo实现
http://www.freebuf.com/articles/web/134334.html
http://www.freebuf.com/articles/web/134334.html
Association for the Advancement of Artificial Intelligence AAAI 2017录用会议
http://dblp.uni-trier.de/db/conf/aaai/aaai2017.html
http://dblp.uni-trier.de/db/conf/aaai/aaai2017.html
CTF比赛中关于zip的总结
http://bobao.360.cn/ctf/detail/203.html
http://bobao.360.cn/ctf/detail/203.html
胖哈勃杯第十三届CUIT校赛官方Writeup
http://blog.sycsec.com/?p=1095
http://blog.sycsec.com/?p=1095
自己手工搭建也能打造伪基站监控系统
http://www.4hou.com/info/news/5251.html
http://www.4hou.com/info/news/5251.html
CVE-2017-0213 Windows COM 特权提升漏洞组件|漏洞研究
https://xianzhi.aliyun.com/forum/read/1692.html
https://xianzhi.aliyun.com/forum/read/1692.html
黑客入侵应急分析手工排查|技术讨论
https://xianzhi.aliyun.com/forum/read/1655.html
https://xianzhi.aliyun.com/forum/read/1655.html
暗云Ⅲ BootKit 木马分析
http://www.freebuf.com/articles/system/134017.html
http://www.freebuf.com/articles/system/134017.html
NSA如何定位泄密女临时工?还原追踪溯源分析!
https://www.easyaq.com/news/1041386125.shtml
https://www.easyaq.com/news/1041386125.shtml
MSF外网持久控制Android手机并渗透测试局域网
http://www.freebuf.com/sectool/136574.html
http://www.freebuf.com/sectool/136574.html
一份通过IPC和lpkdll感染方式的病毒分析报告|漏洞研究
https://xianzhi.aliyun.com/forum/read/1682.html
https://xianzhi.aliyun.com/forum/read/1682.html
威胁情报简介及市场浅析
http://www.freebuf.com/column/136763.html
http://www.freebuf.com/column/136763.html
0605陈雷:移动互联网大数据助力金融风控 #密码 wvbu
https://pan.baidu.com/share/link?shareid=3334267692&uk=2371711970
https://pan.baidu.com/share/link?shareid=3334267692&uk=2371711970
针对西门子PLC蠕虫的实现|漏洞研究
https://xianzhi.aliyun.com/forum/read/1693.html
https://xianzhi.aliyun.com/forum/read/1693.html
一篇文章走进Mac逆向的世界 | AloneMonkey
http://www.alonemonkey.com/2017/05/31/get-start-with-mac-reverse/
http://www.alonemonkey.com/2017/05/31/get-start-with-mac-reverse/
基于bro的计算机入侵取证实战分析
http://www.freebuf.com/articles/system/135843.html
http://www.freebuf.com/articles/system/135843.html
浅谈僵尸网络利器:Fast-flux技术
http://www.freebuf.com/articles/network/136423.html
http://www.freebuf.com/articles/network/136423.html
深入理解JAVA反序列化漏洞.pdf
https://pan.baidu.com/s/1i50y7q9
https://pan.baidu.com/s/1i50y7q9
【翻译】一套可用于强化红队基础设施的补充资源|漏洞研究
https://xianzhi.aliyun.com/forum/read/1686.html
https://xianzhi.aliyun.com/forum/read/1686.html
Best DOS Attacks and Free DOS Attacking Tools [Updated for 2017]
http://resources.infosecinstitute.com/dos-attacks-free-dos-attacking-tools/
http://resources.infosecinstitute.com/dos-attacks-free-dos-attacking-tools/
如何用HERCULES绕过杀软
http://www.freebuf.com/articles/system/135938.html
http://www.freebuf.com/articles/system/135938.html
docker私有仓库搭建
http://kekefund.com/2017/06/07/doker-registry/
http://kekefund.com/2017/06/07/doker-registry/
sigma: Generic Signature Format for SIEM Systems
https://github.com/Neo23x0/sigma
https://github.com/Neo23x0/sigma
DeathStar:一键自动化域渗透工具(含演示视频)
http://www.freebuf.com/sectool/136224.html
http://www.freebuf.com/sectool/136224.html
记一次ThinkPHP源码审计
http://ecma.io/724.html
http://ecma.io/724.html
MS-17-010: EternalBlue’s Large Non-Paged Pool Overflow in SRV Driver
http://blog.trendmicro.com/trendlabs-security-intelligence/ms17-010-eternalblue/
http://blog.trendmicro.com/trendlabs-security-intelligence/ms17-010-eternalblue/
HTTrack Website Copier 网站镜像克隆工具
http://www.httrack.com/
http://www.httrack.com/
Bluetooth that bites -SmartLock-Hacking 蓝牙开锁技术研究
https://github.com/kevin2600/BTLE-SmartLock-Hacking/blob/master/Ozlockcon-2017-Bluetooth%20that%20bites.pdf
https://github.com/kevin2600/BTLE-SmartLock-Hacking/blob/master/Ozlockcon-2017-Bluetooth%20that%20bites.pdf
python正则学习上篇
http://mp.weixin.qq.com/s/qQz5TBuiAySRWd3pHgZyiQ
http://mp.weixin.qq.com/s/qQz5TBuiAySRWd3pHgZyiQ
Exploiting an integer overflow with array spreading (WebKit)
https://phoenhex.re/2017-06-02/arrayspread
https://phoenhex.re/2017-06-02/arrayspread
An Inside Look at CVE-2017-0199 – HTA and Scriptlet File Handler Vulnerability
http://blog.fortinet.com/2017/06/04/an-inside-look-at-cve-2017-0199-hta-and-scriptlet-file-handler-vulnerability
http://blog.fortinet.com/2017/06/04/an-inside-look-at-cve-2017-0199-hta-and-scriptlet-file-handler-vulnerability
破解了十款路由器之后,我们有话要说
https://zhuanlan.zhihu.com/p/27312102
https://zhuanlan.zhihu.com/p/27312102
会找漏洞的时光机: Pinpointing Vulnerabilities
https://www.inforsec.org/wp/?p=1993
https://www.inforsec.org/wp/?p=1993
getsploit: 命令行的漏洞搜索及下载工具
https://github.com/vulnersCom/getsploit
https://github.com/vulnersCom/getsploit
db.py: 数据库中数据分析助手 (结合 ipython 使用)
https://github.com/yhat/db.py
https://github.com/yhat/db.py
Email My PC: 通过邮件远程监控你的电脑
http://jackeriss.github.io/email_my_pc/
http://jackeriss.github.io/email_my_pc/
如何在macOS上监听单个应用HTTPS流量
http://www.freebuf.com/articles/network/136186.html
http://www.freebuf.com/articles/network/136186.html
Kernel driver unpacking
http://x64dbg.com/blog/2017/06/08/kernel-driver-unpacking.html
http://x64dbg.com/blog/2017/06/08/kernel-driver-unpacking.html
服务端注入之Flask框架中服务端模板注入问题
http://www.freebuf.com/articles/web/135953.html
http://www.freebuf.com/articles/web/135953.html
History of symbolic execution
https://github.com/enzet/symbolic-execution
https://github.com/enzet/symbolic-execution
How a harmless-looking insider can compromise your network
https://securelist.com/78588/50-hashes-per-hour/
https://securelist.com/78588/50-hashes-per-hour/
Cheat Sheet of Machine Learning and Python (and Math) Cheat Sheets
https://unsupervisedmethods.com/cheat-sheet-of-machine-learning-and-python-and-math-cheat-sheets-a4afe4e791b6
https://unsupervisedmethods.com/cheat-sheet-of-machine-learning-and-python-and-math-cheat-sheets-a4afe4e791b6
Cyber Grand Challenge corpus
http://www.lungetech.com/2017/04/24/cgc-corpus/
http://www.lungetech.com/2017/04/24/cgc-corpus/
利用开源工具分析新型PowerPoint恶意文档
http://www.4hou.com/tools/5242.html
http://www.4hou.com/tools/5242.html
"安全线"大型目标渗透-01信息搜集
https://xianzhi.aliyun.com/forum/read/1675.html
https://xianzhi.aliyun.com/forum/read/1675.html
Vulnerability box 漏洞修复方案book
https://book.thief.one/
https://book.thief.one/
Wired Mobile Charging – Is it Safe?
https://securelist.com/74804/wired-mobile-charging-is-it-safe/
https://securelist.com/74804/wired-mobile-charging-is-it-safe/
How I got 5500$ from Yahoo for RCE
https://medium.com/@th3g3nt3l/how-i-got-5500-from-yahoo-for-rce-92fffb7145e6
https://medium.com/@th3g3nt3l/how-i-got-5500-from-yahoo-for-rce-92fffb7145e6
14th Detection of Intrusions and Malware & Vulnerability Assessment 论文列表
https://itsec.cs.uni-bonn.de/dimva2017/Program.html
https://itsec.cs.uni-bonn.de/dimva2017/Program.html
Pwn2Own: Safari sandbox part 1 – Mount yourself a root shell
https://phoenhex.re/2017-06-09/pwn2own-diskarbitrationd-privesc
https://phoenhex.re/2017-06-09/pwn2own-diskarbitrationd-privesc
机器数据的指南-splunk系列(1)
https://mp.weixin.qq.com/s?__biz=MzI4NzU2NjU4NQ==&mid=2247484794&idx=1&sn=b579b66a0792086e72fec93596a584a3&scene=0#wechat_redirect
https://mp.weixin.qq.com/s?__biz=MzI4NzU2NjU4NQ==&mid=2247484794&idx=1&sn=b579b66a0792086e72fec93596a584a3&scene=0#wechat_redirect
借助DynELF实现无libc的漏洞利用小结
http://mp.weixin.qq.com/s/KV3Z40gZAOZ4-SUjTvT6NA
http://mp.weixin.qq.com/s/KV3Z40gZAOZ4-SUjTvT6NA
Exploiting a V8 OOB write
https://halbecaf.com/2017/05/24/exploiting-a-v8-oob-write/
https://halbecaf.com/2017/05/24/exploiting-a-v8-oob-write/
秒抢红包锁屏样本手动查杀操作|漏洞研究
https://xianzhi.aliyun.com/forum/read/1683.html
https://xianzhi.aliyun.com/forum/read/1683.html
FROM CRASH TO EXPLOIT: CVE-2015-6086
http://payatu.com/from-crash-to-exploit/
http://payatu.com/from-crash-to-exploit/
SecWiki周刊(第170期)
https://www.sec-wiki.com/weekly/170
https://www.sec-wiki.com/weekly/170
-----微信ID:SecWiki-----
SecWiki,13年来一直专注安全技术资讯分析!
SecWiki:https://www.sec-wiki.com本期原文地址: SecWiki周刊(第171期)
