SecWiki周刊（第173期)

SecWiki周刊（第173期）

2017/06/19-2017/06/25

安全资讯

[移动安全] 控制域名忘记续费，三星数百万台手机陷入“任人宰割”境地
http://www.4hou.com/info/news/5548.html

[爆库] The RNC Files: Inside the Largest US Voter Data Leak
https://www.upguard.com/breaches/the-rnc-files

[恶意分析] 维基解密揭露针对网闸设备和封闭网络的CIA工具
https://mp.weixin.qq.com/s?__biz=MzI2NzM3MTQ1Mw==&mid=2247484066&idx=1&sn=a621127befdc3b9192e7066b63279531&scene=0#wechat_redirect

[人物] 毕裕：从电脑少年到威胁猎人他要将账号安全做到极致
https://mp.weixin.qq.com/s?__biz=MzIzMTAzNzUxMQ==&mid=2652880455&idx=1&sn=14cde1dff8bbe7141c9d1bfe9d6015ef&scene=0#wechat_redirect

[新闻] 首届中国数据安全峰会上阿里和华为都讲了啥
http://www.aqniu.com/industry/26134.html

[新闻] 中国网络安全企业50强（2017年上半年）
https://www.easyaq.com/news/897276489.shtml

[新闻] 32TB of Windows 10 internal builds, core source code leak online
http://www.theregister.co.uk/2017/06/23/windows_10_leak/

[观点] 《网络安全法》概要及企业应对介绍中文版
https://mp.weixin.qq.com/s?__biz=MzIyODcxODI5MA==&mid=2247484302&idx=1&sn=dcb296a41955ea7e1cd38d55d949af10&scene=0#wechat_redirect

[新闻] 维基解密爆料美国中情局文件事件综述
https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664108726&idx=1&sn=168cd3bae9760c5ac5cc7ed34373d5c0&scene=0#wechat_redirect

[人物] 腾讯云鼎实验室掌门人killer专访：安全路上，杀手没有假期
http://www.freebuf.com/articles/people/137348.html

安全技术

[工具] 强大的内网域渗透提权分析工具——BloodHound
http://www.4hou.com/penetration/5554.html

[Web安全] druid/wallfilter：基于SQL语义分析来实现防御SQL注入攻击
https://github.com/alibaba/druid/wiki/%E9%85%8D%E7%BD%AE-wallfilter

[漏洞分析] Windows Server中的 WINS 服务器远程内存损坏漏洞分析
http://www.4hou.com/vulnerable/5635.html

[恶意分析] 基于USB armory 制作一个USB恶意软件分析器
http://www.4hou.com/technology/5525.html

[数据挖掘] scikit-learn随机森林调参小结
http://www.cnblogs.com/pinard/p/6160412.html

[Web安全] CloudFail: 查找CloudFlare CDN 背后的真实 IP 地址
https://github.com/m0rtem/CloudFail

[Web安全] Rasp 技术介绍与实现
http://paper.seebug.org/330/

[无线安全] waidps: Wireless Auditing, Intrusion Detection & Prevention System
https://github.com/SYWorks/waidps

[数据挖掘] Kaggle初探--房价预测案例之数据分析
http://www.jianshu.com/p/62716b33e7be

[比赛] 2017 GCTF（全球华人网络安全技能大赛）线上赛writeup
http://www.freebuf.com/articles/others-articles/137491.html

[无线安全] 不止Kali 和 Aircrack-ng | 无线渗透工具合集
http://www.4hou.com/tools/5584.html

[比赛] CTF比赛中SQL注入的一些经验总结
http://www.freebuf.com/articles/web/137094.html

[Web安全] 域渗透提权分析工具 BloodHound 1.3 中的ACL攻击路径介绍
http://www.4hou.com/penetration/5752.html

[Web安全] Tomcat 源代码调试笔记 - 看不见的 Shell
https://mp.weixin.qq.com/s?__biz=MzI5Nzc0OTkxOQ==&mid=2247483666&idx=1&sn=6421b39037735953fa3148bdbf5bf912&chksm=ecb11de2dbc694f4e00a55667fdc81387d53494788f43ec90327fa64f8c02fa6805fc0577671&mpshare=1&scene=1&srcid=0623Z7avuWtePZvyDd2GWbOi&key=f0ee669

[Web安全] 子域名发掘神器：AQUATONE
http://www.freebuf.com/sectool/137806.html

[Web安全] 设计安全：漏洞扫描在Web应用安全的作用
https://mp.weixin.qq.com/s?__biz=MzI4NzU2NjU4NQ==&mid=2247484831&idx=1&sn=d037b43cfbd614df1019e7bb2a388348&chksm=ebcafa09dcbd731ff7cd4a01c474017a8aa6f4be88d5aa7df4b03c85823936627c78c7cd30bc&mpshare=1&scene=1&srcid=0620T2t4AdI8fWieqAJ8Xwhj&key=7dad740

[运维安全] 甲方安全建设步骤
http://pirogue.org/2017/06/17/%E7%94%B2%E6%96%B9%E5%AE%89%E5%85%A8%E5%BB%BA%E8%AE%BE%E6%AD%A5%E9%AA%A4/

[编程技术] 轻松组建分布式 pyspider 集群
https://imlonghao.com/10.html

[恶意分析] 从无效的DNS流量中检测基于DGA的恶意程序
http://paper.kakapo.ml/?p=135

[恶意分析] FIN7 APT组织攻击木马分析报告
http://www.freebuf.com/articles/network/137612.html

[取证分析] 电子数据取证技能树 (V1)
https://mp.weixin.qq.com/s?__biz=MzUyNTA2MTQ5Mw==&mid=2247483707&idx=1&sn=584d666fb85762354378d0919dad5ed5&scene=0#wechat_redirect

[运维安全] 没有钱的安全部之资产安全
http://www.jianshu.com/p/572431447613?from=timeline

[其它] vlany：Linux LD_PRELOAD rootkit (x86 and x86_64 architectures)
https://github.com/mempodippy/vlany

[Web安全] Java反序列化漏洞分析|漏洞研究
https://xianzhi.aliyun.com/forum/read/1757.html

[工具] Kali Linux中优秀Wifi渗透工具TOP 10
http://www.freebuf.com/sectool/137163.html

[Web安全] 班主任之眼！——看穿验证码少女の薄纱
https://mp.weixin.qq.com/s?__biz=MzA5ODUxOTA5Mg==&mid=2652553452&idx=1&sn=64488941360b6ecf39bd87692a2fbfc3&chksm=8b7e31b7bc09b8a1cfa12b807cd30f21f86f261587fab6ae9e6e96e4d9565cc8caf4de21a8de&mpshare=1&scene=1&srcid=0618wdfKfLDuFKYK6o4IQqPN&key=110a1ce

[设备安全] 路由器固件安全分析技术（一）
https://www.vulbox.com/knowledge/detail/?id=35

[Web安全] 菜鸟学代码审计-PIMS三个漏洞+里程密最新版V2.3 SQL注入漏洞
https://xianzhi.aliyun.com/forum/read/1761.html

[移动安全] 2017年度移动APP 安全漏洞与数据泄露现状报告
http://image.3001.net/uploads/pdf/2017%E5%B9%B4%E5%BA%A6%E7%A7%BB%E5%8A%A8App%E5%AE%89%E5%85%A8%E6%BC%8F%E6%B4%9E%E4%B8%8E%E6%95%B0%E6%8D%AE%E6%B3%84%E9%9C%B2%E7%8E%B0%E7%8A%B6%E6%8A%A5%E5%91%8A%20BY%20FreeBuf.pdf

[Web安全] Web 前端安全：从MVVM 框架说起
https://speakerdeck.com/oritz/mvvm-framework-security

[其它] 我当初是怎么管理技术团队的
http://www.cnblogs.com/zhengyun_ustc/p/7047366.html

[恶意分析] Wannacry深度解析：第一阶段tasksche
http://www.freebuf.com/vuls/135822.html

[漏洞分析] Share with care: Exploiting a Firefox UAF with shared array buffers
https://phoenhex.re/2017-06-21/firefox-structuredclone-refleak

[漏洞分析] 利用USB Flash Drive 黑掉马自达汽车
https://www.bleepingcomputer.com/news/security/you-can-hack-some-mazda-cars-with-a-usb-flash-drive/

[无线安全] 逆向分析华为E5573 4G Modem
http://www.4hou.com/technology/5744.html

[Web安全] 跨站的艺术-XSS入门与介绍
http://www.fooying.com/the-art-of-xss-1-introduction/

[运维安全] NTP/SNMP amplification attacks Carnal0wnage
http://carnal0wnage.attackresearch.com/2017/06/ntpsnmp-amplification-attacks.html

[漏洞分析] The OpenVPN post-audit bug bonanza
https://guidovranken.wordpress.com/2017/06/21/the-openvpn-post-audit-bug-bonanza/

[Web安全] 使用Python检测并绕过Web应用程序防火墙
http://www.4hou.com/penetration/5698.html

[运维安全] 怎样构建基于SDN网络的自动化运维系统
https://mp.weixin.qq.com/s?__biz=MzA4Nzg5Nzc5OA==&mid=2651667064&idx=1&sn=8b872635c9da1577802269d926e33bcb&scene=0#wechat_redirect

[Web安全] VIPROY - VoIP Pen-Test Kit for Metasploit Framework
https://github.com/fozavci/viproy-voipkit

[漏洞分析] 【技术分享】针对巴基斯坦的某APT活动事件分析
http://bobao.360.cn/learning/detail/4020.html

[其它] The Stack Clash
https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt

[恶意分析] malwaresearch: A command line tool to find malwares
https://github.com/MalwareReverseBrasil/malwaresearch

[数据挖掘] Findsploit: Find exploits in local and online databases
https://github.com/1N3/Findsploit

[编程技术] NSA OSS Technologies 美国国家安全局开源技术
https://nationalsecurityagency.github.io/

[数据挖掘] 一文读懂特征工程
https://mp.weixin.qq.com/s/CkDzLZCXOF6zzrn6_dd6Jw

[设备安全] 针对工业控制系统的新型攻击武器 Industroyer 深度剖析
http://paper.seebug.org/328/

[移动安全] trollface: AirDrop trollfaces to everyone.
https://github.com/neonichu/trolldrop

[数据挖掘] angel: 高性能分布式机器学习平台
https://github.com/Tencent/angel

[观点] Gartner公布2017年顶级安全技术
https://mp.weixin.qq.com/s?__biz=MzIwOTA1MDAyNA==&mid=2649841199&idx=4&sn=0dcad94c5f9930866bff7bae6cc3ff68&scene=0#wechat_redirect

[Web安全] Django两则CVE-2017-7233和CVE-2017-7234url跳转漏洞分析
https://xianzhi.aliyun.com/forum/read/1746.html

[设备安全] SCADA Penetration Testing: Do I need to be prepared
http://research.aurainfosec.io/scada-penetration-testing/

[设备安全] An easy way to pwn most of the vivotek network cameras
https://blog.cal1.cn/post/An%20easy%20way%20to%20pwn%20most%20of%20the%20vivotek%20network%20cameras

[Web安全] 浏览器指纹和追踪
https://0x0d.im/archives/broswer-fingerprint-and-tracking.html

[文档] 2017年上半年网络诈骗趋势研究报告
http://zt.360.cn/1101061855.php?dtid=1101062366&did=490534325

[编程技术] The PHP module rootkit [CODE]
https://github.com/Paradoxis/PHP-Rootkit

[设备安全] A PoC that the USB port is an attack surface for a Mazda car's
https://github.com/shipcod3/mazda_getInfo

[Web安全] Pcap_tools: 基于网络流量包的漏洞自动化分析
https://github.com/pythonran/Pcap_tools

[其它] snodew：PHP root (suid) reverse shell
https://github.com/mempodippy/snodew

[Web安全] Authentication bypass on Airbnb via OAuth tokens theft
https://www.arneswinnen.net/2017/06/authentication-bypass-on-airbnb-via-oauth-tokens-theft/

[Web安全] 我是如何拿下破冰项目的|技术讨论
https://xianzhi.aliyun.com/forum/read/1769.html

[恶意分析] 有效的基于区域的网络威胁信息共享
https://mp.weixin.qq.com/s?__biz=MzI4NzU2NjU4NQ==&mid=2247484946&idx=1&sn=6b902472c87438b47c5227c0d6d5de59&scene=0#wechat_redirect

[观点] 走近黑客雇佣市场：刀尖上“跳舞”，悬崖边狂欢
http://www.freebuf.com/news/137646.html

[数据挖掘] RussiaDNSLeak: Summary and archives of leaked Russian TLD DNS data
https://github.com/mandatoryprogrammer/RussiaDNSLeak

[运维安全] Deployment checklist for securely deploying Docker
https://github.com/GDSSecurity/Docker-Secure-Deployment-Guidelines

[编程技术] Your interpreter isn’t safe anymore — The PHP module rootkit
https://blog.paradoxis.nl/your-interpreter-isnt-safe-anymore-the-php-module-rootkit-c7ca6a1a9af5

[编程技术] 网络安全框架：联邦机构实施指南
https://mp.weixin.qq.com/s?__biz=MzI4NzU2NjU4NQ==&mid=2247484929&idx=1&sn=f94a98bacfa8cbca30765fc581112d9c&scene=0#wechat_redirect

[Web安全] SecWiki周刊（第172期)
https://www.sec-wiki.com/weekly/172

[编程技术] 聊聊容器网络那些事儿
https://mp.weixin.qq.com/s?__biz=MzA5OTAyNzQ2OA==&mid=2649691135&idx=1&sn=bb0b74bdc5d0904eb23772d83a5f09a5&scene=0#wechat_redirect

[运维安全] 20170616-信用评分模型
https://mp.weixin.qq.com/s?__biz=MzI4OTQ3MTI2NA==&mid=2247483810&idx=1&sn=7bc6d03ac221d74b850418747a8c8bdf&scene=0#wechat_redirect

[Web安全] A Pentester’s Guide to Group Scoping
http://www.harmj0y.net/blog/activedirectory/a-pentesters-guide-to-group-scoping/

[设备安全] Rethinking a Secure Internet of Things
http://iot.stanford.edu/doc/SITP-summary-2016-project.pdf

[Web安全] 大数据、机器学习推动下的验证码技术发展：网易易盾验证码评测与解读
http://www.freebuf.com/articles/network/133358.html

-----微信ID：SecWiki-----
SecWiki，13年来一直专注安全技术资讯分析！
SecWiki：https://www.sec-wiki.com

本期原文地址: SecWiki周刊(第173期)

SecWiki周刊（第173期）

最新公告

友情链接

SecWiki公众号

安全学术圈