SecWiki周刊(第174期)
2017/06/26-2017/07/02
安全资讯
CIA如何追踪目标的真实地理位置?扫描附近公共WiFi
http://www.4hou.com/info/news/5976.html
http://www.4hou.com/info/news/5976.html
Skype爆严重缓冲区溢出漏洞,可提权于无形之中(附演示视频)
http://www.4hou.com/info/news/5957.html/comment-page-1#comment-1230
http://www.4hou.com/info/news/5957.html/comment-page-1#comment-1230
Black Hat 2017黑帽大会:8款值得一看的黑客工具
http://www.4hou.com/tools/5844.html
http://www.4hou.com/tools/5844.html
CyberTeam宣称已攻破视频聊天软件Skype,下一个是游戏平台Steam
http://www.4hou.com/info/news/5803.html
http://www.4hou.com/info/news/5803.html
Humax WiFi路由器被爆0day漏洞,可获得管理员权限
http://www.4hou.com/vulnerable/5854.html
http://www.4hou.com/vulnerable/5854.html
突发!乌克兰多个政府、石油企业及航空公司遭受网络攻击
http://www.4hou.com/info/news/5882.html
http://www.4hou.com/info/news/5882.html
思科调查:你越信任HTTPS,越容易被攻击
http://www.4hou.com/info/news/5013.html
http://www.4hou.com/info/news/5013.html
中央网信办关于印发《国家网络安全事件应急预案》的通知
http://www.cac.gov.cn/2017-06/27/c_1121220113.htm
http://www.cac.gov.cn/2017-06/27/c_1121220113.htm
网络安全新前沿:一张图看80家采用人工智能来做安全的公司
http://www.freebuf.com/column/138469.html
http://www.freebuf.com/column/138469.html
《工业控制系统信息安全事件应急管理工作指南》(附解读)
https://mp.weixin.qq.com/s?__biz=MjM5OTUwMTc2OA==&mid=2650793095&idx=2&sn=e772f59af83b2fdad693484b64cf00ed&scene=0#wechat_redirect
https://mp.weixin.qq.com/s?__biz=MjM5OTUwMTc2OA==&mid=2650793095&idx=2&sn=e772f59af83b2fdad693484b64cf00ed&scene=0#wechat_redirect
工业和信息化部《工业控制系统信息安全事件应急管理工作指南》
http://www.miit.gov.cn/n1146295/n1652858/n1652930/n3757022/c5690298/content.html
http://www.miit.gov.cn/n1146295/n1652858/n1652930/n3757022/c5690298/content.html
安全技术
标准化建设之网络安全应急响应浅析
https://secvul.com/topics/707.html
https://secvul.com/topics/707.html
基于Graylog日志安全审计实践
http://bobao.360.cn/learning/detail/4025.html
http://bobao.360.cn/learning/detail/4025.html
Petya勒索病毒首发技术分析
http://www.freebuf.com/articles/system/138567.html
http://www.freebuf.com/articles/system/138567.html
解构Google Analytics(分析)跟踪脚本
https://billfranklin.svbtle.com/deconstructing-the-ga-script
https://billfranklin.svbtle.com/deconstructing-the-ga-script
漏洞预警 | FFmpeg曝任意文件读取漏洞
http://www.freebuf.com/vuls/138377.html
http://www.freebuf.com/vuls/138377.html
SigPloit framework: telecom vulnerability testing of SS7, GTP, Diamete
http://blog.ptsecurity.com/2017/06/sigploit-framework-published-telecom.html
http://blog.ptsecurity.com/2017/06/sigploit-framework-published-telecom.html
绕过AppLocker系列之Rundll32的利用
http://www.4hou.com/technology/5737.html
http://www.4hou.com/technology/5737.html
EXP学习--cve-2016-2434
http://ne2der.com/2017/EXP-cve-2016-2434/
http://ne2der.com/2017/EXP-cve-2016-2434/
通过组策略实现vpn掉线后自动断开与外界的网络通信
https://hack0nair.me/2013-09-11-how-to-disconnect-network-automatically-when-vpn-is-down-thourgh-group-policy/
https://hack0nair.me/2013-09-11-how-to-disconnect-network-automatically-when-vpn-is-down-thourgh-group-policy/
[EXPTECH系列]从Android内核镜像中静态提取符号表
http://ne2der.com/2017/get-symbol-from-kernel-img/
http://ne2der.com/2017/get-symbol-from-kernel-img/
Active Directory中常见的安全问题及解决方案
http://www.4hou.com/system/5555.html
http://www.4hou.com/system/5555.html
这些年,BlackTech网络间谍组织干过的事儿……
http://www.4hou.com/info/news/5761.html
http://www.4hou.com/info/news/5761.html
浅谈CTF中命令执行与绕过的小技巧
http://www.freebuf.com/articles/web/137923.html
http://www.freebuf.com/articles/web/137923.html
利用Wireshark任意获取QQ好友IP实施精准定位
http://www.freebuf.com/articles/web/137952.html
http://www.freebuf.com/articles/web/137952.html
WiFi-Pumpkin无线渗透测试框架实战教程
http://www.freebuf.com/articles/wireless/138063.html
http://www.freebuf.com/articles/wireless/138063.html
孤挺花(Armariris): 基于LLVM的支持多平台多语言的混淆器
https://github.com/GoSSIP-SJTU/Armariris
https://github.com/GoSSIP-SJTU/Armariris
基于 Viper 的二进制软件自动分析框架
http://www.4hou.com/technology/5796.html
http://www.4hou.com/technology/5796.html
2017 FIRST Conference Publications 会议议题见介绍及 PPT
https://www.first.org/conference/2017/program
https://www.first.org/conference/2017/program
htcap 基于PhantomJS/各种漏扫接口的 Web扫描程序
https://github.com/segment-srl/htcap
https://github.com/segment-srl/htcap
XSS'OR XSS测试与利用在线工具
https://github.com/evilcos/xssor2
https://github.com/evilcos/xssor2
从CTF题目中领悟的渗透技巧
http://www.4hou.com/reverse/5643.html
http://www.4hou.com/reverse/5643.html
Python安全 - 从SSRF到命令执行惨案
https://www.leavesongs.com/PENETRATION/getshell-via-ssrf-and-redis.html
https://www.leavesongs.com/PENETRATION/getshell-via-ssrf-and-redis.html
Linux&bash闯关CTF
https://mp.weixin.qq.com/s/8jlry-AVOocN2M6n425rIg
https://mp.weixin.qq.com/s/8jlry-AVOocN2M6n425rIg
CyberChef:The Cyber Swiss Army Knife 在线编解码
https://gchq.github.io/CyberChef/
https://gchq.github.io/CyberChef/
安天针对攻击乌克兰等国的“必加”(PETYA)病毒分析与应对
http://www.antiy.com/response/petya.html
http://www.antiy.com/response/petya.html
AttackDetection: Suricata PT Open Ruleset Suricata开放规则集
https://github.com/ptresearch/AttackDetection
https://github.com/ptresearch/AttackDetection
记一次对钓鱼邮件的实地反击
http://www.4hou.com/web/5800.html
http://www.4hou.com/web/5800.html
HackerOne 2017年度报告
https://www.hackerone.com/sites/default/files/2017-06/The%20Hacker-Powered%20Security%20Report.pdf
https://www.hackerone.com/sites/default/files/2017-06/The%20Hacker-Powered%20Security%20Report.pdf
如何利用HackRF分析无线电信号,解读无线语言
http://www.4hou.com/technology/5258.html
http://www.4hou.com/technology/5258.html
通过AppDomainManager劫持.Net程序的启动
https://3gstudent.github.io/3gstudent.github.io/Use-AppDomainManager-to-maintain-persistence/
https://3gstudent.github.io/3gstudent.github.io/Use-AppDomainManager-to-maintain-persistence/
基于nmap扫描结果的端口爆破工具:BrutesPray
http://bobao.360.cn/learning/detail/4024.html
http://bobao.360.cn/learning/detail/4024.html
高效使用 Python 可视化工具 Matplotlib
http://python.jobbole.com/87831/
http://python.jobbole.com/87831/
Petya Ransomware Without The Fluff
https://www.binarydefense.com/petya-ransomware-without-fluff/
https://www.binarydefense.com/petya-ransomware-without-fluff/
T00LS帖子正文XSS
http://mp.weixin.qq.com/s/HCKs6Bhc30dlMMmcIH401Q
http://mp.weixin.qq.com/s/HCKs6Bhc30dlMMmcIH401Q
Detecting Encrypted Malware Traffic (Without Decryption)
https://blogs.cisco.com/security/detecting-encrypted-malware-traffic-without-decryption
https://blogs.cisco.com/security/detecting-encrypted-malware-traffic-without-decryption
2017年网络威胁防御报告
https://www.sec-un.org/2017%e5%b9%b4%e7%bd%91%e7%bb%9c%e5%a8%81%e8%83%81%e9%98%b2%e5%be%a1%e6%8a%a5%e5%91%8a/
https://www.sec-un.org/2017%e5%b9%b4%e7%bd%91%e7%bb%9c%e5%a8%81%e8%83%81%e9%98%b2%e5%be%a1%e6%8a%a5%e5%91%8a/
How I Built An XSS Worm On Atmail
https://www.bishopfox.com/blog/2017/06/how-i-built-an-xss-worm-on-atmail/
https://www.bishopfox.com/blog/2017/06/how-i-built-an-xss-worm-on-atmail/
绝不避谈 Docker 安全
https://mp.weixin.qq.com/s/IN_JJhg_oG7ILVjNj-UexA
https://mp.weixin.qq.com/s/IN_JJhg_oG7ILVjNj-UexA
狗汪汪玩转无线电——不安全的蓝牙锁
https://xianzhi.aliyun.com/forum/read.php?tid=1799&displayMode=1&page=1&toread=1#tpc
https://xianzhi.aliyun.com/forum/read.php?tid=1799&displayMode=1&page=1&toread=1#tpc
骑士人才系统4.2.3任意前台账号登录
http://ecma.io/738.html
http://ecma.io/738.html
记一次境外站渗透过程
http://ecma.io/745.html
http://ecma.io/745.html
RDPInception: A proof of concept for the RDP Inception Attack
https://github.com/mdsecactivebreach/RDPInception
https://github.com/mdsecactivebreach/RDPInception
GoodBoy安全工具专场-NIKTO_神器
http://www.moonsos.com/post/235.html
http://www.moonsos.com/post/235.html
Practical guide to NTLM Relaying in 2017
https://byt3bl33d3r.github.io/practical-guide-to-ntlm-relaying-in-2017-aka-getting-a-foothold-in-under-5-minutes.html
https://byt3bl33d3r.github.io/practical-guide-to-ntlm-relaying-in-2017-aka-getting-a-foothold-in-under-5-minutes.html
owasp-orizon: source code static security analyzer tool in Java applications
https://github.com/thesp0nge/owasp-orizon
https://github.com/thesp0nge/owasp-orizon
Sharkpy:NSA使用的基于wireshark和libpcap分析流量工具
http://www.4hou.com/tools/5792.html
http://www.4hou.com/tools/5792.html
DNS Auto Rebinding
http://www.thinkings.org//2017/06/25/dns-auto-rebinding.html
http://www.thinkings.org//2017/06/25/dns-auto-rebinding.html
Alpine Linux:从漏洞发现到代码执行
http://www.4hou.com/system/5810.html
http://www.4hou.com/system/5810.html
Howl: 网络设备 web 服务指纹扫描与检索
https://github.com/0xbug/Howl
https://github.com/0xbug/Howl
Oauth协议介绍与安全隐患
https://mp.weixin.qq.com/s/bK6RSpX65XlHmbMG1N0myg
https://mp.weixin.qq.com/s/bK6RSpX65XlHmbMG1N0myg
SecWiki周刊(第173期)
https://www.sec-wiki.com/weekly/173
https://www.sec-wiki.com/weekly/173
Meet Securitybot: Open Sourcing Automated Security at Scale
https://blogs.dropbox.com/tech/2017/02/meet-securitybot-open-sourcing-automated-security-at-scale/
https://blogs.dropbox.com/tech/2017/02/meet-securitybot-open-sourcing-automated-security-at-scale/
Gartner:2017年11大顶尖信息安全技术
http://www.freebuf.com/articles/paper/137746.html
http://www.freebuf.com/articles/paper/137746.html
基于递归神经网络的监督序列标记(1)
http://phantom0301.cc/2017/06/22/rnntolabel/
http://phantom0301.cc/2017/06/22/rnntolabel/
制作WiFiDucky远程HID攻击设备
https://xianzhi.aliyun.com/forum/read.php?tid=1791&displayMode=1&page=1&toread=1#2930
https://xianzhi.aliyun.com/forum/read.php?tid=1791&displayMode=1&page=1&toread=1#2930
The New and Improved macOS Backdoor from OceanLotus
https://researchcenter.paloaltonetworks.com/2017/06/unit42-new-improved-macos-backdoor-oceanlotus/
https://researchcenter.paloaltonetworks.com/2017/06/unit42-new-improved-macos-backdoor-oceanlotus/
通过样本分析CVE-2010-3333
https://xianzhi.aliyun.com/forum/read/1785.html
https://xianzhi.aliyun.com/forum/read/1785.html
Machine Learning & Deep Learning Tutorials
https://github.com/ujjwalkarn/Machine-Learning-Tutorials
https://github.com/ujjwalkarn/Machine-Learning-Tutorials
Dr0p1t-Framework: A framework create dropper that bypass most AVs
https://github.com/D4Vinci/Dr0p1t-Framework
https://github.com/D4Vinci/Dr0p1t-Framework
供应商景观:2017年外部威胁情报
https://mp.weixin.qq.com/s?__biz=MzI4NzU2NjU4NQ==&mid=2247484995&idx=1&sn=72b94386eaefdae32a214c6bbf75e4d2&scene=0#wechat_redirect
https://mp.weixin.qq.com/s?__biz=MzI4NzU2NjU4NQ==&mid=2247484995&idx=1&sn=72b94386eaefdae32a214c6bbf75e4d2&scene=0#wechat_redirect
利用单片机快速实现家庭智能控制平台
http://www.freebuf.com/news/138438.html
http://www.freebuf.com/news/138438.html
攻击容器集群管理平台
http://paper.seebug.org/332/
http://paper.seebug.org/332/
窃取 OAuth 令牌绕过 Airbnb 身份验证
http://www.4hou.com/vulnerable/5805.html
http://www.4hou.com/vulnerable/5805.html
实用教程:手动安卓应用中注入msf后门
http://www.4hou.com/mobile/5794.html
http://www.4hou.com/mobile/5794.html
2017年第一季度反电信网络诈骗大数据报告
http://book.yunzhan365.com/aoar/sbgt/mobile/index.html#p=1
http://book.yunzhan365.com/aoar/sbgt/mobile/index.html#p=1
[S&P’17论文] 恶意软件网络通信:进化和洞察
http://www.arkteam.net/?p=1863
http://www.arkteam.net/?p=1863
Limacharlie – Endpoint monitoring stack 终端安全
https://github.com/refractionPOINT/limacharlie
https://github.com/refractionPOINT/limacharlie
蓝牙App漏洞系列分析之三CVE-2017-0645
https://xianzhi.aliyun.com/forum/read/1788.html
https://xianzhi.aliyun.com/forum/read/1788.html
Automated Binary Analysis Framework using Viper
http://lockboxx.blogspot.jp/2017/06/automated-binary-analysis-framework-for.html
http://lockboxx.blogspot.jp/2017/06/automated-binary-analysis-framework-for.html
Introduction to osquery for Threat Detection & DFIR
https://komunity.komand.com/learn/featured/introduction-to-osquery-for-threat-detection-dfir/
https://komunity.komand.com/learn/featured/introduction-to-osquery-for-threat-detection-dfir/
-----微信ID:SecWiki-----
SecWiki,13年来一直专注安全技术资讯分析!
SecWiki:https://www.sec-wiki.com本期原文地址: SecWiki周刊(第174期)
