SecWiki周刊(第177期)
2017/07/17-2017/07/23
安全资讯
百度首席安全科学家韦韬:我们的战斗,从“内存战争”到“黑产战争”
https://mp.weixin.qq.com/s?__biz=MzIwOTg5OTg3NA==&mid=2247483780&idx=1&sn=488ba332ec1fc868df101aae5ef97fbf&scene=0#wechat_redirect
https://mp.weixin.qq.com/s?__biz=MzIwOTg5OTg3NA==&mid=2247483780&idx=1&sn=488ba332ec1fc868df101aae5ef97fbf&scene=0#wechat_redirect
Vault 7系列“阴影”项目曝光:雷神公司暗中为CIA提供恶意程序分析
http://www.freebuf.com/news/141003.html
http://www.freebuf.com/news/141003.html
俄罗斯通过法律禁止使用 VPN 和代理服务器
http://www.solidot.org/story?sid=53183
http://www.solidot.org/story?sid=53183
两分钟了解网络犯罪服务平台那些不为人知的服务
http://www.4hou.com/info/news/6715.html
http://www.4hou.com/info/news/6715.html
检察机关科技装备展上的18家安全厂商
http://www.aqniu.com/industry/26782.html
http://www.aqniu.com/industry/26782.html
安全技术
WebLogic反序列化漏洞利用工具(CVE-2017-3248)
https://bbs.ichunqiu.com/thread-24795-1-1.html?from=sec
https://bbs.ichunqiu.com/thread-24795-1-1.html?from=sec
TrustZone曝出惊天漏洞,所有安卓手机危在旦夕
https://arxiv.org/abs/1707.05082
https://arxiv.org/abs/1707.05082
给表弟的Web安全入门建议
https://sosly.me/index.php/2017/07/17/studywebsec/
https://sosly.me/index.php/2017/07/17/studywebsec/
智能合约安全-parity多重签名钱包安全漏洞
http://www.cnblogs.com/xiaoxiaoleo/p/7209752.html
http://www.cnblogs.com/xiaoxiaoleo/p/7209752.html
勒索病毒让你WannaCry?其实防御很简单
http://www.toutiao.com/i6443568884246118925/
http://www.toutiao.com/i6443568884246118925/
复现弱密码摄像头被入侵
http://www.toutiao.com/i6439109103670264321/
http://www.toutiao.com/i6439109103670264321/
无线键盘潜在安全隐患分析
http://www.toutiao.com/i6444384307879346701/
http://www.toutiao.com/i6444384307879346701/
The Cyber Kill Chain is making us dumber
https://theobsidiantower.com/2017/07/18/03853cdb10695731c8bb15518c0ceb58a5fe428d.html
https://theobsidiantower.com/2017/07/18/03853cdb10695731c8bb15518c0ceb58a5fe428d.html
CVE to PoC - CVE-2017-0059
https://redr2e.com/cve-to-poc-cve-2017-0059/
https://redr2e.com/cve-to-poc-cve-2017-0059/
利用 Huginn 将微信公众号转化为 RSS 订阅
https://www.40huo.cn/blog/wechat2rss-by-huginn.html
https://www.40huo.cn/blog/wechat2rss-by-huginn.html
从编写知乎粉丝监控到漏洞挖掘再到盗号
https://bbs.ichunqiu.com/thread-24853-1-1.html ?from=sec
https://bbs.ichunqiu.com/thread-24853-1-1.html ?from=sec
wukong: 悟空扫描器
https://github.com/Canbing007/wukong
https://github.com/Canbing007/wukong
2017 开放学术精准画像大赛
https://biendata.com/competition/scholar/
https://biendata.com/competition/scholar/
Cmscan基于fofa搜索规则指纹识别工具
https://github.com/cuijianxiong/cmscan
https://github.com/cuijianxiong/cmscan
Hawkeye: GitHub 泄露监控系统
https://github.com/0xbug/Hawkeye
https://github.com/0xbug/Hawkeye
Recon 2017 Slides
https://recon.cx/2017/montreal/slides/
https://recon.cx/2017/montreal/slides/
提高驾驶技术:用GAN去除(爱情)动作片中的马赛克和衣服
https://bbs.ichunqiu.com/thread-24196-1-1.html?from=sec
https://bbs.ichunqiu.com/thread-24196-1-1.html?from=sec
EnglishmansDentist Exploit Analysis
https://blogs.technet.microsoft.com/srd/2017/07/20/englishmansdentist-exploit-analysis/
https://blogs.technet.microsoft.com/srd/2017/07/20/englishmansdentist-exploit-analysis/
GitHub上最好的代码浏览插件
http://www.geeksense.cn/plugin/
http://www.geeksense.cn/plugin/
Windows平台运行Masscan和Nmap
https://3gstudent.github.io/3gstudent.github.io/%E6%B8%97%E9%80%8F%E6%8A%80%E5%B7%A7-Windows%E5%B9%B3%E5%8F%B0%E8%BF%90%E8%A1%8CMasscan%E5%92%8CNmap/
https://3gstudent.github.io/3gstudent.github.io/%E6%B8%97%E9%80%8F%E6%8A%80%E5%B7%A7-Windows%E5%B9%B3%E5%8F%B0%E8%BF%90%E8%A1%8CMasscan%E5%92%8CNmap/
利用免费资源快速搭建分布式扫描架构
https://xianzhi.aliyun.com/forum/read/1880.html
https://xianzhi.aliyun.com/forum/read/1880.html
【我是正义的化身】一个钓鱼网站的社工+渗透之路
https://bbs.ichunqiu.com/thread-24603-1-1.html?from=sec
https://bbs.ichunqiu.com/thread-24603-1-1.html?from=sec
proxylist: 实时更新的代理IP列表
https://github.com/fate0/proxylist
https://github.com/fate0/proxylist
微软对 ShadowBrokers 公开的 Eternal Synergy SMBv1 Exploit 的分析(CVE-2017-0143)
http://www.4hou.com/technology/6651.html
http://www.4hou.com/technology/6651.html
Host-based Threat Modeling & Indicator Design
https://posts.specterops.io/host-based-threat-modeling-indicator-design-a9dbbb53d5ea
https://posts.specterops.io/host-based-threat-modeling-indicator-design-a9dbbb53d5ea
Analyzing a Patch of a Virtual Machine Escape on VMware 虚拟机逃逸
https://securingtomorrow.mcafee.com/mcafee-labs/analyzing-patch-of-a-virtual-machine-escape-on-vmware/
https://securingtomorrow.mcafee.com/mcafee-labs/analyzing-patch-of-a-virtual-machine-escape-on-vmware/
一文读懂深度学习(附学习资源)
https://mp.weixin.qq.com/s?__biz=MzI1MjQ2OTQ3Ng==&mid=2247485287&idx=1&sn=f083771d405860d84dee8325a9da2475&scene=0#wechat_redirect
https://mp.weixin.qq.com/s?__biz=MzI1MjQ2OTQ3Ng==&mid=2247485287&idx=1&sn=f083771d405860d84dee8325a9da2475&scene=0#wechat_redirect
路由器固件安全分析技术(二)
https://www.vulbox.com/knowledge/detail/?id=42
https://www.vulbox.com/knowledge/detail/?id=42
浅析PyCmd加密隐形木马
http://www.freebuf.com/sectool/140421.html
http://www.freebuf.com/sectool/140421.html
那个动不动就毁了我们服务的ddos到底为何物?
https://bbs.ichunqiu.com/thread-24924-1-1.html?from=sec
https://bbs.ichunqiu.com/thread-24924-1-1.html?from=sec
Spyware targets Iranian Android users by abusing messaging app Telegram’s Bot API
https://blog.avast.com/spyware-targets-iranian-android-users-by-abusing-messaging-app-telegram-bot-api
https://blog.avast.com/spyware-targets-iranian-android-users-by-abusing-messaging-app-telegram-bot-api
Apache Kafkafa反序列化漏洞
http://www.polaris-lab.com/index.php/archives/345/
http://www.polaris-lab.com/index.php/archives/345/
Android&iOS&macOS安全工程师技能表
https://github.com/feicong/sec_skills
https://github.com/feicong/sec_skills
VMware Escape Exploit before VMware WorkStation 12.5.5
https://github.com/unamer/vmware_escape
https://github.com/unamer/vmware_escape
思科 2017 年中网络安全报告
http://www.cisco.com/c/dam/m/digital/elq-cmcglobal/witb/1456403/Cisco_2017_Midyear_Cybersecurity_Report.pdf
http://www.cisco.com/c/dam/m/digital/elq-cmcglobal/witb/1456403/Cisco_2017_Midyear_Cybersecurity_Report.pdf
Subdomain Enumeration Using Censys & Crtsh!
https://github.com/appsecco/bugcrowd-levelup-subdomain-enumeration
https://github.com/appsecco/bugcrowd-levelup-subdomain-enumeration
“双枪”狙击:首例连环感染MBR和VBR的顽固木马分析
http://www.freebuf.com/articles/web/140113.html
http://www.freebuf.com/articles/web/140113.html
[译] Active Directory中获取域管理员权限的攻击方法
https://xianzhi.aliyun.com/forum/read/1882.html
https://xianzhi.aliyun.com/forum/read/1882.html
使用LuaQEMU对BCM WiFi框架进行仿真和利用
http://www.4hou.com/technology/6313.html
http://www.4hou.com/technology/6313.html
从DNS和sinkhole视角看WannaCry蠕虫
http://blog.netlab.360.com/wannacry-from-dns-and-sinkhole-view/
http://blog.netlab.360.com/wannacry-from-dns-and-sinkhole-view/
VBScript Injection via GNOME Thumbnailer
http://news.dieweltistgarnichtso.net/posts/gnome-thumbnailer-msi-fail.html
http://news.dieweltistgarnichtso.net/posts/gnome-thumbnailer-msi-fail.html
Hidden Network: Detecting Hidden Networks created with USB Devices
https://www.exploit-db.com/docs/42318.pdf
https://www.exploit-db.com/docs/42318.pdf
如何通过结合威胁情报实施情报驱动的防御
https://mp.weixin.qq.com/s?__biz=MzI4NzU2NjU4NQ==&mid=2247485126&idx=1&sn=bff986d9ec687313860eb922f4d384b2&scene=0#wechat_redirect
https://mp.weixin.qq.com/s?__biz=MzI4NzU2NjU4NQ==&mid=2247485126&idx=1&sn=bff986d9ec687313860eb922f4d384b2&scene=0#wechat_redirect
Splash SSRF到获取内网服务器ROOT权限
https://xianzhi.aliyun.com/forum/read/1872.html
https://xianzhi.aliyun.com/forum/read/1872.html
CTF Wiki 夺旗比赛入门与资源
https://ctf-wiki.github.io/ctf-wiki/#/introduction
https://ctf-wiki.github.io/ctf-wiki/#/introduction
一次对SNMP服务的渗透测试
https://bbs.ichunqiu.com/thread-24848-1-1.html?from=sec
https://bbs.ichunqiu.com/thread-24848-1-1.html?from=sec
A Penetration Tester’s Guide to PostgreSQL
https://medium.com/@panagiotis84/a-penetration-testers-guide-to-postgresql-e0eafd1a1028
https://medium.com/@panagiotis84/a-penetration-testers-guide-to-postgresql-e0eafd1a1028
10种常见的进程注入技术的总结
http://bobao.360.cn/learning/detail/4131.html
http://bobao.360.cn/learning/detail/4131.html
对某品牌无人机的研究与劫持实验
http://www.freebuf.com/news/140453.html
http://www.freebuf.com/news/140453.html
Cisco_WebEx_Browser_Extension_RCE漏洞(CVE–2017–6753)分析
https://cert.360.cn/files/Cisco_WebEx_Browser_Extension_RCE%E6%BC%8F%E6%B4%9E(CVE-2017-6753)%E5%88%86%E6%9E%90.pdf
https://cert.360.cn/files/Cisco_WebEx_Browser_Extension_RCE%E6%BC%8F%E6%B4%9E(CVE-2017-6753)%E5%88%86%E6%9E%90.pdf
NetworkRecon——网络漏洞渗透测试的一把新式武器
http://www.4hou.com/tools/6710.html
http://www.4hou.com/tools/6710.html
2017黑帽大会兵工厂工具列表
http://mp.weixin.qq.com/s/ygh2JE69FRRdLJEOXYTcUg
http://mp.weixin.qq.com/s/ygh2JE69FRRdLJEOXYTcUg
SecWiki周刊(第176期)
https://www.sec-wiki.com/weekly/176
https://www.sec-wiki.com/weekly/176
Windows 2012 上如何通过攻击ETERNALBLUE获得meterpreter反弹
https://xianzhi.aliyun.com/forum/read/1877.html
https://xianzhi.aliyun.com/forum/read/1877.html
S3 Buckets for Good and Evil
https://pentestarmoury.com/2017/07/19/s3-buckets-for-good-and-evil/
https://pentestarmoury.com/2017/07/19/s3-buckets-for-good-and-evil/
基于Django 框架 Redis ElasticSearch Web指纹搜索引擎
https://github.com/cuijianxiong/websearch
https://github.com/cuijianxiong/websearch
V1D0m: Enumerate subdomains through Virustotal
https://github.com/n4xh4ck5/V1D0m
https://github.com/n4xh4ck5/V1D0m
如何在未root的手机上安装漏洞利用框架RouterSploit
http://bobao.360.cn/learning/detail/4132.html
http://bobao.360.cn/learning/detail/4132.html
比特币病毒让你WannaCry?不如来试试数据恢复!
http://www.toutiao.com/i6443938469013094925/
http://www.toutiao.com/i6443938469013094925/
Docker 安全杂谈
https://0x0d.im/archives/docker-security.html
https://0x0d.im/archives/docker-security.html
通过域名注册控制目标所有io后缀的域名
http://www.4hou.com/technology/6216.html
http://www.4hou.com/technology/6216.html
开源框架Thinkphp5.0.10之前版本存在设计缺陷导致泄漏数据库账户密码
http://www.hfhuge.com/2017/07/Thinkphp5.X%E8%AE%BE%E8%AE%A1%E7%BC%BA%E9%99%B7%E5%AF%BC%E8%87%B4%E6%B3%84%E6%BC%8F%E6%95%B0%E6%8D%AE%E5%BA%93%E8%B4%A6%E6%88%B7%E5%AF%86%E7%A0%81.html
http://www.hfhuge.com/2017/07/Thinkphp5.X%E8%AE%BE%E8%AE%A1%E7%BC%BA%E9%99%B7%E5%AF%BC%E8%87%B4%E6%B3%84%E6%BC%8F%E6%95%B0%E6%8D%AE%E5%BA%93%E8%B4%A6%E6%88%B7%E5%AF%86%E7%A0%81.html
今天跟我一起来涨姿势,深入了解一下AWS S3访问控制机制
http://www.4hou.com/technology/6649.html
http://www.4hou.com/technology/6649.html
Android App Security Checklist
https://github.com/b-mueller/android_app_security_checklist
https://github.com/b-mueller/android_app_security_checklist
移动互联网勒索现象研究报告
http://www.freebuf.com/news/140553.html
http://www.freebuf.com/news/140553.html
[视频] Oracle OAM10g配置不当,导致会话劫持
http://www.4hou.com/vulnerable/6318.html
http://www.4hou.com/vulnerable/6318.html
ARM exploitation for IoT – Episode 1
https://quequero.org/2017/07/arm-exploitation-iot-episode-1/
https://quequero.org/2017/07/arm-exploitation-iot-episode-1/
-----微信ID:SecWiki-----
SecWiki,13年来一直专注安全技术资讯分析!
SecWiki:https://www.sec-wiki.com本期原文地址: SecWiki周刊(第177期)
