SecWiki周刊（第182期)

SecWiki周刊（第182期）

2017/08/21-2017/08/27

安全资讯

[新闻] 美军网络司令部升级&美国情报体系大起底
http://www.arkteam.net/?p=2663

[观点] 2017年网络犯罪现状分析报告
http://www.4hou.com/info/news/7268.html

[人物] 王伟：五年前就已财务自由，但他决定再拼十年
https://mp.weixin.qq.com/s?__biz=MzIzMTAzNzUxMQ==&mid=2652881480&idx=1&sn=92e0b5189cc92314c0b8680cb0a8ceb9&scene=0#wechat_redirect

[人物] 王红阳：低调也会发光
https://mp.weixin.qq.com/s?__biz=MjM5NjkyMTk5Mg==&mid=2650597864&idx=1&sn=60a58436e65283ce404eb837404c31a1&scene=0#wechat_redirect

[新闻] 全景揭秘美网军司令部“升级记”
https://mp.weixin.qq.com/s?__biz=MzI4MTM5NDMwOQ==&mid=2247487942&idx=1&sn=178e424144cdcf6cfd1ba99776d059eb&scene=0#wechat_redirect

[新闻] 概念研究：新型攻击可以修改已发送的电子邮件内容
http://www.4hou.com/info/news/7379.html

安全技术

[设备安全] Exploitee.rs Wiki：IOT Exploits Lists
https://www.exploitee.rs/index.php/Main_Page

[漏洞分析] Java RMI 反序列化漏洞检测工具的编写
https://bbs.ichunqiu.com/thread-20414-1-1.html?from=sec

[其它] 一些牛逼的博客推荐
http://mp.weixin.qq.com/s/cxBbymkYBdvWMeyFxps3YA

[Web安全] 很多时候你需要的只是一个shell
https://klionsec.github.io/2016/09/27/revese-shell/

[Web安全] 逻辑漏洞小结
https://tom0li.github.io/2017/07/17/%E9%80%BB%E8%BE%91%E6%BC%8F%E6%B4%9E%E5%B0%8F%E7%BB%93/

[Web安全] 小密圈备份-json版本
https://github.com/AndreaOm/xiaomiquan_bak

[Web安全] 如何利用 socat 更方便地穿透目标内网
https://klionsec.github.io/2017/07/31/socat-meterpreter/

[运维安全] mimikatz 用法小记 [ 非交互抓取本地密码明文及hash ]
https://klionsec.github.io/2016/07/23/mimikatz-one/

[无线安全] aircrack & hashcat 非字典高速破解目标无线密码
https://klionsec.github.io/2015/04/14/aircrack-hascat/

[Web安全] 站在Java的视角，深度分析防不胜防的小偷——“XSS”
http://mp.weixin.qq.com/s?__biz=MzIzMzgxOTQ5NA==&mid=100000340&idx=1&sn=6ca4ec15ef6338daf1d4a907351d7c08&chksm=68fe9e5d5f89174b44f

[Web安全] 浏览器漏洞挖掘思路
https://zhuanlan.zhihu.com/p/28719766?utm_medium=social&utm_source=weibo

[Web安全] ThinkPHP缓存函数设计缺陷导致GetShell漏洞复现
https://drops.org.cn/index.php/archives/262/

[Web安全] 携程安全自动化测试之路
http://techshow.ctrip.com/archives/2315.html

[编程技术] Rendertron: Docker 版本的 Chrome headless
https://github.com/GoogleChrome/rendertron

[漏洞分析] ScrumWorks Pro Remote Code Execution
https://blogs.securiteam.com/index.php/archives/3387

[漏洞分析] Triggering a DNS lookup using Java Deserialization
https://blog.paranoidsoftware.com/triggering-a-dns-lookup-using-java-deserialization/

[文档] Awesome-Hacking: collection of awesome lists for hackers, pentesters & security
https://securityonline.info/awesome-hacking-collection-awesome-lists-hackers-pentesters-security-researchers/?utm_source=ReviveOldPost&utm_medium=social&utm_campaign=ReviveOldPost

[文档] WiFi万能钥匙SRC安全沙龙第一期 PPT
https://mp.weixin.qq.com/s?__biz=MzI1NTY2MTkwNw==&mid=2247483798&idx=1&sn=8992a94f41f91945f201ebcd48a104c5&scene=0#wechat_redirect

[其它] hitb sg2017
https://gsec.hitb.org/materials/sg2017/

[漏洞分析] geetest_break: 极验验证码破解-源码+手册
https://github.com/FanhuaandLuomu/geetest_break

[漏洞分析] CVE-2017-6327: Symantec Messaging Gateway <= 10.6.3-2 unauthenticated root RCE
http://seclists.org/fulldisclosure/2017/Aug/28

[Web安全] 浅谈分布式渗透框架的架构与设计
https://zhuanlan.zhihu.com/p/28781870

[Web安全] 利用 PhantomJS + Python 完成动态检测XSS
http://blog.fr1day.me/2016/09/05/XSS_dynamic_detection_using_PhantomJs/

[Web安全] QQ邮箱反射型xss漏洞
http://pirogue.org/2017/08/25/qqmailxss/

[Web安全] windows提权系列中篇
http://mp.weixin.qq.com/s/ERXOLhWo0-lJbMV143I8hA

[Web安全] Discuz X3.3补丁安全分析
https://cert.360.cn/static/files/Discuz%20X3.3%E8%A1%A5%E4%B8%81%E5%AE%89%E5%85%A8%E5%88%86%E6%9E%90.pdf

[Web安全] 渗透测试学习笔记之案例三
http://avfisher.win/archives/766

[Web安全] 菜比的php一句话木马学习之路
https://bbs.ichunqiu.com/thread-26365-1-1.html?from=sec

[运维安全] db_security:数据库安全审计工具
https://github.com/aWeiMiaoMiao/db_security

[漏洞分析] D-Link-Dir-850L-远程命令执行漏洞
https://xianzhi.aliyun.com/forum/read/2010.html

[漏洞分析] ZzCMS前台任意脚本上传漏洞复现
https://bbs.ichunqiu.com/thread-25803-1-1.html?from=sec

[运维安全] Autosonda：自动化检测防火墙规则工具
http://www.solidot.org/story?sid=53559

[Web安全] 蜜罐与内网安全从0到1（一）
https://sosly.me/index.php/2017/08/23/goldenspark1/

[其它] 互联网广告作弊十八般武艺(下)
https://mp.weixin.qq.com/s/Ut0_yj2YoPMwEAokNDPv5g

[漏洞分析] cve-2017-1708-exploits
https://dl.packetstormsecurity.net/1708-exploits/msedgechakraint-overflow.txt

[Web安全] Http-Proxy-Scan: 利用censys.io快速爬取http代理
https://github.com/t4mo/Http-Proxy-Scan

[数据挖掘] 机器学习在安全攻防的实践
http://blog.nsfocus.net/machine-learning-techworld2017/

[编程技术] 3个步骤实现简单语言解释器（自制简易编程语言）
http://www.4hou.com/technology/7328.html

[其它] OSS-Fuzz Google's continuous fuzzing service for open source software
https://www.usenix.org/sites/default/files/conference/protected-files/usenixsecurity17_slides_serebryany.pdf

[恶意分析] 使用VENOM加密Payload绕过杀软
https://www.linkedin.com/pulse/bypass-anti-virus-detection-encrypted-payloads-using-venom-james-ceh

[恶意分析] 国际网络犯罪基础设施被曝光
https://mp.weixin.qq.com/s?__biz=MzI4ODA4MTcxMA==&mid=2649550825&idx=1&sn=872c19bf16f23764962dec2b5c520ea4&scene=0#wechat_redirect

[恶意分析] Spam and phishing in 2017 Q2 卡巴垃圾邮件与网络钓鱼分析报告
https://securelist.com/spam-and-phishing-in-q2-2017/81537/

[Web安全] HITB-2017-write-ups
https://rawsec.ml/en/HITB-2017-write-ups/

[其它] 远控木马上演白利用偷天神技：揭秘假破解工具背后的盗刷暗流
http://www.freebuf.com/articles/terminal/144590.html

[Web安全] XSS Challenges闯关笔记
http://www.cnblogs.com/r00tuser/p/7413526.html

[工具] 信息收集——僵尸扫描
http://mp.weixin.qq.com/s/1i8BbkGsVcXPIQ9_TK30zw

[数据挖掘] 基于大数据的银行反欺诈的分析报告
https://mp.weixin.qq.com/s?src=3&timestamp=1503321842&ver=1&signature=wY1ir8cJnYOrJaEuqSpwGPmtZl0LoKYSaXiV8UTZ3ceU60OTt0979sPIoueestR4ocFA-Nj-7AbAI5W2JmJqdFmxVY4HSfRTAnerzvUl76MUyCm0NV6qI6*qkF*2EGF9Om6pC*NZ*o5lM2hqPyX5RflhMCq99AGpd*Zj7Fv1VIY=

[Web安全] XSS Tricks:从self-XSS到上了你的百度
http://blog.fr1day.me/2016/09/07/XSS_Tricks_%E4%BB%8Eself-XSS%E5%88%B0%E4%B8%8A%E4%BA%86%E4%BD%A0%E7%9A%84%E7%99%BE%E5%BA%A6/

[运维安全] vulscan: Advanced vulnerability scanning with Nmap NSE
https://github.com/scipag/vulscan

[移动安全] 专栏：IDA反汇编/反编译静态分析iOS模拟器程序
http://blog.csdn.net/column/details/ios-ida.html

[论文] 在内网中自动化寻找管理员的技术
http://www.4hou.com/penetration/7332.html

[其它] SecWiki周刊（第181期)
https://www.sec-wiki.com/weekly/181

[运维安全] 公有云厂商自建威胁情报系统
http://www.4hou.com/technology/7355.html

[运维安全] DockerScan：Docker安全分析&测试工具
http://www.freebuf.com/column/145215.html

[Web安全] PhpcmsV9从反射型XSS到CSRF绕过到Getshell
https://mp.weixin.qq.com/s?__biz=MzI5MzY2MzM0Mw==&mid=2247484057&idx=1&sn=f06345169823dfc359287bf33bda34e0

[Web安全] 深入理解 https 加密过程
https://klionsec.github.io/2017/07/31/https-learn/

[Web安全] 重新理解 http 协议
https://klionsec.github.io/2017/06/18/http-basic/

[其它] 一次针对人肉者的反社工
https://bbs.ichunqiu.com/thread-26353-1-1.html?from=sec

[无线安全] 无线渗透(上)--WPA加密
https://mp.weixin.qq.com/s?__biz=MzI5MDQ2NjExOQ==&mid=2247484868&idx=1&sn=c9f9547e9bdb4fb9699ab47f2e307d35&chksm=ec1e35ecdb69bcfa42443929bac42d030adda02d1885222aa53d6b4c49b736736be97d11ae7e#rd

[Web安全] 浅谈Session机制及CSRF攻防
http://mp.weixin.qq.com/s/aID_N9bgq91EM26qVSVBXw

[移动安全] 360加固保关键技术浅析
http://www.freebuf.com/articles/terminal/145102.html

[Web安全] 黑客的探路狗-ReconDog-信息收集工具
https://bbs.ichunqiu.com/thread-26242-1-1.html?from=sec

[漏洞分析] Tunnel Manager - From RCE to Docker Escape
https://xianzhi.aliyun.com/forum/read/2009.html

[漏洞分析] Accidental Directory Stream
https://tyranidslair.blogspot.co.uk/2017/08/accidental-directory-stream.html

[观点] 师夷长技——谈谈黑帽（Black Hat）2017大会的一些体会
https://mp.weixin.qq.com/s?__biz=MzI2NTA4MDE5NQ==&mid=2651622427&idx=1&sn=8dd1d69ffa8a8ae9de43c79c564aae91&scene=0#wechat_redirect

[观点] 不是修改数据的攻击就叫数据攻击
http://blog.sina.com.cn/s/blog_85e506df0102x9fa.html

[恶意分析] 通过Shellcode聚类识别定向攻击相关的恶意代码
https://mp.weixin.qq.com/s/5RYOMEyOa5kR-yQ9So07sA

[恶意分析] Understanding the Mirai Botnet
https://www.usenix.org/system/files/conference/usenixsecurity17/sec17-antonakakis.pdf

[Web安全] ipc弹shell 小记
https://klionsec.github.io/2016/09/24/ipc-reverse-shell/

[Web安全] 模糊测试之实例讲解
https://bbs.ichunqiu.com/thread-26336-1-1.html?from=sec

[Web安全] 基于Censys API 的命令行搜索脚本
https://github.com/gelim/censys

[工具] SpiderFoot and SHODAN
https://asciinema.org/a/127601

[工具] 用msf生成常用payload
http://mp.weixin.qq.com/s/fnpwTblrEYWxGVyETIFu8A

-----微信ID：SecWiki-----
SecWiki，13年来一直专注安全技术资讯分析！
SecWiki：https://www.sec-wiki.com

本期原文地址: SecWiki周刊(第182期)

SecWiki周刊（第182期）

最新公告

友情链接

SecWiki公众号

安全学术圈