SecWiki周刊(第189期)
2017/10/09-2017/10/15
安全资讯
《网络安全法》执法案例汇总第二期
http://mp.weixin.qq.com/s/ouDszZXtibPqGWubgawjZQ
http://mp.weixin.qq.com/s/ouDszZXtibPqGWubgawjZQ
因弱密码导致澳大利亚国防相关内部资料被黑客窃取
https://nosec.org/my/threats/1588
https://nosec.org/my/threats/1588
我国网络信息安全产业概览(政策+产业链+挑战)
https://mp.weixin.qq.com/s/D2CxcifjuwvXixh_P2Z3pw
https://mp.weixin.qq.com/s/D2CxcifjuwvXixh_P2Z3pw
探索机器学习模型,保障账户安全
http://www.freebuf.com/articles/rookie/150179.html
http://www.freebuf.com/articles/rookie/150179.html
无国界威胁:美国陆军网络司令部协助防御国家网络
https://mp.weixin.qq.com/s/chS8rz7k6xyG2X9KmK1Myg
https://mp.weixin.qq.com/s/chS8rz7k6xyG2X9KmK1Myg
FBI可获取部分VPN服务商的用户日志
https://mp.weixin.qq.com/s/wW9juEphrqwSBy9sle0DYw
https://mp.weixin.qq.com/s/wW9juEphrqwSBy9sle0DYw
无处不在的窥视-美国Xkeyscore计划简介
https://mp.weixin.qq.com/s/8JeIRebbLJnIzQqJ7HVmAA
https://mp.weixin.qq.com/s/8JeIRebbLJnIzQqJ7HVmAA
安全技术
Microsoft Windows SMB远程代码执行漏洞(CVE-2017-11780)
https://nosec.org/my/threats/1587
https://nosec.org/my/threats/1587
ISC2017 第五届中国互联网安全大会课程资料-提取码:f45d
https://eyun.360.cn/surl_yjrTuVTt8Mc
https://eyun.360.cn/surl_yjrTuVTt8Mc
Metasploit和Cobalt Strike的四种联动场景
https://secvul.com/topics/862.html
https://secvul.com/topics/862.html
Mybatis OGNL导致的并发安全问题
https://zhuanlan.zhihu.com/p/30085658
https://zhuanlan.zhihu.com/p/30085658
阿里巴巴Java开发规约插件简要说明
https://zhuanlan.zhihu.com/p/30136165
https://zhuanlan.zhihu.com/p/30136165
Kali Linux信息收集工具全
http://www.freebuf.com/column/150118.html
http://www.freebuf.com/column/150118.html
Apache Tomcat JSP Upload Bypass exp - CVE-2017-12617
https://github.com/cyberheartmi9/CVE-2017-12617
https://github.com/cyberheartmi9/CVE-2017-12617
DependencyCheck: OWASP 一款检查Java依赖库缺陷的工具
https://github.com/jeremylong/DependencyCheck#
https://github.com/jeremylong/DependencyCheck#
如何快速大规模批量进行常规端口渗透
http://www.freebuf.com/column/150205.html
http://www.freebuf.com/column/150205.html
趋势科技产品Widgets模块多个漏洞复现
https://secvul.com/topics/873.html
https://secvul.com/topics/873.html
struts-scan: struts2漏洞全版本检测和利用工具
https://github.com/Lucifer1993/struts-scan
https://github.com/Lucifer1993/struts-scan
OpenFire后台插件上传获取webshell及免密码登录linux服务器
https://bbs.ichunqiu.com/thread-27954-1-1.html?from=sec
https://bbs.ichunqiu.com/thread-27954-1-1.html?from=sec
Typecho SSRF漏洞分析和利用
https://joychou.org/web/typecho-ssrf-analysis-and-exploit.html
https://joychou.org/web/typecho-ssrf-analysis-and-exploit.html
河马-利用机器学习检测WEBSHELL
http://blog.shellpub.com/2017/10/11/%E6%B2%B3%E9%A9%ACwebshell%E6%9C%BA%E5%99%A8%E5%AD%A6%E4%B9%A0.html
http://blog.shellpub.com/2017/10/11/%E6%B2%B3%E9%A9%ACwebshell%E6%9C%BA%E5%99%A8%E5%AD%A6%E4%B9%A0.html
渗透测试学习笔记之案例五
https://xianzhi.aliyun.com/forum/read/2206.html
https://xianzhi.aliyun.com/forum/read/2206.html
2017 Splunk Conference Sessions
http://conf.splunk.com/sessions/2017-sessions.html
http://conf.splunk.com/sessions/2017-sessions.html
一本 CTF 领域的大杂烩指南
https://firmianay.gitbooks.io/ctf-all-in-one/content/
https://firmianay.gitbooks.io/ctf-all-in-one/content/
Adobe ColdFusion Deserialization RCE (CVE-2017-11283, CVE-2017-11238)
https://nickbloor.co.uk/2017/10/13/adobe-coldfusion-deserialization-rce-cve-2017-11283-cve-2017-11238/
https://nickbloor.co.uk/2017/10/13/adobe-coldfusion-deserialization-rce-cve-2017-11283-cve-2017-11238/
一文读懂TensorFlow(附代码、学习资料)
https://mp.weixin.qq.com/s/SlitM8JToD7dN5E5Ue9wjA
https://mp.weixin.qq.com/s/SlitM8JToD7dN5E5Ue9wjA
AngelSword: 漏洞检测框架
https://github.com/Lucifer1993/AngelSword
https://github.com/Lucifer1993/AngelSword
PHPCMS MT_RAND SEED CRACK致authkey泄露
https://xianzhi.aliyun.com/forum/read/2202.html
https://xianzhi.aliyun.com/forum/read/2202.html
GSM Assessment Toolkit - A security evaluation framework for GSM networks
https://github.com/romankh/gsm-assessment-toolkit
https://github.com/romankh/gsm-assessment-toolkit
[终端安全]Linux应急响应姿势浅谈
http://www.4hou.com/system/7899.html
http://www.4hou.com/system/7899.html
记录与分享PHP WebShell 绕过WAF 的一些经验
https://github.com/lcatro/PHP-WebShell-Bypass-WAF
https://github.com/lcatro/PHP-WebShell-Bypass-WAF
BroCon ’17 会议材料,包括视频和PDF
https://www.bro.org/community/brocon2017.html
https://www.bro.org/community/brocon2017.html
奇葩webshell技巧
http://mp.weixin.qq.com/s/_Yg1C-6_liquATHB-vz65Q
http://mp.weixin.qq.com/s/_Yg1C-6_liquATHB-vz65Q
另类WebShell监测机制--基于auditd
https://mp.weixin.qq.com/s?__biz=MzI5ODE0ODA5MQ==&mid=2652278266&idx=1&sn=7b2f89643afaa22527644774a77b297b
https://mp.weixin.qq.com/s?__biz=MzI5ODE0ODA5MQ==&mid=2652278266&idx=1&sn=7b2f89643afaa22527644774a77b297b
内核漏洞进击之旅--Dark Composition Exploitation Case Study
https://whereisk0shl.top/Dark%20Composition%20Exploit%20in%20Ring0.html
https://whereisk0shl.top/Dark%20Composition%20Exploit%20in%20Ring0.html
低成本实现百 Gbps DDoS/CC 攻击防护
http://mp.weixin.qq.com/s/RgyPq9BA3XHJ8cW1CQD71Q
http://mp.weixin.qq.com/s/RgyPq9BA3XHJ8cW1CQD71Q
CVE-2017-8759_Word漏洞复现
https://bbs.ichunqiu.com/thread-27989-1-1.html?from=sec
https://bbs.ichunqiu.com/thread-27989-1-1.html?from=sec
Python 协程之从放弃到死亡再到重生
https://lightless.me/archives/python-coroutine-from-boom-to-dead-to-rebirth.html
https://lightless.me/archives/python-coroutine-from-boom-to-dead-to-rebirth.html
Detecting BadBIOS, Evil Maids, Bootkits, and Other Firmware Malware SeaGL
https://ia601507.us.archive.org/2/items/seagl-2017/seagl-2017.pdf
https://ia601507.us.archive.org/2/items/seagl-2017/seagl-2017.pdf
超过37000 Chrome 用户安装假的AdBlock Plus 插件
https://nosec.org/my/threats/1586
https://nosec.org/my/threats/1586
使用威胁情报追踪攻击者——Part 1 威胁情报的另类分类
https://zhuanlan.zhihu.com/p/30105006?group_id=902331950856048640
https://zhuanlan.zhihu.com/p/30105006?group_id=902331950856048640
利用 shodan hacking 辅助快速渗透大中型目标
http://www.jianshu.com/p/ee22367303d5
http://www.jianshu.com/p/ee22367303d5
深网与暗网初学者指南
https://zhuanlan.zhihu.com/p/29963330
https://zhuanlan.zhihu.com/p/29963330
一次误报引发的DNS检测方案的思考:DNS隧道检测平民解决方案
http://www.freebuf.com/articles/network/149328.html
http://www.freebuf.com/articles/network/149328.html
利用mysql general log 写shell 可行性简要分析
http://www.freebuf.com/column/150308.html
http://www.freebuf.com/column/150308.html
Macro-less Code Exec in MSWord
https://sensepost.com/blog/2017/macro-less-code-exec-in-msword/
https://sensepost.com/blog/2017/macro-less-code-exec-in-msword/
基于Django的双因子认证实现
http://www.freebuf.com/articles/network/150071.html
http://www.freebuf.com/articles/network/150071.html
玩儿懂深度学习Part 3:搭建深度神经网络
https://jizhi.im/blog/post/gpu-p3
https://jizhi.im/blog/post/gpu-p3
Remote Code Execution on rubygems.org
https://nosec.org/my/threats/1585
https://nosec.org/my/threats/1585
E-Mail Tracking-论文
https://www.schneier.com/blog/archives/2017/10/e-mail_tracking.html
https://www.schneier.com/blog/archives/2017/10/e-mail_tracking.html
一处漏洞全家遭殃!趋势科技多款软件均存在远程命令执行漏洞
http://www.4hou.com/vulnerable/7902.html
http://www.4hou.com/vulnerable/7902.html
Java 反序列化原理及漏洞利用
http://www.4hou.com/technology/7904.html
http://www.4hou.com/technology/7904.html
深度学习框架中的魔鬼 — 探究人工智能系统中的安全问题
http://blogs.360.cn/blog/devils-in-the-deep-learning-framework/
http://blogs.360.cn/blog/devils-in-the-deep-learning-framework/
2005-2017年国内科研单位在国际安全顶级会议中发表文章量统计
https://mp.weixin.qq.com/s/Kivzuq9EkHZKa0gNFcokSQ
https://mp.weixin.qq.com/s/Kivzuq9EkHZKa0gNFcokSQ
不重启Tomcat,覆盖本地代码
https://xianzhi.aliyun.com/forum/read/2189.html
https://xianzhi.aliyun.com/forum/read/2189.html
新型IoT机顶盒恶意软件Rowdy网络分析报告
http://blog.nsfocus.net/iot-set-top-box-malware-rowdy-network-analysis-report/
http://blog.nsfocus.net/iot-set-top-box-malware-rowdy-network-analysis-report/
微博深度学习平台架构和实践
http://geek.csdn.net/news/detail/239447
http://geek.csdn.net/news/detail/239447
PaX/Grsecurity 代码分析
https://github.com/hardenedlinux/grsecurity-101-tutorials/tree/master/grsec-code-analysis
https://github.com/hardenedlinux/grsecurity-101-tutorials/tree/master/grsec-code-analysis
rubygems.org远程命令执行漏洞分析
http://www.4hou.com/vulnerable/7917.html
http://www.4hou.com/vulnerable/7917.html
代码审计新姿势,从任意读到任意重置用户密码
https://xianzhi.aliyun.com/forum/read/2209.html
https://xianzhi.aliyun.com/forum/read/2209.html
工具推荐:逆向破解利器OllyDbg
http://www.4hou.com/tools/7890.html
http://www.4hou.com/tools/7890.html
玩儿懂深度学习Part 1:传统机器学习的回顾
https://jizhi.im/blog/post/gpu-p1
https://jizhi.im/blog/post/gpu-p1
爱奇艺业务安全风控体系的建设实践
https://mp.weixin.qq.com/s/2gcNY0LmgxpYT1K6uDaWtg
https://mp.weixin.qq.com/s/2gcNY0LmgxpYT1K6uDaWtg
Teemo: 域名收集及枚举工具
https://github.com/bit4woo/Teemo
https://github.com/bit4woo/Teemo
Hacking Books PDF 600+
https://drive.google.com/drive/folders/0B5rqWHARHFcVNUpNamdoMlRqRm8
https://drive.google.com/drive/folders/0B5rqWHARHFcVNUpNamdoMlRqRm8
木马APP的简单分析(Android Killer分析)
https://bbs.ichunqiu.com/thread-27661-1-1.html?from=sec
https://bbs.ichunqiu.com/thread-27661-1-1.html?from=sec
Outlook Home Page – Another Ruler Vector
https://sensepost.com/blog/2017/outlook-home-page-another-ruler-vector/
https://sensepost.com/blog/2017/outlook-home-page-another-ruler-vector/
SecWiki周刊(第188期)
https://www.sec-wiki.com/weekly/188
https://www.sec-wiki.com/weekly/188
玩儿懂深度学习Part 2:Tensorflow 简明原理
https://jizhi.im/blog/post/gpu-p2
https://jizhi.im/blog/post/gpu-p2
Disassembler and Runtime Analysis
http://blog.talosintelligence.com/2017/10/disassembler-and-runtime-analysis.html
http://blog.talosintelligence.com/2017/10/disassembler-and-runtime-analysis.html
iOS Privacy: steal.password - Easily get the user's Apple ID password
https://krausefx.com/
https://krausefx.com/
Manalyze: A static analyzer for PE executables
https://github.com/JusticeRage/Manalyze
https://github.com/JusticeRage/Manalyze
[译] XSLT attack
https://xianzhi.aliyun.com/forum/read/2196.html
https://xianzhi.aliyun.com/forum/read/2196.html
Check it Out: Enforcement of Bounds Checks in Native JIT Code
https://www.zerodayinitiative.com/blog/2017/10/5/check-it-out-enforcement-of-bounds-checks-in-native-jit-code
https://www.zerodayinitiative.com/blog/2017/10/5/check-it-out-enforcement-of-bounds-checks-in-native-jit-code
American Fuzzy Lop实例-基础用法
https://mp.weixin.qq.com/s/uBqz9UVcwlWQtpxlX1J2Gw
https://mp.weixin.qq.com/s/uBqz9UVcwlWQtpxlX1J2Gw
-----微信ID:SecWiki-----
SecWiki,12年来一直专注安全技术资讯分析!
SecWiki:https://www.sec-wiki.com本期原文地址: SecWiki周刊(第189期)
