SecWiki周刊(第199期)
2017/12/18-2017/12/24
安全资讯
闷声发大财年度之星:2017挖矿木马的疯狂敛财暗流
https://weibo.com/ttarticle/p/show?id=2309404186375594332080
https://weibo.com/ttarticle/p/show?id=2309404186375594332080
非英雄史观的乙方安全和甲方安全工作体验
https://im1gd.me/2017/12/18/jiangvsyi/
https://im1gd.me/2017/12/18/jiangvsyi/
黑客的滑铁卢——美国大断网全纪实
https://mp.weixin.qq.com/s/25f5gK0fXIr_UV9xROLX3w
https://mp.weixin.qq.com/s/25f5gK0fXIr_UV9xROLX3w
水落石出!原来WannaCry事件元凶是三胖!
http://www.4hou.com/info/news/9369.html
http://www.4hou.com/info/news/9369.html
迈克菲实验室:2018年5大网络安全趋势预测
http://www.4hou.com/info/news/9350.html
http://www.4hou.com/info/news/9350.html
2018年金融行业网络犯罪趋势预测
http://www.4hou.com/info/news/9210.html
http://www.4hou.com/info/news/9210.html
张长河:从国家队骨干到网络安全护法
https://mp.weixin.qq.com/s/W5VC5tgktdYe_MWidBwByQ
https://mp.weixin.qq.com/s/W5VC5tgktdYe_MWidBwByQ
APT34攻击再升级,利用CVE-2017-11882漏洞攻击中东国家
http://www.4hou.com/vulnerable/9296.html
http://www.4hou.com/vulnerable/9296.html
2017年值得关注的10起数据泄露事件
https://weibo.com/ttarticle/p/show?id=2309404186255733731332
https://weibo.com/ttarticle/p/show?id=2309404186255733731332
Looking Ahead: Three Bold Cybersecurity Predictions for 2018
https://securityintelligence.com/looking-ahead-three-bold-cybersecurity-predictions-for-2018/?from=timeline
https://securityintelligence.com/looking-ahead-three-bold-cybersecurity-predictions-for-2018/?from=timeline
2018年国家重点研发计划40个重点专项
https://mp.weixin.qq.com/s/q2Inex4wgBLOMVJgFnDXuQ
https://mp.weixin.qq.com/s/q2Inex4wgBLOMVJgFnDXuQ
Windows 10预装的密码管理器可能会有凭证泄漏风险
http://www.4hou.com/vulnerable/9342.html
http://www.4hou.com/vulnerable/9342.html
安全技术
Redis未授权访问致远程植入挖矿脚本(防御篇)
https://mp.weixin.qq.com/s?__biz=MzI3Njk2OTIzOQ==&mid=2247483818&idx=1&sn=b6068877196e1c240003ade42b2d4b77&chksm=eb6c23d2dc1baac498500e2d7ea3d2ff84e2ea90a9f02362b4ceddec275dcbdea359a18099b5#rd
https://mp.weixin.qq.com/s?__biz=MzI3Njk2OTIzOQ==&mid=2247483818&idx=1&sn=b6068877196e1c240003ade42b2d4b77&chksm=eb6c23d2dc1baac498500e2d7ea3d2ff84e2ea90a9f02362b4ceddec275dcbdea359a18099b5#rd
重温经典-IIS短文件名漏洞分析及利用
http://www.lsablog.com/network_security/penetration/iis-short-name-analysis-and-exploit/
http://www.lsablog.com/network_security/penetration/iis-short-name-analysis-and-exploit/
2017 SECCON CTF vm_no_fun writeup
http://repwn.com/archives/30
http://repwn.com/archives/30
2017 HCTF Final game writeup
http://repwn.com/archives/31
http://repwn.com/archives/31
用命令行与Python,使用YARA规则
http://mp.weixin.qq.com/s/wjrR2gsApl7vH3CtWMGmxw
http://mp.weixin.qq.com/s/wjrR2gsApl7vH3CtWMGmxw
ROP Emporium 挑战 WP
http://mp.weixin.qq.com/s/KIwpBhMjGX3AUz_QUNNEsA
http://mp.weixin.qq.com/s/KIwpBhMjGX3AUz_QUNNEsA
S2-055 反序列化漏洞Exploit CVE-2017-7525
https://github.com/iBearcat/S2-055
https://github.com/iBearcat/S2-055
1.4 Billion Text Credentials Analysis (NLP)
https://github.com/philipperemy/tensorflow-1.4-billion-password-analysis
https://github.com/philipperemy/tensorflow-1.4-billion-password-analysis
GoAhead httpd 2.5 < 3.6.5 - 'LD_PRELOAD' Remote Code Execution
https://www.exploit-db.com/exploits/43360/
https://www.exploit-db.com/exploits/43360/
行业风口上的安全人员职业规划
https://mp.weixin.qq.com/s/icRTSbxjT-1Jf216u6F_pg
https://mp.weixin.qq.com/s/icRTSbxjT-1Jf216u6F_pg
对比特币挖矿木马分析研究和清除
https://bbs.ichunqiu.com/thread-30830-1-1.html?from=sec
https://bbs.ichunqiu.com/thread-30830-1-1.html?from=sec
OPNsense防火墙搭建实验环境,MSF与SSH进行流量转发
http://www.freebuf.com/articles/network/157089.html
http://www.freebuf.com/articles/network/157089.html
Apache Commons Collections反序列化漏洞学习
http://pirogue.org/2017/12/22/javaSerialKiller/
http://pirogue.org/2017/12/22/javaSerialKiller/
专家教你利用深度学习检测恶意代码
http://www.4hou.com/web/9136.html
http://www.4hou.com/web/9136.html
Metasploit 一条龙服务
http://mp.weixin.qq.com/s/BA6Up-Vtd1Xz73aeVYk-4A
http://mp.weixin.qq.com/s/BA6Up-Vtd1Xz73aeVYk-4A
net-creds:从网络嗅探或Pcap 文件提取敏感数据的工具
https://github.com/DanMcInerney/net-creds
https://github.com/DanMcInerney/net-creds
Android Accessibility点击劫持攻防
https://weibo.com/ttarticle/p/show?id=2309404186371647488370
https://weibo.com/ttarticle/p/show?id=2309404186371647488370
线下赛ASP靶机漏洞利用分析
http://mp.weixin.qq.com/s/S1h7vESMB7ytbfxvkZalAw
http://mp.weixin.qq.com/s/S1h7vESMB7ytbfxvkZalAw
快速自检电脑是否被黑客入侵过(Linux版)
https://www.pppan.net/blog/detail/2017-12-24-linux-self-check
https://www.pppan.net/blog/detail/2017-12-24-linux-self-check
企业安全建设—网络镜像流量分析的一些方法与思路
http://mp.weixin.qq.com/s/TSlIqCP53nxhi5Vq4TFRnw
http://mp.weixin.qq.com/s/TSlIqCP53nxhi5Vq4TFRnw
AppCMS v2.0.101 后门分析
https://xianzhi.aliyun.com/forum/topic/1806/
https://xianzhi.aliyun.com/forum/topic/1806/
17种安卓native反调试收集
https://bbs.pediy.com/thread-223460.htm
https://bbs.pediy.com/thread-223460.htm
NetSPI SQL Injection Wiki
https://sqlwiki.netspi.com/
https://sqlwiki.netspi.com/
高级持续渗透-第一季关于后门
https://micropoor.blogspot.jp/2017/12/php.html
https://micropoor.blogspot.jp/2017/12/php.html
渗透技巧——”隐藏”注册表的更多测试
http://www.4hou.com/penetration/9132.html
http://www.4hou.com/penetration/9132.html
S3Scanner: Scan for open S3 buckets and dump
https://github.com/sa7mon/S3Scanner
https://github.com/sa7mon/S3Scanner
GuardiCore中国黑产分析报告:Hex-Men!
https://www.anquanke.com/post/id/91779
https://www.anquanke.com/post/id/91779
利用WPAD/PAC与JScript,Exploiting Windows 10
https://cert.360.cn/static/files/%E5%88%A9%E7%94%A8WPADPAC%E4%B8%8EJScript%20Exploiting_Windows_10.pdf
https://cert.360.cn/static/files/%E5%88%A9%E7%94%A8WPADPAC%E4%B8%8EJScript%20Exploiting_Windows_10.pdf
Docker镜像扫描器的实现
http://www.freebuf.com/column/157784.html
http://www.freebuf.com/column/157784.html
Meterpreter免杀及对抗分析
https://green-m.github.io//2017/12/22/meterpreter-dection-and-evasion/
https://green-m.github.io//2017/12/22/meterpreter-dection-and-evasion/
subTee gists code backups
https://github.com/re4lity/subTee-gits-backups
https://github.com/re4lity/subTee-gits-backups
TeamViewer 13.0.5058中的权限漏洞测试
https://3gstudent.github.io/3gstudent.github.io/TeamViewer-13.0.5058%E4%B8%AD%E7%9A%84%E6%9D%83%E9%99%90%E6%BC%8F%E6%B4%9E%E6%B5%8B%E8%AF%95/
https://3gstudent.github.io/3gstudent.github.io/TeamViewer-13.0.5058%E4%B8%AD%E7%9A%84%E6%9D%83%E9%99%90%E6%BC%8F%E6%B4%9E%E6%B5%8B%E8%AF%95/
JAVA代码审计的一些Tips(附脚本)
https://mp.weixin.qq.com/s/josQv1X6YjsttZr1O32j2Q
https://mp.weixin.qq.com/s/josQv1X6YjsttZr1O32j2Q
VxWorks系统典型漏洞分析与影响范围统计
https://mp.weixin.qq.com/s/sV5696BRcR-GdEanYKWwNA
https://mp.weixin.qq.com/s/sV5696BRcR-GdEanYKWwNA
SecWiki周刊(第198期)
https://www.sec-wiki.com/weekly/198
https://www.sec-wiki.com/weekly/198
CVE-2017-17522 Python webbrowser.py 命令执行漏洞分析
https://lightless.me/archives/cve-2017-17522.html
https://lightless.me/archives/cve-2017-17522.html
GoAhead远程代码执行漏洞分析报告
https://mp.weixin.qq.com/s/QImpx8PJhaaLZkj7gvTynw
https://mp.weixin.qq.com/s/QImpx8PJhaaLZkj7gvTynw
Linux下恶意文件大规模共性分析探讨
http://www.freebuf.com/articles/system/157102.html
http://www.freebuf.com/articles/system/157102.html
2017最新系统集成商大全
https://mp.weixin.qq.com/s/aakdkvro9_ukjOvkIp83MQ
https://mp.weixin.qq.com/s/aakdkvro9_ukjOvkIp83MQ
Awesome-Vulnerability-Research: 漏洞研究技术资源
https://github.com/sergey-pronin/Awesome-Vulnerability-Research
https://github.com/sergey-pronin/Awesome-Vulnerability-Research
watchdog: IF (网页某区域有变化) THEN (邮件提醒你)
https://github.com/SaulLawliet/watchdog
https://github.com/SaulLawliet/watchdog
WordPress Captcha 插件后门事件 分析溯源报告
https://mp.weixin.qq.com/s/VoLu-dvx91q4OEjnJB4EjQ
https://mp.weixin.qq.com/s/VoLu-dvx91q4OEjnJB4EjQ
OWASP Hakcing Lab在线漏洞环境
http://www.freebuf.com/sectool/157072.html
http://www.freebuf.com/sectool/157072.html
10分钟带你上手TensorFlow实践(附代码)
https://mp.weixin.qq.com/s/UdXiDgbM18h4S6GczOOU5A
https://mp.weixin.qq.com/s/UdXiDgbM18h4S6GczOOU5A
通过Microsoft Office 窃取 NTLM Hashes
https://evi1cg.me/archives/Get_NTLM_Hashes.html
https://evi1cg.me/archives/Get_NTLM_Hashes.html
More Complex Intruder Attacks with Burp!
https://www.trustedsec.com/2017/12/complex-intruder-attacks-burp/
https://www.trustedsec.com/2017/12/complex-intruder-attacks-burp/
OWASP juice shop (三)
https://bbs.ichunqiu.com/thread-30816-1-1.html?from=sec
https://bbs.ichunqiu.com/thread-30816-1-1.html?from=sec
利用分析利器Angr帮助更好的Exploit
http://www.freebuf.com/sectool/157108.html
http://www.freebuf.com/sectool/157108.html
DDE攻击的迭代:利用Excel进行攻击
http://www.4hou.com/vulnerable/9212.html
http://www.4hou.com/vulnerable/9212.html
Public S3 Bucket Search Engine
http://blog.rojanrijal.com/2017/12/public-s3-bucket-search-engine-open.html?m=1
http://blog.rojanrijal.com/2017/12/public-s3-bucket-search-engine-open.html?m=1
Cyberespionage Campaign Sphinx Goes Mobile With AnubisSpy
http://blog.trendmicro.com/trendlabs-security-intelligence/cyberespionage-campaign-sphinx-goes-mobile-anubisspy/
http://blog.trendmicro.com/trendlabs-security-intelligence/cyberespionage-campaign-sphinx-goes-mobile-anubisspy/
-----微信ID:SecWiki-----
SecWiki,13年来一直专注安全技术资讯分析!
SecWiki:https://www.sec-wiki.com本期原文地址: SecWiki周刊(第199期)
