SecWiki周刊（第207期)

SecWiki周刊（第207期）

2018/02/12-2018/02/18

安全资讯

[取证分析] NBC公布一个包含20万条被删除推文的数据库
https://www.cnbeta.com/articles/tech/699215.htm

[新闻] 意大利反腐机构使用洋葱服务建立告密平台
https://www.solidot.org/story?sid=55549

安全技术

[其它] Hiding in the Cloud: Cobalt Strike Beacon C2 using Amazon APIs
https://rhinosecuritylabs.com/aws/hiding-cloudcobalt-strike-beacon-c2-using-amazon-apis/

[恶意分析] NrsMiner：一个构造精密的挖矿僵尸网络
https://www.anquanke.com/post/id/98272

[Web安全] [漏洞复现]zzcms8.2#任意用户密码重置#del.php时间盲注#复现
http://www.cnblogs.com/ak47boom/p/8449120.html

[新闻] CNCERT 2018年1月我国DDoS攻击资源分析报告
http://www.freebuf.com/articles/network/162825.html

[Web安全] Stealing Data With CSS: Attack and Defense
https://www.mike-gualtieri.com/posts/stealing-data-with-css-attack-and-defense

[运维安全] Elk + Osquery + Kolide Fleet = Love
https://jordanpotti.com/2018/02/16/elk-osquery-kolide-fleet-love/

[运维安全] Loading "fileless" Shared Objects (memfd_create + dlopen)
https://x-c3ll.github.io/posts/fileless-memfd_create/

[运维安全] Stealing SSH credentials Another Approach.
https://mthbernardes.github.io/persistence/2018/02/10/stealing-ssh-credentials-another-approach.html

[漏洞分析] Asuswrt RT-AC68U 华硕路由器文件删除漏洞 && 栈溢出
http://www.cnblogs.com/iamstudy/articles/Asuswrt_RT-AC68U_CVE-2018-6636_Detail.html

[工具] Acunetix Web Vulnerability Scanner Update最新版本，提取码：hrf6
https://pan.baidu.com/s/1o7JBOAu

[漏洞分析] Redis未授权访问漏洞的重现与利用
http://www.freebuf.com/vuls/162035.html

[编程技术] freshonions-torscraper: TOR spider / hidden service onion crawler
https://github.com/dirtyfilthy/freshonions-torscraper

[恶意分析] Analyzing GrandSoft Exploit Kit
http://www.nao-sec.org/2018/02/analyzing-grandsoft-exploit-kit.html

[编程技术] yispider: 一款分布式爬虫平台
https://github.com/2young2simple/yispider

[Web安全] 某租车系统JAVA代码审计
http://www.freebuf.com/articles/web/162910.html

[数据挖掘] src_edu: edu站点及其对应的子域名
https://github.com/v1cker/src_edu

[Web安全] Mostly CTF notes
https://github.com/Shiva108/CTF-notes

[漏洞分析] Zero-day vulnerability in Telegram
https://securelist.com/zero-day-vulnerability-in-telegram/83800/

[数据挖掘] AI安全风险白皮书
http://www.4hou.com/technology/10391.html

[工具] A tool for automating cracking methodologies through Hashcat from the TrustedSec
https://github.com/trustedsec/hate_crack

[Web安全] 我对OAuth协议安全性的一点思考
https://www.anquanke.com/post/id/98392

[恶意分析] Analysis-Tools: 恶意软件分析套件
https://github.com/ExpLife/Analysis-Tools

[编程技术] Docker 微服务教程
http://www.ruanyifeng.com/blog/2018/02/docker-wordpress-tutorial.html

[取证分析] t-pot-autoinstall: Autoinstall T-Pot on Ubuntu 16.04
https://github.com/dtag-dev-sec/t-pot-autoinstall

[数据挖掘] 2017年 AI安全风险白皮书
https://www.anquanke.com/post/id/98300

[设备安全] use-powershell-to-find-the-history-of-usb-flash-drive-usage
https://blogs.technet.microsoft.com/heyscriptingguy/2012/05/18/use-powershell-to-find-the-history-of-usb-flash-drive-usage/

[文档] Olympic Destroyer Takes Aim At Winter Olympics
http://blog.talosintelligence.com/2018/02/olympic-destroyer.html

[运维安全] Attacks Against Windows PXE Boot Images
https://blog.netspi.com/attacks-against-windows-pxe-boot-images/

[工具] Exploitation challenges for CTF
https://github.com/abhisek/pwnworks

[Web安全] The bug bounty program that changed my life
http://10degres.net/the-bugbounty-program-that-changed-my-life/

[恶意分析] 针对“DorkBot”的样本分析
http://www.freebuf.com/articles/network/162324.html

[工具] A collection of vulnerable ARM binaries for practicing exploit development
https://github.com/Billy-Ellis/Exploit-Challenges

[恶意分析] Antivirus Scanning of a PCAP File
http://www.netresec.com/?page=Blog&month=2018-02&post=Antivirus-Scanning-of-a-PCAP-File

[数据挖掘] Buckhacker – Search Amazon Server Data
https://uwnthesis.wordpress.com/2018/02/14/buckhacker-search-amazon-server-data/

[工具] Fully undetected backdoor with RSA Encrypted shell
https://github.com/Eitenne/TopHat

[设备安全] vshadow-abusing-the-volume-shadow-service-for-evasion-persistence-and-active-dir
https://bohops.com/2018/02/10/vshadow-abusing-the-volume-shadow-service-for-evasion-persistence-and-active-directory-database-extraction/

[取证分析] WhatsApp取证：解密数据库并提取Android设备上已删除信息
http://www.4hou.com/mobile/10404.html

[Web安全] MySQL UDF Exploitation
https://osandamalith.com/2018/02/11/mysql-udf-exploitation/

[取证分析] Standards related to Threat Intelligence
https://www.threat-intelligence.eu/standards/

[文档] 关于浏览器安全的会议PPT
https://www.kanxue.com/book-9-208.htm

[工具] Pymap-Scanner - Python Scanner with
https://github.com/azizaltuntas/Pymap-Scanner

-----微信ID：SecWiki-----
SecWiki，13年来一直专注安全技术资讯分析！
SecWiki：https://www.sec-wiki.com

本期原文地址: SecWiki周刊(第207期)

SecWiki周刊（第207期）

最新公告

友情链接

SecWiki公众号

安全学术圈