SecWiki周刊(第21期)
2014/07/21-2014/07/27
安全资讯
[移动安全]  Forensic scientist identifies suspicious back doors' running on every iOS device
http://www.zdnet.com/forensic-scientist-identifies-suspicious-back-doors-running-on-every-ios-device-7000031795/
安全技术
[Web安全]  《安全参考》HACKCTO-201407-19
http://pan.baidu.com/s/1c0eoN8c
[数据挖掘]  Toward Scalable Systems for Big Data Analytics: A Technology Tutorial
http://ieeexplore.ieee.org/xpl/articleDetails.jsp?reload=true&arnumber=6842585
[数据挖掘]  Machine Learning Surveys
http://www.mlsurveys.com/
[漏洞分析]  简单修改了cve-2011-3402的内核提权ShellCode
http://debugwar.com/archives/313/change_shellcode_cve-2011-3402
[Web安全]  2014年澳大利亚信息安全挑战 CySCA CTF 官方write up Crypto篇
http://drops.wooyun.org/tips/2618
[取证分析]  wireshark 实用技巧
https://community.emc.com/message/827199#827199
[Web安全]  SyScan360 2014 Program
http://www.syscan360.org/en/schedule.html
[Web安全]  playweb:基于分布式网络安全扫描系统实现
http://yaseng.me/yaseng-graduation-thesis-playweb.html
[Web安全]  内网渗透之-域渗透基础
http://www.91ri.org/10154.html
[运维安全]  配置ModSecurity防火墙与OWASP规则
http://drops.wooyun.org/tips/2614
[Web安全]  TSRC挑战赛: PHP防御绕过挑战实录
http://security.tencent.com/index.php/blog/msg/58
[其它]  Academic Universe:A Platform for Exploring Linked Academic Objects
http://soscholar.com/universe/
[Web安全]  TSRC挑战赛: PHP场景中getshell防御思路分享
http://security.tencent.com/index.php/blog/msg/57
[Web安全]  无声杯 xss 挑战赛 writeup
http://drops.wooyun.org/tips/2671
[恶意分析]  McAfee Advanced Threat Defense Test
http://www.mcafee.com/us/resources/reports/rp-advanced-threat-defense-test.pdf
[漏洞分析]  Advanced Exploitation of VirtualBox 3D Acceleration VM Escape Vulnerability
http://www.vupen.com/blog/20140725.Advanced_Exploitation_VirtualBox_VM_Escape.php
[漏洞分析]  CVE-2014-3153 Exploit
http://www.clevcode.org/cve-2014-3153-exploit/
[恶意分析]  后现代艺术:解构主义APT
http://0x.557.im/swan/201407/23_73.html
[恶意分析]  chopshop:Protocol Analysis/Decoder Framework
https://github.com/MITRECND/chopshop
[移动安全]  iOS后门笔记
http://blog.est.im/post/92537193330
[Web安全]  Python教程网络安全篇
http://drops.wooyun.org/tips/2568
[Web安全]  Hacking Clients with WPAD (Web Proxy Auto-Discovery) Protocol
http://resources.infosecinstitute.com/hacking-clients-wpad-web-proxy-auto-discovery-protocol/
[编程技术]  借助开源项目,学习软件开发
https://github.com/zhuangbiaowei/learn-with-open-source
[恶意分析]  2014H1绿盟科技DDoS威胁报告
http://www.nsfocus.com/report/H1_2014_DDoS_THEATS_REPORT.pdf
[漏洞分析]  Threat Research, Analysis, and Mitigation
http://www.fireeye.com/blog/
[运维安全]  我是如何”黑掉”91Ri的
http://www.91ri.org/10085.html
[恶意分析]  Samples from the conflict in Syria
http://syrianmalware.com/
[编程技术]  RPC 库 grpc
https://bitbucket.org/seewind/grpc
[漏洞分析]  x64_dbg:An open-source x64/x32 debugger for windows
http://x64dbg.com/#start
[Web安全]  如何建立高效的安全测试
http://www.freebuf.com/video/38608.html
-----微信ID:SecWiki-----
SecWiki,12年来一直专注安全技术资讯分析!
SecWiki:https://www.sec-wiki.com

本期原文地址: SecWiki周刊(第21期)