SecWiki周刊(第210期)
2018/03/05-2018/03/11
安全资讯
Hacking Team's infamous surveillance tool detected by ESET systems
https://www.welivesecurity.com/2018/03/09/new-traces-hacking-team-wild/
https://www.welivesecurity.com/2018/03/09/new-traces-hacking-team-wild/
美国2018年版《国防战略报告》概要(全文翻译)
https://mp.weixin.qq.com/s/m_aj7s3X0MtDK1ADpV5dGQ
https://mp.weixin.qq.com/s/m_aj7s3X0MtDK1ADpV5dGQ
3月7日这一夜,黑客耍了所有人
https://mp.weixin.qq.com/s/z39hBMif1bQJeb4Ar_zRAw
https://mp.weixin.qq.com/s/z39hBMif1bQJeb4Ar_zRAw
直接接管暗网网站,钓出几十万毒品买卖家信息
https://mp.weixin.qq.com/s/DqE9u4eSClAA7d1MFuUcBA
https://mp.weixin.qq.com/s/DqE9u4eSClAA7d1MFuUcBA
安全技术
tombkeeper 教主微博语录
https://github.com/findneo/TKposts
https://github.com/findneo/TKposts
Newbie-Security-List-网络安全学习资料小合集
https://github.com/findneo/Newbie-Security-List
https://github.com/findneo/Newbie-Security-List
Hunting-Attacker-Activities
https://www.botconf.eu/wp-content/uploads/2017/12/2017_tomonaga-muda-Hunting-Attacker-Activities.pdf
https://www.botconf.eu/wp-content/uploads/2017/12/2017_tomonaga-muda-Hunting-Attacker-Activities.pdf
Java Web 代码安全审计实战1-跨站 XSS
https://www.ibm.com/developerworks/cn/java/j-lo-audit-xss/index.html
https://www.ibm.com/developerworks/cn/java/j-lo-audit-xss/index.html
Java Web 代码安全审计实战2-SQL 注入
https://www.ibm.com/developerworks/cn/java/j-lo-audit-sql-injection/index.html
https://www.ibm.com/developerworks/cn/java/j-lo-audit-sql-injection/index.html
ThinkSNS_V4 后台任意文件下载导致Getshell
https://mp.weixin.qq.com/s?__biz=MzA3NzE2MjgwMg==&mid=2448903598&idx=1&sn=597d488c492fca52b49b0f5ddddcadb8&chksm=8b55ddf3bc2254e5135ff7f9a10cdde3ce710e32d53fb4575b02411a9b3bbe23ec26207f8196&mpshare=1&scene=23&srcid=0311KzWTeNcTSxfCLzcIRd7F#rd
https://mp.weixin.qq.com/s?__biz=MzA3NzE2MjgwMg==&mid=2448903598&idx=1&sn=597d488c492fca52b49b0f5ddddcadb8&chksm=8b55ddf3bc2254e5135ff7f9a10cdde3ce710e32d53fb4575b02411a9b3bbe23ec26207f8196&mpshare=1&scene=23&srcid=0311KzWTeNcTSxfCLzcIRd7F#rd
EasySNS_V1.6远程图片本地化导致Getshell
https://mp.weixin.qq.com/s?__biz=MzA3NzE2MjgwMg==&mid=2448903594&idx=1&sn=5e4395fca668f5ce466353317e5f44f7&chksm=8b55ddf7bc2254e1c0c125e0f2190990b4b0b271c36d7b2af80d6cac75da8bb09473b1fb3cbe&mpshare=1&scene=23&srcid=0311nNZoJktliQhkFAL2s307#rd
https://mp.weixin.qq.com/s?__biz=MzA3NzE2MjgwMg==&mid=2448903594&idx=1&sn=5e4395fca668f5ce466353317e5f44f7&chksm=8b55ddf7bc2254e1c0c125e0f2190990b4b0b271c36d7b2af80d6cac75da8bb09473b1fb3cbe&mpshare=1&scene=23&srcid=0311nNZoJktliQhkFAL2s307#rd
Java Web 代码安全审计实战3-文件路径操纵、系统日志欺骗、线程安全和资源未释放
https://www.ibm.com/developerworks/cn/java/j-lo-audit-file-safe/index.html
https://www.ibm.com/developerworks/cn/java/j-lo-audit-file-safe/index.html
PaperAirplane: 一个类似于Proxifier的SOCKS5代理工具
https://github.com/liulilittle/PaperAirplane
https://github.com/liulilittle/PaperAirplane
从SQL注入到Getshell:记一次禅道系统的渗透
http://www.cnblogs.com/iamstudy/articles/chandao_pentest_1.html
http://www.cnblogs.com/iamstudy/articles/chandao_pentest_1.html
区块链安全 - 以太坊短地址攻击
http://blog.csdn.net/u011721501/article/details/79476587
http://blog.csdn.net/u011721501/article/details/79476587
ATT&CK™ Navigator: 新版恶意策略、技术和常识模型
https://mitre.github.io/attack-navigator/enterprise/
https://mitre.github.io/attack-navigator/enterprise/
PHP SSRF Techniques - How to bypass filter_var(), preg_match() and parse_url()
https://medium.com/secjuice/php-ssrf-techniques-9d422cb28d51
https://medium.com/secjuice/php-ssrf-techniques-9d422cb28d51
The Bug Hunters Methodology v2.1
https://docs.google.com/presentation/d/1VpRT8dFyTaFpQa9jhehtmGaC7TqQniMSYbUdlHN6VrY/edit#slide=id.p
https://docs.google.com/presentation/d/1VpRT8dFyTaFpQa9jhehtmGaC7TqQniMSYbUdlHN6VrY/edit#slide=id.p
Java Web 代码安全审计实战4-环境加固
https://www.ibm.com/developerworks/cn/java/j-lo-audit-environmental-reinforcement/index.html
https://www.ibm.com/developerworks/cn/java/j-lo-audit-environmental-reinforcement/index.html
Java代码审计-层层推进
https://mp.weixin.qq.com/s/muv_q5ENH_0_zpWZqqvHVw
https://mp.weixin.qq.com/s/muv_q5ENH_0_zpWZqqvHVw
Drcomdecoder: Drcom 数据库账号密码加解密
https://github.com/scanfsec/Drcomdecoder
https://github.com/scanfsec/Drcomdecoder
Mozilla Rhino 反序列化漏洞 POC 分析
https://mp.weixin.qq.com/s/qm3mS78r43IIOHgZ-6YyGw
https://mp.weixin.qq.com/s/qm3mS78r43IIOHgZ-6YyGw
Exim Off-by-one RCE: Exploiting CVE-2018-6789 with Fully Mitigations Bypassing
https://devco.re/blog/2018/03/06/exim-off-by-one-RCE-exploiting-CVE-2018-6789-en/
https://devco.re/blog/2018/03/06/exim-off-by-one-RCE-exploiting-CVE-2018-6789-en/
S7scan: 集七种功能的漏洞综合检测利用工具
https://github.com/jiangsir404/S7scan
https://github.com/jiangsir404/S7scan
SSH后门分析总结
https://blog.formsec.cn/2018/02/13/SSH%e5%90%8e%e9%97%a8%e5%88%86%e6%9e%90%e6%80%bb%e7%bb%93/
https://blog.formsec.cn/2018/02/13/SSH%e5%90%8e%e9%97%a8%e5%88%86%e6%9e%90%e6%80%bb%e7%bb%93/
Getting any Facebook user's friend list and partial payment card details
https://www.josipfranjkovic.com/blog/facebook-friendlist-paymentcard-leak
https://www.josipfranjkovic.com/blog/facebook-friendlist-paymentcard-leak
Python Remote Administration Tool (RAT) to gain meterpreter session
https://github.com/islamTaha12/Python-Rootkit
https://github.com/islamTaha12/Python-Rootkit
Abusing Certificate Transparency logs for getting HTTPS websites subdomains.
https://github.com/UnaPibaGeek/ctfr
https://github.com/UnaPibaGeek/ctfr
以太坊区块链网络的Eclipse攻击详解
http://www.4hou.com/technology/10570.html
http://www.4hou.com/technology/10570.html
SecWiki周刊(第209期)
https://www.sec-wiki.com/weekly/209
https://www.sec-wiki.com/weekly/209
Source Code Search Engine
https://publicwww.com/
https://publicwww.com/
血族手游Lua脚本及资源文件解密
https://blog.sectown.cn/archives/320/
https://blog.sectown.cn/archives/320/
基于MetaSploit内网穿透渗透测试
https://blog.sectown.cn/archives/323/
https://blog.sectown.cn/archives/323/
Apache Fineract SQL Inject—CVE-2017-5663
https://xianzhi.aliyun.com/forum/topic/1978
https://xianzhi.aliyun.com/forum/topic/1978
Encryption 101系列:破解之道
https://xianzhi.aliyun.com/forum/topic/2132
https://xianzhi.aliyun.com/forum/topic/2132
digital-forensics-artifacts-of-interactive-sessions
https://countuponsecurity.com/2017/11/22/digital-forensics-artifacts-of-interactive-sessions/comment-page-1
https://countuponsecurity.com/2017/11/22/digital-forensics-artifacts-of-interactive-sessions/comment-page-1
渗透Facebook 的思路与发现
https://xianzhi.aliyun.com/forum/topic/2128
https://xianzhi.aliyun.com/forum/topic/2128
爬虫基础篇[Web 漏洞扫描器]
http://blog.fatezero.org/2018/03/05/web-scanner-crawler-01/
http://blog.fatezero.org/2018/03/05/web-scanner-crawler-01/
Debug Blocker反调试技术分析
https://www.anquanke.com/post/id/100115
https://www.anquanke.com/post/id/100115
2017年我国联网智能设备安全情况报告
https://mp.weixin.qq.com/s/3t8-Wc-0Z0ROB66A36jZ4w
https://mp.weixin.qq.com/s/3t8-Wc-0Z0ROB66A36jZ4w
威胁情报之落地实战-由灰向黑篇
https://mp.weixin.qq.com/s/-EcZnVvwBo2AEO7aHUIvMQ
https://mp.weixin.qq.com/s/-EcZnVvwBo2AEO7aHUIvMQ
CVE-2018-4878 (Flash Player up to 28.0.0.137) and Exploit Kits
https://malware.dontneedcoffee.com/2018/03/CVE-2018-4878.html
https://malware.dontneedcoffee.com/2018/03/CVE-2018-4878.html
0xB8 威胁情报体系与企业SIEM结合的那些套路—威胁情报的需求判定和选择
https://zhuanlan.zhihu.com/p/34336700?group_id=955089373448953856
https://zhuanlan.zhihu.com/p/34336700?group_id=955089373448953856
How I found a $5,000 Google Maps XSS (by fiddling with Protobuf)
https://medium.com/@marin_m/how-i-found-a-5-000-google-maps-xss-by-fiddling-with-protobuf-963ee0d9caff
https://medium.com/@marin_m/how-i-found-a-5-000-google-maps-xss-by-fiddling-with-protobuf-963ee0d9caff
使用 Pin 和 Cuckoo 自动化追踪恶意软件
http://blog.fernandodominguez.me/automating-malware-tracing-with-pin-and-cuckoo/
http://blog.fernandodominguez.me/automating-malware-tracing-with-pin-and-cuckoo/
malware-ioc: Indicators of Compromises (IOC) of eset
https://github.com/eset/malware-ioc
https://github.com/eset/malware-ioc
Code Review Best Practices
https://medium.com/@palantir/code-review-best-practices-19e02780015f
https://medium.com/@palantir/code-review-best-practices-19e02780015f
Headless Chrome and API
https://thief.one/2018/03/06/1/
https://thief.one/2018/03/06/1/
Lazarus APT组织最新攻击活动揭露
https://mp.weixin.qq.com/s/-cCnpo1kBebvJ7WMRj65tg
https://mp.weixin.qq.com/s/-cCnpo1kBebvJ7WMRj65tg
Password Filter DLL在渗透测试中的应用
https://3gstudent.github.io/3gstudent.github.io/Password-Filter-DLL%E5%9C%A8%E6%B8%97%E9%80%8F%E6%B5%8B%E8%AF%95%E4%B8%AD%E7%9A%84%E5%BA%94%E7%94%A8/
https://3gstudent.github.io/3gstudent.github.io/Password-Filter-DLL%E5%9C%A8%E6%B8%97%E9%80%8F%E6%B5%8B%E8%AF%95%E4%B8%AD%E7%9A%84%E5%BA%94%E7%94%A8/
企业安全项目-前端绕过专项整改
http://mp.weixin.qq.com/s/0zWcGrZwB5siMNDeFUJcEg
http://mp.weixin.qq.com/s/0zWcGrZwB5siMNDeFUJcEg
Laravel Stored XSS Vulnerability
https://x1m.nl/poc/2018/03/07/Laravel-XSS-Vuln/
https://x1m.nl/poc/2018/03/07/Laravel-XSS-Vuln/
利用Debug Help Library定位Windows NT内核未导出的函数和结构体
http://www.4hou.com/system/10590.html
http://www.4hou.com/system/10590.html
如何清除window上的RDP连接记录
https://xianzhi.aliyun.com/forum/topic/2102
https://xianzhi.aliyun.com/forum/topic/2102
针对Linux邮件传输代理Exim缓冲区溢出漏洞的分析
https://www.anquanke.com/post/id/100447
https://www.anquanke.com/post/id/100447
谈谈Selenium Server的安全问题 - 未完
http://www.polaris-lab.com/index.php/archives/454/
http://www.polaris-lab.com/index.php/archives/454/
OpticSpy:用于解码光学隐蔽信道传输的数据的工具
http://www.4hou.com/tools/10583.html
http://www.4hou.com/tools/10583.html
敏信审计系列之Dorado5开发框架
https://xianzhi.aliyun.com/forum/topic/2114
https://xianzhi.aliyun.com/forum/topic/2114
Port-knocking 简单教程
http://www.cnblogs.com/xiaoxiaoleo/p/8523322.html
http://www.cnblogs.com/xiaoxiaoleo/p/8523322.html
TOMCAT安全测试概要
http://www.91ri.org/17611.html
http://www.91ri.org/17611.html
XSS-hunter: 收集Webview 页面上存在的反射,储存型XSS
https://github.com/lcatro/XSS-hunter
https://github.com/lcatro/XSS-hunter
以“威胁应对”为中心,看企业信息安全能力建设
https://www.sec-un.org/%E4%BB%A5%E5%A8%81%E8%83%81%E5%BA%94%E5%AF%B9%E4%B8%BA%E4%B8%AD%E5%BF%83%E7%9C%8B%E4%BC%81%E4%B8%9A%E4%BF%A1%E6%81%AF%E5%AE%89%E5%85%A8%E8%83%BD%E5%8A%9B%E5%BB%BA%E8%AE%BE-%E6%9D%8E/
https://www.sec-un.org/%E4%BB%A5%E5%A8%81%E8%83%81%E5%BA%94%E5%AF%B9%E4%B8%BA%E4%B8%AD%E5%BF%83%E7%9C%8B%E4%BC%81%E4%B8%9A%E4%BF%A1%E6%81%AF%E5%AE%89%E5%85%A8%E8%83%BD%E5%8A%9B%E5%BB%BA%E8%AE%BE-%E6%9D%8E/
区块链安全-DAO攻击事件解析
http://blog.csdn.net/u011721501/article/details/79450122
http://blog.csdn.net/u011721501/article/details/79450122
how-to-learn-powershell(内有部分资源列表)
http://www.jaapbrasser.com/how-to-learn-powershell/
http://www.jaapbrasser.com/how-to-learn-powershell/
An Exploration of Security When Building Docker Containers
https://blog.heroku.com/exploration-of-security-when-building-docker-containers
https://blog.heroku.com/exploration-of-security-when-building-docker-containers
finding-evil-whitelist
https://www.sans.org/reading-room/whitepapers/Whitelists/finding-evil-whitelist-35832?show=finding-evil-whitelist-35832
https://www.sans.org/reading-room/whitepapers/Whitelists/finding-evil-whitelist-35832?show=finding-evil-whitelist-35832
fineract v1.1.0 CVE三连爆
https://mp.weixin.qq.com/s/g3qha-O4gdMZQrPmXEcy_A
https://mp.weixin.qq.com/s/g3qha-O4gdMZQrPmXEcy_A
Deconstructing the Xbox Boot ROM
https://mborgerson.com/deconstructing-the-xbox-boot-rom/
https://mborgerson.com/deconstructing-the-xbox-boot-rom/
敏信审计系列之dorado5开发框架
https://mp.weixin.qq.com/s/y1TOfw063Zh6DHhgLQPpzQ
https://mp.weixin.qq.com/s/y1TOfw063Zh6DHhgLQPpzQ
-----微信ID:SecWiki-----
SecWiki,13年来一直专注安全技术资讯分析!
SecWiki:https://www.sec-wiki.com本期原文地址: SecWiki周刊(第210期)
