SecWiki周刊(第212期)
2018/03/19-2018/03/25
安全资讯
Cloak and Data: The Real Story Behind Cambridge Analytica’s Rise and Fall
https://www.motherjones.com/politics/2018/03/cloak-and-data-cambridge-analytica-robert-mercer/
https://www.motherjones.com/politics/2018/03/cloak-and-data-cambridge-analytica-robert-mercer/
中央网络安全和信息化领导小组改为委员会
http://www.xinhuanet.com/2018-03/21/c_1122570517.htm
http://www.xinhuanet.com/2018-03/21/c_1122570517.htm
暗网:你的银行帐户值多少钱?
https://mp.weixin.qq.com/s/A8C1k2LQoJGiww8Wcsk-uA
https://mp.weixin.qq.com/s/A8C1k2LQoJGiww8Wcsk-uA
安全技术
金融企业信息安全团队建设(务实篇)
https://mp.weixin.qq.com/s/63OayK-ASWYWawhsyQfjaA
https://mp.weixin.qq.com/s/63OayK-ASWYWawhsyQfjaA
secbook: 信息安全从业者书单推荐
https://github.com/riusksk/secbook
https://github.com/riusksk/secbook
Web Application Security Testing
https://www.exploit-db.com/docs/english/44319-web-application-security-testing.pdf
https://www.exploit-db.com/docs/english/44319-web-application-security-testing.pdf
京东区块链技术实践白皮书(2018)
http://ledger.jd.com/files/%E4%BA%AC%E4%B8%9C%E5%8C%BA%E5%9D%97%E9%93%BE%E6%8A%80%E6%9C%AF%E5%AE%9E%E8%B7%B5%E7%99%BD%E7%9A%AE%E4%B9%A6%20-V1.0%2020180322.pdf
http://ledger.jd.com/files/%E4%BA%AC%E4%B8%9C%E5%8C%BA%E5%9D%97%E9%93%BE%E6%8A%80%E6%9C%AF%E5%AE%9E%E8%B7%B5%E7%99%BD%E7%9A%AE%E4%B9%A6%20-V1.0%2020180322.pdf
list of useful commands, shells and notes related to OSCP
https://github.com/crsftw/OSCP-cheat-sheet
https://github.com/crsftw/OSCP-cheat-sheet
蜜罐与内网安全从0到1(七)
https://sosly.me/index.php/2018/03/22/jymiguan7/
https://sosly.me/index.php/2018/03/22/jymiguan7/
企业安全建设实践之邮件安全
https://mp.weixin.qq.com/s/xCeae-I0juo8JfMZjbdoYQ
https://mp.weixin.qq.com/s/xCeae-I0juo8JfMZjbdoYQ
蜜罐与内网安全从0到1(五)
https://sosly.me/index.php/2018/03/20/jymiguan5/
https://sosly.me/index.php/2018/03/20/jymiguan5/
蜜罐与内网安全从0到1(六)
https://sosly.me/index.php/2018/03/21/jymiguan6/
https://sosly.me/index.php/2018/03/21/jymiguan6/
快速搭建一个轻量级OpenSOC架构的数据分析框架(一)
https://xianzhi.aliyun.com/forum/topic/2201
https://xianzhi.aliyun.com/forum/topic/2201
Web Application Penetration Testing Cheat Sheet
https://jdow.io/blog/2018/03/18/web-application-penetration-testing-methodology/
https://jdow.io/blog/2018/03/18/web-application-penetration-testing-methodology/
算法在社区氛围的应用(一):识别垃圾广告导流信息
https://zhuanlan.zhihu.com/p/34864372
https://zhuanlan.zhihu.com/p/34864372
Windbg USB3.0双机调试
http://anhkgg.com/windbg-usb3-dbg-win10/
http://anhkgg.com/windbg-usb3-dbg-win10/
SkyMonitoring: Android Static FrameWork, 埋点统计SDK
https://github.com/Tamicer/SkyMonitoring
https://github.com/Tamicer/SkyMonitoring
MsraMiner: 潜伏已久的挖矿僵尸网络
https://www.anquanke.com/post/id/101392
https://www.anquanke.com/post/id/101392
一起玩蛇-Python代码审计中的那些器I
https://mp.weixin.qq.com/s?__biz=MzI3Njk2OTIzOQ==&mid=2247484025&idx=1&sn=a2a6b9ca9f939c2459f438a649399589&chksm=eb6c2001dc1ba9172a5977acc20e6a426e5d58736a00891ea1839241033c95e2acd48ab0803d#rd
https://mp.weixin.qq.com/s?__biz=MzI3Njk2OTIzOQ==&mid=2247484025&idx=1&sn=a2a6b9ca9f939c2459f438a649399589&chksm=eb6c2001dc1ba9172a5977acc20e6a426e5d58736a00891ea1839241033c95e2acd48ab0803d#rd
GITC演讲PPT-Docker安全实践探索
https://mp.weixin.qq.com/s/Bb23b1XZba9eubXpNnKfNA
https://mp.weixin.qq.com/s/Bb23b1XZba9eubXpNnKfNA
PHP trick(代码审计关注点)
https://hacksec.xyz/2018/03/23/php-trick/
https://hacksec.xyz/2018/03/23/php-trick/
How to Build a Command & Control Infrastructure with Digital Ocean: C2K Revamped
https://www.blackhillsinfosec.com/how-to-build-a-command-control-infrastructure-with-digital-ocean-c2k-revamped/
https://www.blackhillsinfosec.com/how-to-build-a-command-control-infrastructure-with-digital-ocean-c2k-revamped/
利用了多种Office OLE特性的免杀样本分析及溯源
https://mp.weixin.qq.com/s/O8aLjaqMxtbAob_GKhasiw
https://mp.weixin.qq.com/s/O8aLjaqMxtbAob_GKhasiw
firepwd.py, an open source tool to decrypt Mozilla protected passwords
https://github.com/lclevy/firepwd
https://github.com/lclevy/firepwd
SQL和NoSQL注入浅析(下)
https://mp.weixin.qq.com/s/aaLdXIbMu_WVq8E65OAQsQ
https://mp.weixin.qq.com/s/aaLdXIbMu_WVq8E65OAQsQ
Taipan: Web application security scanner
https://github.com/taipan-scanner/Taipan
https://github.com/taipan-scanner/Taipan
CertDB — SSL certificates search engine
https://certdb.com/
https://certdb.com/
CSA报告| 《用区块链技术保障物联网安全》(附报告下载)
https://mp.weixin.qq.com/s/DShAaS_7YSYQle5FzyKGpQ
https://mp.weixin.qq.com/s/DShAaS_7YSYQle5FzyKGpQ
竹节虫:暗藏在常用工具软件中的后门
https://mp.weixin.qq.com/s/f62TtJcB4Fqyy4osOKd6PA
https://mp.weixin.qq.com/s/f62TtJcB4Fqyy4osOKd6PA
Attack Infrastructure Logging – Part 3: Graylog Dashboard 101
https://thevivi.net/2018/03/23/attack-infrastructure-logging-part-3-graylog-dashboard-101/
https://thevivi.net/2018/03/23/attack-infrastructure-logging-part-3-graylog-dashboard-101/
路由器漏洞复现分析第三弹:DVRF INTRO题目分析
http://www.freebuf.com/articles/wireless/163823.html
http://www.freebuf.com/articles/wireless/163823.html
Graylog:Enterprise Log Management for All
https://www.graylog.org/
https://www.graylog.org/
PyRat: PyRat,a rat by python xmlrpc
https://github.com/anhkgg/PyRat
https://github.com/anhkgg/PyRat
CIS Docker Community Edition Benchmark
https://success.docker.com/api/asset/.%2FDocker_Reference_Architecture-_Securing_Docker_EE_and_Security_Best_Practices%2FCIS_Docker_Community_Edition_Benchmark_v1.1.0.pdf
https://success.docker.com/api/asset/.%2FDocker_Reference_Architecture-_Securing_Docker_EE_and_Security_Best_Practices%2FCIS_Docker_Community_Edition_Benchmark_v1.1.0.pdf
Docker镜像扫描器的实现
https://mp.weixin.qq.com/s/nX--1jQR6-MgcyzTaNJFMw
https://mp.weixin.qq.com/s/nX--1jQR6-MgcyzTaNJFMw
混在运维部的安全员说“端口与口令安全”
http://www.freebuf.com/articles/web/165340.html
http://www.freebuf.com/articles/web/165340.html
游戏安全报告(2017 - 2018)
https://mp.weixin.qq.com/s/4j2MG4FzEUd1CzcBGr__YA
https://mp.weixin.qq.com/s/4j2MG4FzEUd1CzcBGr__YA
一般型网站日志接入大数据日志系统的实现
http://www.freebuf.com/column/166112.html
http://www.freebuf.com/column/166112.html
The life story of an IPT – Inept Persistent Threat actor
https://www.virusbulletin.com/virusbulletin/2018/03/vb2017-paper-life-story-ipt-inept-persistent-threat-actor/
https://www.virusbulletin.com/virusbulletin/2018/03/vb2017-paper-life-story-ipt-inept-persistent-threat-actor/
Uncovering a Bug in Cloudflare's Minification Service
https://blog.jli.host/posts/cf-auto-minify/
https://blog.jli.host/posts/cf-auto-minify/
SQL和NoSQL注入原理剖析(上)
https://mp.weixin.qq.com/s/LsqQo_04ROuf2_wLrBRRZQ#
https://mp.weixin.qq.com/s/LsqQo_04ROuf2_wLrBRRZQ#
Bank: 工控安全资料共享库
https://github.com/Gh05ter/Bank
https://github.com/Gh05ter/Bank
SecWiki周刊(第211期)
https://www.sec-wiki.com/weekly/211
https://www.sec-wiki.com/weekly/211
Windows下的密码hash—Net-NTLMv1介绍
https://xianzhi.aliyun.com/forum/topic/2205
https://xianzhi.aliyun.com/forum/topic/2205
小白都能看懂的JSON反序列化远程命令执行
http://www.freebuf.com/sectool/165655.html
http://www.freebuf.com/sectool/165655.html
关于CVE-2018-4901的研究
http://www.freebuf.com/vuls/164512.html
http://www.freebuf.com/vuls/164512.html
敏信审计系列之Apache-solr框架
https://mp.weixin.qq.com/s/6gsTTgl3AzfZF6h8wJ8INw
https://mp.weixin.qq.com/s/6gsTTgl3AzfZF6h8wJ8INw
CVE-2017-0135漏洞分析:利用Edge浏览器的XSS过滤器绕过CSP
http://www.freebuf.com/articles/web/164871.html
http://www.freebuf.com/articles/web/164871.html
泄漏 Facebook 内部 IP 地址
http://misteralfa-hack.blogspot.kr/2018/03/leaking-facebook-internal-ip.html
http://misteralfa-hack.blogspot.kr/2018/03/leaking-facebook-internal-ip.html
Use our suite of Ethereum security tools
https://blog.trailofbits.com/2018/03/23/use-our-suite-of-ethereum-security-tools/
https://blog.trailofbits.com/2018/03/23/use-our-suite-of-ethereum-security-tools/
Attack Infrastructure Logging – Part 4: Log Event Alerting
https://thevivi.net/2018/03/23/attack-infrastructure-logging-part-4-log-event-alerting/
https://thevivi.net/2018/03/23/attack-infrastructure-logging-part-4-log-event-alerting/
揭秘以太坊中潜伏多年的“偷渡”漏洞
http://www.sec-lab.io/2018/03/21/ethereum-smuggling-vulnerability/
http://www.sec-lab.io/2018/03/21/ethereum-smuggling-vulnerability/
unit42-telerat-another-android-trojan-leveraging-telegrams-bot-api-to-target-ira
https://researchcenter.paloaltonetworks.com/2018/03/unit42-telerat-another-android-trojan-leveraging-telegrams-bot-api-to-target-iranian-users/
https://researchcenter.paloaltonetworks.com/2018/03/unit42-telerat-another-android-trojan-leveraging-telegrams-bot-api-to-target-iranian-users/
Attack Infrastructure Logging – Part 2: Log Aggregation
https://thevivi.net/2018/03/23/attack-infrastructure-logging-part-2-log-aggregation/
https://thevivi.net/2018/03/23/attack-infrastructure-logging-part-2-log-aggregation/
Docker全面的安全防护
https://mp.weixin.qq.com/s/xyZGtiM1mfoWzsKNQr0MHA
https://mp.weixin.qq.com/s/xyZGtiM1mfoWzsKNQr0MHA
We need to talk about IDS signatures
http://blog.ptsecurity.com/2018/03/we-need-to-talk-about-ids-signature.html
http://blog.ptsecurity.com/2018/03/we-need-to-talk-about-ids-signature.html
配置一个安全的docker宿主机
https://mp.weixin.qq.com/s/Q4a5dhCwe9503SI6-xqFuQ
https://mp.weixin.qq.com/s/Q4a5dhCwe9503SI6-xqFuQ
Attack Infrastructure Logging – Part 1: Logging Server Setup
https://thevivi.net/2018/03/23/attack-infrastructure-logging-part-1-logging-server-setup/
https://thevivi.net/2018/03/23/attack-infrastructure-logging-part-1-logging-server-setup/
面向机器人的通讯机制安全研究与改进
http://www.freebuf.com/articles/wireless/165566.html
http://www.freebuf.com/articles/wireless/165566.html
-----微信ID:SecWiki-----
SecWiki,13年来一直专注安全技术资讯分析!
SecWiki:https://www.sec-wiki.com本期原文地址: SecWiki周刊(第212期)
