SecWiki周刊(第216期)
2018/04/16-2018/04/22
安全资讯
[其它]  黑客袁哥:寻原初之力 秉正义之剑
https://m.mp.oeeee.com/a/BAAFRD00002018041675442.html
[新闻]  美军网络任务部队最新部署
https://mp.weixin.qq.com/s/M5Q_oV_7p04VwtUHho86vQ
[新闻]  全国医院信息化建设标准与规范
http://www.nhfpc.gov.cn/guihuaxxs/s10741/201804/5711872560ad4866a8f500814dcd7ddd.shtml
[Web安全]  Weblogic反序列化命令执行漏洞_CVE-2018-2628
https://nosec.org/my/threats/1608
[会议]  RSA 2018 全球高质量安全产品了解一下
https://www.anquanke.com/post/id/105379
[新闻]  加速推动信息领域核心技术突破
https://mp.weixin.qq.com/s/S_HmemBo4wU22e6RJ_qDxw
[新闻]  习近平:自主创新推进网络强国建设
http://www.xinhuanet.com/politics/2018-04/18/c_1122704349.htm
安全技术
[Web安全]  Weblogic反序列化漏洞(CVE-2018-2628)
https://github.com/shengqi158/CVE-2018-2628
[运维安全]  驭龙hids入侵检测功能初探
http://pirogue.org/2018/04/20/yulong-hids/
[漏洞分析]  CVE-2018-2628 简单复现与分析
https://mp.weixin.qq.com/s/nYY4zg2m2xsqT0GXa9pMGA
[其它]  知识星球"灰袍技能" 2017 精华
https://chrislinn.gitbooks.io/greyhame-2017/
[漏洞分析]  打破基于OpenResty的WEB安全防护(CVE-2018-9230)
https://www.anquanke.com/post/id/103771
[恶意分析]  nebula: "星云"业务风控系统
https://github.com/threathunterX/nebula
[Web安全]  CVE申请的那些事
http://www.freebuf.com/articles/rookie/168362.html
[比赛]  DDCTF 2018 Web Writeup
http://sec2hack.com/ctf/ddctf-2018-web-writeup.html
[Web安全]  Bypass X-WAF SQL注入防御(多姿势)
https://mp.weixin.qq.com/s/5TQddrOqa8MmtsuHoCRu0Q
[编程技术]  正方教务系统验证码识别
http://uknowsec.cn/posts/notes/%E6%AD%A3%E6%96%B9%E6%95%99%E5%8A%A1%E7%B3%BB%E7%BB%9F%E9%AA%8C%E8%AF%81%E7%A0%81%E8%AF%86%E5%88%AB.html
[观点]  信息安全从业者入门(入职)指南
https://weibo.com/ttarticle/p/show?id=2309404229525654378347
[取证分析]  用零宽度字符水印揭露泄密者身份
http://www.freebuf.com/articles/web/167903.html
[数据挖掘]  180页PPT,讲解人工智能技术与产业发展
https://mp.weixin.qq.com/s/s8VLWjXrVCrTt4v2d3MoIQ
[数据挖掘]  解析卷积神经网络—深度学习实践手册
http://lamda.nju.edu.cn/weixs/book/CNN_book.html
[取证分析]  weblogger: 针对ctf线下赛流量抓取(php)、真实环境流量抓取分析的工具
https://github.com/wupco/weblogger
[Web安全]  狗子的XSS学习之旅
https://xz.aliyun.com/t/2296
[文档]  CISSP 2017资料
https://pan.baidu.com/s/1tr4hKWzeLj3bcdmdyJ7Iqw
[Web安全]  AutoFuck: 自动识别cms并且加载相关poc自动攻击
https://github.com/fengxuangit/AutoFuck
[漏洞分析]  CVE-2018-0171 Cisco Smart Install远程代码执行漏洞分析
https://www.anquanke.com/post/id/105473
[比赛]  从0CTF一道题看move_uploaded_file的一个细节问题
https://www.anquanke.com/post/id/103784
[漏洞分析]  Drupal 7 - CVE-2018-7600 PoC Writeup
https://ricterz.me/posts/Drupal%207%20-%20CVE-2018-7600%20PoC%20Writeup
[运维安全]  shield: 基于Strom的日志实时流量分析主动防御(CCFirewall)系统
https://github.com/gy-games/shield
[漏洞分析]  Whatsapp user’s IP disclosure with Link Preview feature
https://medium.com/@kankrale.rahul/whatsapp-users-ip-disclosure-with-link-preview-feature-39a477f54fba
[运维安全]  宜信防火墙自动化运维之路
http://www.freebuf.com/articles/security-management/166895.html
[比赛]  DDCTF2018 部分writeup
http://phantom0301.cc/2018/04/20/ddctf2018/
[观点]  工作中如何做好技术积累
https://tech.meituan.com/study_vs_work.html
[运维安全]  A tool for covert execution in Linux.
https://github.com/emptymonkey/mimic
[Web安全]  Python反序列化漏洞的花式利用
https://xz.aliyun.com/t/2289
[恶意分析]  吃鸡辅助远控木马分析
https://www.anquanke.com/post/id/105670
[运维安全]  Pam-Python实现SSH的短信双因素认证
http://www.freebuf.com/articles/web/165139.html
[恶意分析]  从一次溯源窥探地下YY直播洗号产业链
https://www.anquanke.com/post/id/105043
[数据挖掘]  生成式对抗网络GAN的研究进展与展望
https://mp.weixin.qq.com/s/QiIRIHiGv6u-4QfK8awKpw
[恶意分析]  Steam新型盗号木马及产业链分析报告
https://cert.360.cn/static/files/Steam%E6%96%B0%E5%9E%8B%E7%9B%97%E5%8F%B7%E6%9C%A8%E9%A9%AC%E5%8F%8A%E4%BA%A7%E4%B8%9A%E9%93%BE%E5%88%86%E6%9E%90.pdf
[漏洞分析]  CVE-2018-4121 - Safari Wasm Sections POC RCE Exploit
https://github.com/mwrlabs/CVE-2018-4121
[Web安全]  XSS in pastebin.com via unsanitized markdown output
https://github.com/Nhoya/PastebinMarkdownXSS
[设备安全]  Lateral Attacks Between IoT Devices: The Technical Details
http://blog.senr.io/blog/lateral-attacks-between-iot-devices-the-technical-details
[Web安全]  Bypass CSP by Abusing XSS Filter in Edge
https://medium.com/bugbountywriteup/bypass-csp-by-abusing-xss-filter-in-edge-43e9106a9754
[杂志]  SecWiki周刊(第215期)
https://www.sec-wiki.com/weekly/215
[Web安全]  记一次渗透测试过程中的Zabbix命令执行利用
http://www.freebuf.com/articles/web/168819.html
[恶意分析]  APT Trends report Q1 2018
https://securelist.com/apt-trends-report-q1-2018/85280/
[Web安全]  浅谈如何建立互联网风控系统
http://mp.weixin.qq.com/s/_tTtWv5f-r2ihNysZz0LAw
[漏洞分析]  Windows: WLDP CLSID policy .NET COM Instantiation UMCI Bypass
https://bugs.chromium.org/p/project-zero/issues/detail?id=1514
[恶意分析]  Ember: An Open Source Classifier And Dataset
https://github.com/endgameinc/ember
[运维安全]  Hardening Script for Linux Servers/ Secure LAMP-LEMP Deployer
https://github.com/Jsitech/JShielder
[设备安全]  The IoT Hacker's Toolkit
https://systemoverlord.com/2018/04/16/the-iot-hackers-toolkit.html
[文档]  how-to-become-a-cyber-forensics-expert
https://www.peerlyst.com/posts/how-to-become-a-cyber-forensics-expert-abhinav-singh
[运维安全]  SMB Protocol Bruteforce
https://github.com/m4ll0k/SMBrute
[移动安全]  iOS应用逆向工程资料汇总
https://everettjf.github.io/2018/01/15/ios-app-reverse-engineering-stuff/
[取证分析]  检测攻击的基础日志服务器 Part2:日志聚合
https://www.anquanke.com/post/id/103348
[恶意分析]  利用Digital Ocean构建远控基础设施
http://www.4hou.com/technology/11107.html
[运维安全]  Abusing Linux's firewall: the hack that allowed us to build Spectrum
https://blog.cloudflare.com/how-we-built-spectrum/
[Web安全]  毕业设计之php RASP(一) hook函数
http://www.cnblogs.com/iamstudy/articles/php_code_rasp_1.html
[观点]  创新沙盒初探 (2) - RSAC2018之二
https://mp.weixin.qq.com/s/KEF458q-88jzrpRq6JpCUA
[恶意分析]  写在“软件基因技术”分论坛之后(一)
https://mp.weixin.qq.com/s/qpVmvTuq6cIl2rQFclX4Yw
[恶意分析]  Virtual Machine for Adversary Emulation and Threat Hunting
https://github.com/redhuntlabs/RedHunt-OS/
[工具]  Polymorph: A Real-Time Network Packet Manipulation Framework
https://www.exploit-db.com/docs/english/44457-polymorph-a-real-time-network-packet-manipulation-framework.pdf
[Web安全]  Vultr Domain Hijacking
https://vincentyiu.co.uk/vultr-domain-hijacking/
[Web安全]  WebExtension security - Part 1
http://leucosite.com/WebExtension-Security/
[设备安全]  Awesome Firmware Security & Other Helpful Documents
https://github.com/PreOS-Security/awesome-firmware-security
[Web安全]  WordPress hacked site – forensics report
https://www.glenscott.co.uk/wordpress-hacked-site-forensics-report/
[漏洞分析]  Go AST Scanner:Inspects source code for security problems
https://github.com/GoASTScanner/gas
[Web安全]  MYSQL新特性secure_file_priv对读写文件的影响
https://xz.aliyun.com/t/2293
[移动安全]  Damn Vulnerable iOS App (DVIA) is an iOS application that is damn vulnerable.
https://github.com/prateek147/DVIA-v2
[漏洞分析]  $5k Service dependencies
https://sites.google.com/site/testsitehacking/-5k-service-dependencies
[漏洞分析]  bug-monitor: Seebug、structs、cve漏洞实时监控推送系统
https://github.com/FortuneC00kie/bug-monitor
[恶意分析]  基于机器学习的家用物联网设备DDoS检测
https://xz.aliyun.com/t/2285
[漏洞分析]  Windows Exploitation Tricks: Exploiting Arbitrary File Writes for Local Elevatio
https://googleprojectzero.blogspot.in/2018/04/windows-exploitation-tricks-exploiting.html
[恶意分析]  写在“软件基因分论”之后(二)
https://mp.weixin.qq.com/s/_cStfXSfXII8m5ary4fzWg
[编程技术]  Golang for Security Professionals
https://github.com/parsiya/Hacking-with-Go
[Web安全]  Firefox 56.0 302 Redirect URL Spoofing Vulnerability
http://rm-rf.gg/2018/04/19/Firefox_302_Redirect_URL_Spoofing_Vulnerability.html
[漏洞分析]  Automotive Industry Guidelines for Secure Over-the-Air Updates
https://fastr.org/wp-content/uploads/2018/04/FASTR_AutomotiveIndustry_Guidelines_SecureOver-the-Air_Updates_v2.pdf
[漏洞分析]  An Empirical Analysis of Traceability in the Monero Blockchain
https://www.andrew.cmu.edu/user/nicolasc/publications/Moeser-PETS18.pdf
[编程技术]  Source code about machine learning and security.
https://github.com/13o-bbr-bbq/machine_learning_security
-----微信ID:SecWiki-----
SecWiki,5年来一直专注安全技术资讯分析!
SecWiki:https://www.sec-wiki.com

本期原文地址: SecWiki周刊(第216期)