SecWiki周刊(第23期)
2014/08/04-2014/08/10
安全资讯
BlackHat 第二天:移动安全技术大有可为
http://www.dbappsecurity.com.cn/news/n2014/201408_08_01.html
http://www.dbappsecurity.com.cn/news/n2014/201408_08_01.html
Blackhat 2014 Floating Big in the Cybersecurity Bubble
https://securelist.com/blog/65672/blackhat-2014-floating-big-in-the-cybersecurity-bubble/
https://securelist.com/blog/65672/blackhat-2014-floating-big-in-the-cybersecurity-bubble/
安全技术
Malicious SHA-1
http://malicioussha1.github.io
http://malicioussha1.github.io
基于内容的 社会标签推荐与分析研究
http://nlp.csai.tsinghua.edu.cn/site2/images/file/thesis-sxc.pdf
http://nlp.csai.tsinghua.edu.cn/site2/images/file/thesis-sxc.pdf
Black Hat USA 2014 | Archives
https://www.blackhat.com/us-14/archives.html
https://www.blackhat.com/us-14/archives.html
应用层慢速DoS攻击压力测试工具 – SlowHTTPTest
http://www.freebuf.com/tools/40413.html
http://www.freebuf.com/tools/40413.html
Enter Sandbox: Android Sandbox Comparison
http://mostconf.org/2014/papers/s3p1.pdf
http://mostconf.org/2014/papers/s3p1.pdf
HoneyDrive 3:The Premier Honeypot Linux Distro
http://hack-tools.blackploit.com/2014/08/honeydrive-3-premier-honeypot-linux.html
http://hack-tools.blackploit.com/2014/08/honeydrive-3-premier-honeypot-linux.html
什么是 billion laughs-WordPress与Drupal的DoS攻击有感
http://danqingdani.blog.163.com/blog/static/186094195201479103853276/
http://danqingdani.blog.163.com/blog/static/186094195201479103853276/
Blackhat Arsenal 2014: Live ModSecurity Demonstrations
http://blog.spiderlabs.com/2014/08/blackhat-arsenal-2014-live-modsecurity-demonstrations.html
http://blog.spiderlabs.com/2014/08/blackhat-arsenal-2014-live-modsecurity-demonstrations.html
Google Android官方培训课程中文版
http://hukai.me/android-training-course-in-chinese/index.html
http://hukai.me/android-training-course-in-chinese/index.html
Rekall Memory Forensic Framework
http://www.rekall-forensic.com/
http://www.rekall-forensic.com/
python内网渗透信息收集脚本(v1发布)
http://www.nitscan.com/?post=31
http://www.nitscan.com/?post=31
Access数据库基于时间盲注的实现
http://www.freebuf.com/articles/web/39925.html
http://www.freebuf.com/articles/web/39925.html
Weevely(php菜刀)工具使用详解
http://www.freebuf.com/tools/39765.html
http://www.freebuf.com/tools/39765.html
FakeID签名漏洞分析及利用(Google Bug 13678484)
http://blogs.360.cn/360mobile/2014/08/04/all-about-fakeid/
http://blogs.360.cn/360mobile/2014/08/04/all-about-fakeid/
一次应急偶遇linux文件安全
http://phpsec.sinaapp.com/?p=116
http://phpsec.sinaapp.com/?p=116
Leviathan: Command And Control Communications On Planet Earth
http://www.fireeye.com/blog/technical/targeted-attack/2014/08/black-hat-usa-talks-leviathan-command-and-control-communications-on-planet-earth.html
http://www.fireeye.com/blog/technical/targeted-attack/2014/08/black-hat-usa-talks-leviathan-command-and-control-communications-on-planet-earth.html
CVE-2014-3950: A Document Encryption Vulnerability Disclosure
http://uwnthesis.wordpress.com/2014/08/03/cve-2014-3950-a-document-encryption-vulnerability-disclosure/
http://uwnthesis.wordpress.com/2014/08/03/cve-2014-3950-a-document-encryption-vulnerability-disclosure/
SecurityReport_Cisco_v4
http://vdisk.weibo.com/s/C72IDYVyev5w3/1407337399
http://vdisk.weibo.com/s/C72IDYVyev5w3/1407337399
Applied Network Security Monitoring - Collection, Detection, and Analysis torren
http://extratorrent.cc/torrent/3396907/Applied+Network+Security+Monitoring+-+Collection,+Detection,+and+Analysis.html
http://extratorrent.cc/torrent/3396907/Applied+Network+Security+Monitoring+-+Collection,+Detection,+and+Analysis.html
CoolShell解密游戏的WriteUp
http://drops.wooyun.org/tips/2730
http://drops.wooyun.org/tips/2730
[Blackhat]2014美国黑帽大会有哪些精彩的议题?
http://www.freebuf.com/news/special/40239.html
http://www.freebuf.com/news/special/40239.html
Using Sphinx for Search in PHP
http://www.slideshare.net/mjlivelyjr/sphinx-php1
http://www.slideshare.net/mjlivelyjr/sphinx-php1
Cerbero:malware and forensic analysis
http://cerbero.io/profiler/
http://cerbero.io/profiler/
The Automated Exploitation Grand Challenge
http://openwall.info/wiki/_media/people/jvanegue/files/aegc_vanegue.pdf
http://openwall.info/wiki/_media/people/jvanegue/files/aegc_vanegue.pdf
Seven Habits of Highly Fraudulent Users
http://blog.siftscience.com/seven-habits-of-highly-fraudulent-users/
http://blog.siftscience.com/seven-habits-of-highly-fraudulent-users/
Pwnie Awards 2014
http://pwnies.com/nominations/
http://pwnies.com/nominations/
Exploiting PHP File Inclusion – Overview
http://websec.wordpress.com/2010/02/22/exploiting-php-file-inclusion-overview/
http://websec.wordpress.com/2010/02/22/exploiting-php-file-inclusion-overview/
DEF CON 21 media
https://media.defcon.org/DEF%20CON%2021/
https://media.defcon.org/DEF%20CON%2021/
WooYun Risks 2014 Top 10
http://drops.wooyun.org/news/2731
http://drops.wooyun.org/news/2731
Shellcode Linux x86
http://www.exploit-db.com/exploits/34262/
http://www.exploit-db.com/exploits/34262/
A Peek Into the Lion's Den – The Magnitude [aka PopAds] Exploit Kit
http://blog.spiderlabs.com/2014/08/a-peek-into-the-lions-den-the-magnitude-aka-popads-exploit-kit.html
http://blog.spiderlabs.com/2014/08/a-peek-into-the-lions-den-the-magnitude-aka-popads-exploit-kit.html
unlock systems infected by CryptoLocker
https://www.decryptcryptolocker.com/
https://www.decryptcryptolocker.com/
Writing kernel exploits
https://lainchan.org/lit/src/1403054070003.pdf
https://lainchan.org/lit/src/1403054070003.pdf
安全专题
Linux提权漏洞汇总
https://www.sec-wiki.com/topic/46
https://www.sec-wiki.com/topic/46
-----微信ID:SecWiki-----
SecWiki,12年来一直专注安全技术资讯分析!
SecWiki:https://www.sec-wiki.com本期原文地址: SecWiki周刊(第23期)
