SecWiki周刊(第262期)
2019/03/04-2019/03/10
安全资讯
张颖:左手SIEM右手服装设计的美女博士
https://mp.weixin.qq.com/s/qSVjRnMu_Monu_6E2_gsmQ
https://mp.weixin.qq.com/s/qSVjRnMu_Monu_6E2_gsmQ
2019年全球网络安全热词排行榜
https://mp.weixin.qq.com/s/agrm_Xgi1GJP3vmCiL4aVg
https://mp.weixin.qq.com/s/agrm_Xgi1GJP3vmCiL4aVg
公安部“净网2018”专项行动取得显著成效
https://www.toutiao.com/i6665463916635619843
https://www.toutiao.com/i6665463916635619843
安全技术
Linux SNMP NAT 模块越界内存读写漏洞(CVE-2019-9162)
https://www.exploit-db.com/exploits/46477?utm_source=dlvr.it&utm_medium=twitter
https://www.exploit-db.com/exploits/46477?utm_source=dlvr.it&utm_medium=twitter
美国国安局逆向工程框架——Ghidra的简单使用
https://www.giantbranch.cn/2019/03/06/%E7%BE%8E%E5%9B%BD%E5%9B%BD%E5%AE%89%E5%B1%80%E9%80%86%E5%90%91%E5%B7%A5%E7%A8%8B%E6%A1%86%E6%9E%B6%E2%80%94%E2%80%94Ghidra%E7%9A%84%E7%AE%80%E5%8D%95%E4%BD%BF%E7%94%A8/
https://www.giantbranch.cn/2019/03/06/%E7%BE%8E%E5%9B%BD%E5%9B%BD%E5%AE%89%E5%B1%80%E9%80%86%E5%90%91%E5%B7%A5%E7%A8%8B%E6%A1%86%E6%9E%B6%E2%80%94%E2%80%94Ghidra%E7%9A%84%E7%AE%80%E5%8D%95%E4%BD%BF%E7%94%A8/
jsproxy: 一个基于浏览器端 JS 实现的在线代理
https://github.com/EtherDream/jsproxy
https://github.com/EtherDream/jsproxy
CVE-2018-8639-exp
https://github.com/ze0r/CVE-2018-8639-exp/
https://github.com/ze0r/CVE-2018-8639-exp/
using-docker-kubernetes-for-automating-appsec-and-osint-workflows
https://github.com/appsecco/using-docker-kubernetes-for-automating-appsec-and-osint-workflows
https://github.com/appsecco/using-docker-kubernetes-for-automating-appsec-and-osint-workflows
k8s-security-dashboard: A security monitoring solution for Kubernetes
https://github.com/k8scop/k8s-security-dashboard
https://github.com/k8scop/k8s-security-dashboard
Quick Analysis of a Trickbot Sample with NSA's Ghidra SRE Framework
http://www.peppermalware.com/2019/03/quick-analysis-of-trickbot-sample-with.html
http://www.peppermalware.com/2019/03/quick-analysis-of-trickbot-sample-with.html
WordPress <= 5.0 (CVE-2019-8942 & CVE-2019-8943) 远程代码执行漏洞 Exploit
https://gist.github.com/allyshka/f159c0b43f1374f87f2c3817d6401fd6
https://gist.github.com/allyshka/f159c0b43f1374f87f2c3817d6401fd6
FOFA爬虫大法——API的简单利用
https://nosec.org/home/detail/2302.html
https://nosec.org/home/detail/2302.html
3 XSS in ProtonMail for iOS – Vladimir Metnew – Medium
https://medium.com/@vladimirmetnew/3-xss-in-protonmail-for-ios-95f8e4b17054
https://medium.com/@vladimirmetnew/3-xss-in-protonmail-for-ios-95f8e4b17054
Finding and exploiting CVE-2018–7445
https://medium.com/@maxi./finding-and-exploiting-cve-2018-7445-f3103f163cc1
https://medium.com/@maxi./finding-and-exploiting-cve-2018-7445-f3103f163cc1
SMoTherSpectre PoC
https://github.com/HexHive/SMoTherSpectre
https://github.com/HexHive/SMoTherSpectre
Online Courses – Ghidra
http://ghidra.re/online-courses/
http://ghidra.re/online-courses/
Cobalt Strike 证书修改
https://mp.weixin.qq.com/s/59Bj4qk-ClV2eqLu8SKniQ
https://mp.weixin.qq.com/s/59Bj4qk-ClV2eqLu8SKniQ
红队后渗透测试中的文件传输技巧
https://paper.seebug.org/834/?from=timeline
https://paper.seebug.org/834/?from=timeline
从补丁 DIFF 到 EXP:CVE-2019-0623 漏洞分析与利用
https://paper.seebug.org/832/
https://paper.seebug.org/832/
chomp-scan: 用于简化Bug Bounty/Penetration Test探测阶段的工具脚本
https://github.com/SolomonSklash/chomp-scan
https://github.com/SolomonSklash/chomp-scan
软件供应链安全威胁:从“奥创纪元”到“无限战争”
https://www.anquanke.com/post/id/172832
https://www.anquanke.com/post/id/172832
AI繁荣下的隐忧—Google Tensorflow安全风险剖析
https://mp.weixin.qq.com/s/rjcOK3A83oKHkpNgbm9Lbg
https://mp.weixin.qq.com/s/rjcOK3A83oKHkpNgbm9Lbg
kubernetes集群渗透测试
https://www.freebuf.com/news/196993.html
https://www.freebuf.com/news/196993.html
Host Header Poisoning in IBM Websphere
https://medium.com/@x41x41x41/host-header-poisoning-in-ibm-websphere-3d459a990f00
https://medium.com/@x41x41x41/host-header-poisoning-in-ibm-websphere-3d459a990f00
JsDbg: Debugging extensions for Microsoft Edge and Chromium-based browsers
https://github.com/MicrosoftEdge/JsDbg
https://github.com/MicrosoftEdge/JsDbg
.NET高级代码审计(第一课)XmlSerializer反序列化漏洞
https://www.anquanke.com/post/id/172316
https://www.anquanke.com/post/id/172316
分析用Golang编写的新恶意软件
https://www.freebuf.com/articles/network/196498.html
https://www.freebuf.com/articles/network/196498.html
极验2018交互安全行业研究报告
https://www.freebuf.com/articles/paper/196652.html
https://www.freebuf.com/articles/paper/196652.html
GoBrut: A new GoLang Botnet
https://blog.yoroi.company/research/gobrut-a-new-golang-botnet/
https://blog.yoroi.company/research/gobrut-a-new-golang-botnet/
New SLUB Backdoor Uses GitHub, Communicates via Slack
https://blog.trendmicro.com/trendlabs-security-intelligence/new-slub-backdoor-uses-github-communicates-via-slack/
https://blog.trendmicro.com/trendlabs-security-intelligence/new-slub-backdoor-uses-github-communicates-via-slack/
apt40-examining-a-china-nexus-espionage-actor
https://www.fireeye.com/blog/threat-research/2019/03/apt40-examining-a-china-nexus-espionage-actor.html
https://www.fireeye.com/blog/threat-research/2019/03/apt40-examining-a-china-nexus-espionage-actor.html
Automation in Exploit Generation with Exploit Templates
https://sean.heelan.io/2019/03/05/automation-in-exploit-generation-with-exploit-templates/
https://sean.heelan.io/2019/03/05/automation-in-exploit-generation-with-exploit-templates/
SectorD02 PowerShell Backdoor Analysis
https://threatrecon.nshc.net/2019/03/07/sectord02-powershell-backdoor-analysis/
https://threatrecon.nshc.net/2019/03/07/sectord02-powershell-backdoor-analysis/
Setting up Frida Without Jailbreak on the Latest iOS 12.1.4 Device
https://blog.securityinnovation.com/frida
https://blog.securityinnovation.com/frida
使用贝叶斯网络来识别0day攻击路径
http://www.arkteam.net/?p=4253
http://www.arkteam.net/?p=4253
CTF顶级工具与资源
https://www.aqniu.com/learn/44310.html
https://www.aqniu.com/learn/44310.html
2018 BOTNET趋势报告
http://blog.nsfocus.net/wp-content/uploads/2019/03/2018-BOTNET%E8%B6%8B%E5%8A%BF%E6%8A%A5%E5%91%8A.pdf
http://blog.nsfocus.net/wp-content/uploads/2019/03/2018-BOTNET%E8%B6%8B%E5%8A%BF%E6%8A%A5%E5%91%8A.pdf
Google Launches Backstory —Google的情报工具Backstory
https://thehackernews.com/2019/03/backstory-cybersecurity-software.html
https://thehackernews.com/2019/03/backstory-cybersecurity-software.html
houjingyi233/CPU-vulnerabiility-collections
https://github.com/houjingyi233/CPU-vulnerabiility-collections
https://github.com/houjingyi233/CPU-vulnerabiility-collections
基于机器学习的攻击检测(二)下-lstm实现
https://zhuanlan.zhihu.com/p/58732540
https://zhuanlan.zhihu.com/p/58732540
LuWu: 红队基础设施自动化部署工具
https://github.com/360-A-Team/LuWu
https://github.com/360-A-Team/LuWu
从零编写一个自己的蜜罐系统
https://www.freebuf.com/articles/es/196525.html
https://www.freebuf.com/articles/es/196525.html
写在98篇漏洞分析之后
https://whereisk0shl.top/post/2019-03-09
https://whereisk0shl.top/post/2019-03-09
PHP7和PHP5在安全上的区别
https://www.freebuf.com/articles/web/197013.html
https://www.freebuf.com/articles/web/197013.html
基于机器学习的webshell检测(一)
https://zhuanlan.zhihu.com/p/58676764
https://zhuanlan.zhihu.com/p/58676764
基于深度学习的webshell检测(二)
https://zhuanlan.zhihu.com/p/58683374
https://zhuanlan.zhihu.com/p/58683374
绿盟科技 2018物联网安全年报
http://blog.nsfocus.net/annual-report-internet-security-2018/
http://blog.nsfocus.net/annual-report-internet-security-2018/
LEMNA:针对安全应用的深度学习黑盒解释模型
http://www.arkteam.net/?p=4264
http://www.arkteam.net/?p=4264
dvantech WebAccess 访问控制权限配置不严导致的本地提权漏洞披露
https://www.thezdi.com/blog/2019/3/6/webaccess-uncontrol
https://www.thezdi.com/blog/2019/3/6/webaccess-uncontrol
SVG XLink SSRF fingerprinting libraries version – Arbaz Hussain – Medium
https://medium.com/@arbazhussain/svg-xlink-ssrf-fingerprinting-libraries-version-450ebecc2f3c
https://medium.com/@arbazhussain/svg-xlink-ssrf-fingerprinting-libraries-version-450ebecc2f3c
Windows 漏洞利用辅助工具
https://github.com/bitsadmin/wesng
https://github.com/bitsadmin/wesng
探索CobaltStrike的External C2框架
https://xz.aliyun.com/t/4220
https://xz.aliyun.com/t/4220
Data-Knowledge-Action: 企业安全数据分析入门
https://www.cdxy.me/?p=803
https://www.cdxy.me/?p=803
Web漏洞分析之——顺瓜摸藤
http://blog.nsfocus.net/web%e6%bc%8f%e6%b4%9e%e5%88%86%e6%9e%90%e4%b9%8b-%e9%a1%ba%e7%93%9c%e6%91%b8%e8%97%a4/
http://blog.nsfocus.net/web%e6%bc%8f%e6%b4%9e%e5%88%86%e6%9e%90%e4%b9%8b-%e9%a1%ba%e7%93%9c%e6%91%b8%e8%97%a4/
stevenaldinger/decker: Declarative penetration testing orchestration framework
https://github.com/stevenaldinger/decker
https://github.com/stevenaldinger/decker
Auditing GitHub Repo Wikis for Fun and Profit
https://www.smeegesec.com/2019/03/auditing-github-repo-wikis-for-fun-and.html
https://www.smeegesec.com/2019/03/auditing-github-repo-wikis-for-fun-and.html
从 Trezor 硬件加密钱包中提取钱包恢复种子的研究
http://colinoflynn.com/2019/03/glitching-trezor-using-emfi-through-the-enclosure/
http://colinoflynn.com/2019/03/glitching-trezor-using-emfi-through-the-enclosure/
从php内核角度分析php弱类型
https://www.anquanke.com/post/id/171966
https://www.anquanke.com/post/id/171966
Great Scott! Timing Attack Demo for the Everyday Webdev
https://www.simplethread.com/great-scott-timing-attack-demo/
https://www.simplethread.com/great-scott-timing-attack-demo/
技术层面看RSA的创新沙盒
https://mp.weixin.qq.com/s/1-yCu8dvp5GzOfK1i4LIhg
https://mp.weixin.qq.com/s/1-yCu8dvp5GzOfK1i4LIhg
Abusing Web Browsers for Persistent and Stealthy Computation
https://mp.weixin.qq.com/s/bvQo-VHWdOEisR2adxx6yA
https://mp.weixin.qq.com/s/bvQo-VHWdOEisR2adxx6yA
一个威胁数万用户GPON家用路由器 的RCE
https://xz.aliyun.com/t/4242
https://xz.aliyun.com/t/4242
Facebook Messenger server random memory exposure through corrupted GIF image
https://www.vulnano.com/2019/03/facebook-messenger-server-random-memory.html
https://www.vulnano.com/2019/03/facebook-messenger-server-random-memory.html
Automate discovering and dropping payloads on LAN Raspberry Pi's via ssh
https://github.com/BusesCanFly/rpi-hunter
https://github.com/BusesCanFly/rpi-hunter
SirepRAT: Remote Command Execution as SYSTEM on Windows IoT Core
https://github.com/SafeBreach-Labs/SirepRAT
https://github.com/SafeBreach-Labs/SirepRAT
MacOS Malware Pedia
https://research.checkpoint.com/macos-malware-pedia/
https://research.checkpoint.com/macos-malware-pedia/
Python 开发的 metasploit payload 免杀工具
https://www.kitploit.com/2019/03/phantom-evasion-python-av-evasion-tool.html
https://www.kitploit.com/2019/03/phantom-evasion-python-av-evasion-tool.html
femida: Automated blind-xss search for Burp Suite
https://github.com/wish-i-was/femida
https://github.com/wish-i-was/femida
Facebook Information Leak
http://www.tomanthony.co.uk/blog/facebook-bug-confirm-user-identities/
http://www.tomanthony.co.uk/blog/facebook-bug-confirm-user-identities/
美国政略统筹下的网军军事战略
https://mp.weixin.qq.com/s/GMvs_YE5W_m532touUOgfg
https://mp.weixin.qq.com/s/GMvs_YE5W_m532touUOgfg
Hijacking a Customer Account with a Crafted Image
https://www.fortinet.com/blog/threat-research/wordpress-woocommerce-xss-vulnerability----hijacking-a-customer-.html
https://www.fortinet.com/blog/threat-research/wordpress-woocommerce-xss-vulnerability----hijacking-a-customer-.html
Ubuntu Linux中的特权提升漏洞Dirty Sock分析(含PoC)
https://www.freebuf.com/articles/system/195903.html
https://www.freebuf.com/articles/system/195903.html
代码审计实战思路之浅析PHPCMS
https://www.freebuf.com/articles/web/195737.html
https://www.freebuf.com/articles/web/195737.html
以太坊链审计报告之Clef审计报告
https://www.freebuf.com/articles/blockchain-articles/196822.html
https://www.freebuf.com/articles/blockchain-articles/196822.html
Part 1: Introduction to Exploit Development
https://www.fuzzysecurity.com/tutorials/expDev/1.html
https://www.fuzzysecurity.com/tutorials/expDev/1.html
Don't worry about being locked with Loccess
https://www.eyeohtee.cheap/dont-worry-about-being-locked-with-loccess/
https://www.eyeohtee.cheap/dont-worry-about-being-locked-with-loccess/
采用NLP机器学习来进行自动化合规风险治理
http://blog.nsfocus.net/automated-compliance-risk-management-nlp-machine-learning/
http://blog.nsfocus.net/automated-compliance-risk-management-nlp-machine-learning/
Universal RCE with Ruby YAML.load
https://staaldraad.github.io/post/2019-03-02-universal-rce-ruby-yaml-load/
https://staaldraad.github.io/post/2019-03-02-universal-rce-ruby-yaml-load/
基于机器学习的攻击检测(二)上-理解lstm
https://zhuanlan.zhihu.com/p/58725390
https://zhuanlan.zhihu.com/p/58725390
$100,000/year if you can solve this reverse engineering test
https://www.linkedin.com/pulse/100000year-you-can-solve-reverse-engineering-test-john-coates/
https://www.linkedin.com/pulse/100000year-you-can-solve-reverse-engineering-test-john-coates/
Detecting Malicious Behavior by Unmasking WebSockets
https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/detecting-malicious-behavior-by-unmasking-websockets/
https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/detecting-malicious-behavior-by-unmasking-websockets/
•结合图论进行入侵检测
https://www.slideshare.net/MattSwann1/graph-the-planet-2019-intrusion-detection-with-graphs
https://www.slideshare.net/MattSwann1/graph-the-planet-2019-intrusion-detection-with-graphs
Linux 内核漏洞利用开发实验项目
https://github.com/a13xp0p0v/kernel-hack-drill
https://github.com/a13xp0p0v/kernel-hack-drill
机器学习算法分析引擎助力安全威胁推理分析
http://blog.nsfocus.net/machine-learning-algorithms-analysis-engine-security-threat-reasoning/
http://blog.nsfocus.net/machine-learning-algorithms-analysis-engine-security-threat-reasoning/
基于机器学习的攻击检测(一)
https://zhuanlan.zhihu.com/p/58689080
https://zhuanlan.zhihu.com/p/58689080
Detecting Powershell Empire shenanigans with Sysinternals
https://holdmybeersecurity.com/2019/02/27/sysinternals-for-windows-incident-response/
https://holdmybeersecurity.com/2019/02/27/sysinternals-for-windows-incident-response/
SecWiki周刊(第261期)
https://www.sec-wiki.com/weekly/261
https://www.sec-wiki.com/weekly/261
-----微信ID:SecWiki-----
SecWiki,13年来一直专注安全技术资讯分析!
SecWiki:https://www.sec-wiki.com本期原文地址: SecWiki周刊(第262期)
