SecWiki周刊(第262期)
2019/03/04-2019/03/10
安全资讯
[人物]  张颖:左手SIEM右手服装设计的美女博士
https://mp.weixin.qq.com/s/qSVjRnMu_Monu_6E2_gsmQ
[新闻]  2019年全球网络安全热词排行榜
https://mp.weixin.qq.com/s/agrm_Xgi1GJP3vmCiL4aVg
[新闻]  一图看懂网络安全执法检查
https://mp.weixin.qq.com/s/gAS2cFaWMUdY0s6sT6ZtHw
[新闻]  公安部“净网2018”专项行动取得显著成效
https://www.toutiao.com/i6665463916635619843
安全技术
[漏洞分析]  Linux SNMP NAT 模块越界内存读写漏洞(CVE-2019-9162)
https://www.exploit-db.com/exploits/46477?utm_source=dlvr.it&utm_medium=twitter
[工具]  jsproxy: 一个基于浏览器端 JS 实现的在线代理
https://github.com/EtherDream/jsproxy
[工具]  美国国安局逆向工程框架——Ghidra的简单使用
https://www.giantbranch.cn/2019/03/06/%E7%BE%8E%E5%9B%BD%E5%9B%BD%E5%AE%89%E5%B1%80%E9%80%86%E5%90%91%E5%B7%A5%E7%A8%8B%E6%A1%86%E6%9E%B6%E2%80%94%E2%80%94Ghidra%E7%9A%84%E7%AE%80%E5%8D%95%E4%BD%BF%E7%94%A8/
[工具]  CVE-2018-8639-exp
https://github.com/ze0r/CVE-2018-8639-exp/
[其它]  WordPress <= 5.0 (CVE-2019-8942 & CVE-2019-8943) 远程代码执行漏洞 Exploit
https://gist.github.com/allyshka/f159c0b43f1374f87f2c3817d6401fd6
[运维安全]  using-docker-kubernetes-for-automating-appsec-and-osint-workflows
https://github.com/appsecco/using-docker-kubernetes-for-automating-appsec-and-osint-workflows
[运维安全]  k8s-security-dashboard: A security monitoring solution for Kubernetes
https://github.com/k8scop/k8s-security-dashboard
[恶意分析]  Quick Analysis of a Trickbot Sample with NSA's Ghidra SRE Framework
http://www.peppermalware.com/2019/03/quick-analysis-of-trickbot-sample-with.html
[编程技术]  FOFA爬虫大法——API的简单利用
https://nosec.org/home/detail/2302.html
[漏洞分析]  SMoTherSpectre PoC
https://github.com/HexHive/SMoTherSpectre
[漏洞分析]  Finding and exploiting CVE-2018–7445
https://medium.com/@maxi./finding-and-exploiting-cve-2018-7445-f3103f163cc1
[Web安全]  Cobalt Strike 证书修改
https://mp.weixin.qq.com/s/59Bj4qk-ClV2eqLu8SKniQ
[漏洞分析]  从补丁 DIFF 到 EXP:CVE-2019-0623 漏洞分析与利用
https://paper.seebug.org/832/
[Web安全]  红队后渗透测试中的文件传输技巧
https://paper.seebug.org/834/?from=timeline
[移动安全]  3 XSS in ProtonMail for iOS – Vladimir Metnew – Medium
https://medium.com/@vladimirmetnew/3-xss-in-protonmail-for-ios-95f8e4b17054
[工具]  Online Courses – Ghidra
http://ghidra.re/online-courses/
[工具]  chomp-scan: 用于简化Bug Bounty/Penetration Test探测阶段的工具脚本
https://github.com/SolomonSklash/chomp-scan
[恶意分析]  软件供应链安全威胁:从“奥创纪元”到“无限战争”
https://www.anquanke.com/post/id/172832
[取证分析]  威胁建模模型ATT&CK
http://blog.nsfocus.net/threat-modeling-model-attck/
[数据挖掘]  AI繁荣下的隐忧—Google Tensorflow安全风险剖析
https://mp.weixin.qq.com/s/rjcOK3A83oKHkpNgbm9Lbg
[工具]  JsDbg: Debugging extensions for Microsoft Edge and Chromium-based browsers
https://github.com/MicrosoftEdge/JsDbg
[Web安全]  Host Header Poisoning in IBM Websphere
https://medium.com/@x41x41x41/host-header-poisoning-in-ibm-websphere-3d459a990f00
[运维安全]  kubernetes集群渗透测试
https://www.freebuf.com/news/196993.html
[Web安全]  Cookies 安全白皮书
https://www.netsparker.com/security-cookies-whitepaper/
[Web安全]  .NET高级代码审计(第一课)XmlSerializer反序列化漏洞
https://www.anquanke.com/post/id/172316
[恶意分析]  分析用Golang编写的新恶意软件
https://www.freebuf.com/articles/network/196498.html
[恶意分析]  SectorD02 PowerShell Backdoor Analysis
https://threatrecon.nshc.net/2019/03/07/sectord02-powershell-backdoor-analysis/
[恶意分析]  New SLUB Backdoor Uses GitHub, Communicates via Slack
https://blog.trendmicro.com/trendlabs-security-intelligence/new-slub-backdoor-uses-github-communicates-via-slack/
[移动安全]  Setting up Frida Without Jailbreak on the Latest iOS 12.1.4 Device
https://blog.securityinnovation.com/frida
[恶意分析]  GoBrut: A new GoLang Botnet
https://blog.yoroi.company/research/gobrut-a-new-golang-botnet/
[恶意分析]  使用贝叶斯网络来识别0day攻击路径
http://www.arkteam.net/?p=4253
[漏洞分析]  Automation in Exploit Generation with Exploit Templates
https://sean.heelan.io/2019/03/05/automation-in-exploit-generation-with-exploit-templates/
[恶意分析]  apt40-examining-a-china-nexus-espionage-actor
https://www.fireeye.com/blog/threat-research/2019/03/apt40-examining-a-china-nexus-espionage-actor.html
[文档]  极验2018交互安全行业研究报告
https://www.freebuf.com/articles/paper/196652.html
[文档]  2018 BOTNET趋势报告
http://blog.nsfocus.net/wp-content/uploads/2019/03/2018-BOTNET%E8%B6%8B%E5%8A%BF%E6%8A%A5%E5%91%8A.pdf
[其它]  houjingyi233/CPU-vulnerabiility-collections
https://github.com/houjingyi233/CPU-vulnerabiility-collections
[比赛]  CTF顶级工具与资源
https://www.aqniu.com/learn/44310.html
[取证分析]  从零编写一个自己的蜜罐系统
https://www.freebuf.com/articles/es/196525.html
[取证分析]  Google Launches Backstory —Google的情报工具Backstory
https://thehackernews.com/2019/03/backstory-cybersecurity-software.html
[数据挖掘]  基于机器学习的webshell检测(一)
https://zhuanlan.zhihu.com/p/58676764
[工具]  LuWu: 红队基础设施自动化部署工具
https://github.com/360-A-Team/LuWu
[数据挖掘]  基于机器学习的攻击检测(二)下-lstm实现
https://zhuanlan.zhihu.com/p/58732540
[Web安全]  PHP7和PHP5在安全上的区别
https://www.freebuf.com/articles/web/197013.html
[漏洞分析]  写在98篇漏洞分析之后
https://whereisk0shl.top/post/2019-03-09
[漏洞分析]  Web漏洞分析之——顺瓜摸藤
http://blog.nsfocus.net/web%e6%bc%8f%e6%b4%9e%e5%88%86%e6%9e%90%e4%b9%8b-%e9%a1%ba%e7%93%9c%e6%91%b8%e8%97%a4/
[Web安全]  探索CobaltStrike的External C2框架
https://xz.aliyun.com/t/4220
[Web安全]  dvantech WebAccess 访问控制权限配置不严导致的本地提权漏洞披露
https://www.thezdi.com/blog/2019/3/6/webaccess-uncontrol
[数据挖掘]  基于深度学习的webshell检测(二)
https://zhuanlan.zhihu.com/p/58683374
[取证分析]  电子取证最全清单
https://mp.weixin.qq.com/s/ES83wSU-WBrUONGjCN6jYw
[Web安全]  SVG XLink SSRF fingerprinting libraries version – Arbaz Hussain – Medium
https://medium.com/@arbazhussain/svg-xlink-ssrf-fingerprinting-libraries-version-450ebecc2f3c
[设备安全]  绿盟科技 2018物联网安全年报
http://blog.nsfocus.net/annual-report-internet-security-2018/
[数据挖掘]  Data-Knowledge-Action: 企业安全数据分析入门
https://www.cdxy.me/?p=803
[论文]  LEMNA:针对安全应用的深度学习黑盒解释模型
http://www.arkteam.net/?p=4264
[数据挖掘]  中文公开聊天语料库
https://github.com/codemayq/chaotbot_corpus_Chinese
[Web安全]  渗透之权限维持杂谈
https://www.anquanke.com/post/id/171891
[Web安全]  信息泄漏
https://bloodzer0.github.io/vulnerability/il/
[工具]  stevenaldinger/decker: Declarative penetration testing orchestration framework
https://github.com/stevenaldinger/decker
[其它]  Windows 漏洞利用辅助工具
https://github.com/bitsadmin/wesng
[Web安全]  Great Scott! Timing Attack Demo for the Everyday Webdev
https://www.simplethread.com/great-scott-timing-attack-demo/
[Web安全]  绕过 JS Sandbox 限制
https://licenciaparahackear.github.io/en/posts/bypassing-a-restrictive-js-sandbox/
[Web安全]  Auditing GitHub Repo Wikis for Fun and Profit
https://www.smeegesec.com/2019/03/auditing-github-repo-wikis-for-fun-and.html
[设备安全]  从 Trezor 硬件加密钱包中提取钱包恢复种子的研究
http://colinoflynn.com/2019/03/glitching-trezor-using-emfi-through-the-enclosure/
[Web安全]  从php内核角度分析php弱类型
https://www.anquanke.com/post/id/171966
[工具]  SirepRAT: Remote Command Execution as SYSTEM on Windows IoT Core
https://github.com/SafeBreach-Labs/SirepRAT
[设备安全]  一个威胁数万用户GPON家用路由器 的RCE
https://xz.aliyun.com/t/4242
[恶意分析]  MacOS Malware Pedia
https://research.checkpoint.com/macos-malware-pedia/
[Web安全]  Facebook Messenger server random memory exposure through corrupted GIF image
https://www.vulnano.com/2019/03/facebook-messenger-server-random-memory.html
[Web安全]  步步为营之游走于内网
https://mp.weixin.qq.com/s/xGYfxdp_TQmXiuWvC1sN-g
[论文]  Abusing Web Browsers for Persistent and Stealthy Computation
https://mp.weixin.qq.com/s/bvQo-VHWdOEisR2adxx6yA
[观点]  技术层面看RSA的创新沙盒
https://mp.weixin.qq.com/s/1-yCu8dvp5GzOfK1i4LIhg
[工具]  Automate discovering and dropping payloads on LAN Raspberry Pi's via ssh
https://github.com/BusesCanFly/rpi-hunter
[工具]  femida: Automated blind-xss search for Burp Suite
https://github.com/wish-i-was/femida
[漏洞分析]  Ubuntu Linux中的特权提升漏洞Dirty Sock分析(含PoC)
https://www.freebuf.com/articles/system/195903.html
[其它]  Python 开发的 metasploit payload 免杀工具
https://www.kitploit.com/2019/03/phantom-evasion-python-av-evasion-tool.html
[观点]  美国政略统筹下的网军军事战略
https://mp.weixin.qq.com/s/GMvs_YE5W_m532touUOgfg
[Web安全]  代码审计实战思路之浅析PHPCMS
https://www.freebuf.com/articles/web/195737.html
[漏洞分析]  Part 1: Introduction to Exploit Development
https://www.fuzzysecurity.com/tutorials/expDev/1.html
[Web安全]  Hijacking a Customer Account with a Crafted Image
https://www.fortinet.com/blog/threat-research/wordpress-woocommerce-xss-vulnerability----hijacking-a-customer-.html
[Web安全]  Facebook Information Leak
http://www.tomanthony.co.uk/blog/facebook-bug-confirm-user-identities/
[Web安全]  Universal RCE with Ruby YAML.load
https://staaldraad.github.io/post/2019-03-02-universal-rce-ruby-yaml-load/
[Web安全]  以太坊链审计报告之Clef审计报告
https://www.freebuf.com/articles/blockchain-articles/196822.html
[Web安全]  账户逻辑漏洞
https://bloodzer0.github.io/vulnerability/logical-vulnerability/account/
[数据挖掘]  基于机器学习的攻击检测(二)上-理解lstm
https://zhuanlan.zhihu.com/p/58725390
[设备安全]  Don't worry about being locked with Loccess
https://www.eyeohtee.cheap/dont-worry-about-being-locked-with-loccess/
[恶意分析]  Detecting Malicious Behavior by Unmasking WebSockets
https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/detecting-malicious-behavior-by-unmasking-websockets/
[数据挖掘]  采用NLP机器学习来进行自动化合规风险治理
http://blog.nsfocus.net/automated-compliance-risk-management-nlp-machine-learning/
[其它]  $100,000/year if you can solve this reverse engineering test
https://www.linkedin.com/pulse/100000year-you-can-solve-reverse-engineering-test-john-coates/
[编程技术]  Linux 内核漏洞利用开发实验项目
https://github.com/a13xp0p0v/kernel-hack-drill
[运维安全]  •结合图论进行入侵检测
https://www.slideshare.net/MattSwann1/graph-the-planet-2019-intrusion-detection-with-graphs
[数据挖掘]  机器学习算法分析引擎助力安全威胁推理分析
http://blog.nsfocus.net/machine-learning-algorithms-analysis-engine-security-threat-reasoning/
[恶意分析]  Detecting Powershell Empire shenanigans with Sysinternals
https://holdmybeersecurity.com/2019/02/27/sysinternals-for-windows-incident-response/
[数据挖掘]  基于机器学习的攻击检测(一)
https://zhuanlan.zhihu.com/p/58689080
[文档]  SecWiki周刊(第261期)
https://www.sec-wiki.com/weekly/261
-----微信ID:SecWiki-----
SecWiki,12年来一直专注安全技术资讯分析!
SecWiki:https://www.sec-wiki.com

本期原文地址: SecWiki周刊(第262期)