SecWiki周刊(第275期)
2019/06/03-2019/06/09
安全资讯
Dork-Admin: 盘点近年来的数据泄露事件
https://github.com/No-Github/Dork-Admin
https://github.com/No-Github/Dork-Admin
安全技术
最新出炉!网络安全实践指南 —移动互联网应用基本业务功能必要信息规范
https://www.kiwisec.com/news/detail/5cf4dc6ec649181e28b82018.html
https://www.kiwisec.com/news/detail/5cf4dc6ec649181e28b82018.html
从外网到内网的渗透姿势分享
https://xz.aliyun.com/t/5330
https://xz.aliyun.com/t/5330
Windows平台常见反调试技术梳理(上)
https://www.anquanke.com/post/id/179709
https://www.anquanke.com/post/id/179709
DataCon 的 DNS 恶意流量检查一题回顾
https://mp.weixin.qq.com/s/M-J4FhGA5zg1WZCA9-Houg
https://mp.weixin.qq.com/s/M-J4FhGA5zg1WZCA9-Houg
安天发布“方程式组织”攻击中东SWIFT服务商事件复盘分析报告
https://mp.weixin.qq.com/s/3ZQhn32NB6p-LwndB2o2zQ
https://mp.weixin.qq.com/s/3ZQhn32NB6p-LwndB2o2zQ
influxdb认证绕过0day
https://tanjiti.github.io/2019/05/31/influxdb-%E8%AE%A4%E8%AF%81%E7%BB%95%E8%BF%870day/
https://tanjiti.github.io/2019/05/31/influxdb-%E8%AE%A4%E8%AF%81%E7%BB%95%E8%BF%870day/
基于DGCNN和概率图的轻量级信息抽取模型
https://kexue.fm/archives/6671
https://kexue.fm/archives/6671
Threat Hunting with Jupyter — Part 2: Basic Data Analysis with Pandas
https://posts.specterops.io/threat-hunting-with-jupyter-notebooks-part-2-basic-data-analysis-with-pandas-80d1400ab6ee
https://posts.specterops.io/threat-hunting-with-jupyter-notebooks-part-2-basic-data-analysis-with-pandas-80d1400ab6ee
基于EVE-NG平台上构建企业内网攻防环境
https://mp.weixin.qq.com/s/vBYxrmnBoM-Abl_y1v4DtA
https://mp.weixin.qq.com/s/vBYxrmnBoM-Abl_y1v4DtA
细说 sqlmap_api
https://paper.seebug.org/940/
https://paper.seebug.org/940/
0xBA 漏洞管理从入坑到逃离
https://zhuanlan.zhihu.com/p/68419146
https://zhuanlan.zhihu.com/p/68419146
一次不完美的Jboss渗透
https://xz.aliyun.com/t/5326
https://xz.aliyun.com/t/5326
ESET分析了Turla APT对武器化PowerShell的使用
https://mp.weixin.qq.com/s/tNI54MlsN9bFKnm9kL6G-Q
https://mp.weixin.qq.com/s/tNI54MlsN9bFKnm9kL6G-Q
简单 Unity3D 安卓游戏逆向思路
https://paper.seebug.org/829/
https://paper.seebug.org/829/
对Silence组织的攻击手法的全方位解析
https://www.4hou.com/special/18153.html
https://www.4hou.com/special/18153.html
如何利用机器学习创建恶意软件检测系统
https://xz.aliyun.com/t/5338
https://xz.aliyun.com/t/5338
SecWiki周刊(第274期)
https://www.sec-wiki.com/weekly/274
https://www.sec-wiki.com/weekly/274
Threat Hunting with Jupyter — Part 4: SQL JOIN via Apache SparkSQL
https://posts.specterops.io/threat-hunting-with-jupyter-notebooks-part-4-sql-join-via-apache-sparksql-6630928c931e
https://posts.specterops.io/threat-hunting-with-jupyter-notebooks-part-4-sql-join-via-apache-sparksql-6630928c931e
银钩:针对国内网银用户的钓鱼的攻击活动
https://mp.weixin.qq.com/s/QINNIBQDY2bvLi795LsOoA
https://mp.weixin.qq.com/s/QINNIBQDY2bvLi795LsOoA
Threat Hunting with Jupyter — Part 3: Querying Elasticsearch via Apache Spark
https://posts.specterops.io/threat-hunting-with-jupyter-notebooks-part-3-querying-elasticsearch-via-apache-spark-670054cd9d47
https://posts.specterops.io/threat-hunting-with-jupyter-notebooks-part-3-querying-elasticsearch-via-apache-spark-670054cd9d47
Windows平台常见反调试技术梳理(下)
https://www.anquanke.com/post/id/179710
https://www.anquanke.com/post/id/179710
-----微信ID:SecWiki-----
SecWiki,13年来一直专注安全技术资讯分析!
SecWiki:https://www.sec-wiki.com本期原文地址: SecWiki周刊(第275期)
