SecWiki周刊(第277期)
2019/06/17-2019/06/23
安全资讯
上市网络安全公司现状及战略分析
https://mp.weixin.qq.com/s/3mfChyt7r4rn07tHg_q8NA
https://mp.weixin.qq.com/s/3mfChyt7r4rn07tHg_q8NA
网络安全漏洞管理规定(征求意见稿)
http://www.miit.gov.cn/n1146285/n1146352/n3054355/n3057724/n3057728/c7005976/content.html
http://www.miit.gov.cn/n1146285/n1146352/n3054355/n3057724/n3057728/c7005976/content.html
SSH 加入抵御边信道攻击的功能
https://www.solidot.org/story?sid=61080
https://www.solidot.org/story?sid=61080
安全技术
OSINT Tools and Resources Handbook
https://www.i-intelligence.eu/wp-content/uploads/2018/06/OSINT_Handbook_June-2018_Final.pdf
https://www.i-intelligence.eu/wp-content/uploads/2018/06/OSINT_Handbook_June-2018_Final.pdf
基于 Attiny 85 开发板的 BadUSB 攻击实战
https://laucyun.com/d2faa91d255786348f1399d40229ee68.html
https://laucyun.com/d2faa91d255786348f1399d40229ee68.html
CobaltStrike+MetaSploit 实战联动
https://mp.weixin.qq.com/s/x0txdB7tMEIg1W4v_ZK7Tg
https://mp.weixin.qq.com/s/x0txdB7tMEIg1W4v_ZK7Tg
2019年海南省安全等保类项目分析报告
http://www.zhaobiaoneican.com/mobile/analysisDetails?id=95d4314b2cff40648378a672cad4e910
http://www.zhaobiaoneican.com/mobile/analysisDetails?id=95d4314b2cff40648378a672cad4e910
D-Link路由器HNAP协议系列漏洞披露
https://mp.weixin.qq.com/s/jftToJwRUaHy1cRTxn2aOw
https://mp.weixin.qq.com/s/jftToJwRUaHy1cRTxn2aOw
保障IDC安全:分布式HIDS集群架构设计
https://tech.meituan.com/2019/01/17/distributed-hids-cluster-architecture-design.html
https://tech.meituan.com/2019/01/17/distributed-hids-cluster-architecture-design.html
Subdomain takeover via Ngrok service
https://blog.pareshparmar.com/subdomain-takeover-ngrok/
https://blog.pareshparmar.com/subdomain-takeover-ngrok/
GScan: Linux主机侧Checklist的自动全面化检测
https://github.com/grayddq/GScan
https://github.com/grayddq/GScan
Gartner2019年十大安全项目详解
https://mp.weixin.qq.com/s/dBw_z9oNoTRUQNVTkf1l_w
https://mp.weixin.qq.com/s/dBw_z9oNoTRUQNVTkf1l_w
Evading Sysmon DNS Monitoring
https://blog.xpnsec.com/evading-sysmon-dns-monitoring/
https://blog.xpnsec.com/evading-sysmon-dns-monitoring/
F-NAScan-PLUS 安服资产搜集
https://github.com/PINGXcpost/F-NAScan-PLUS
https://github.com/PINGXcpost/F-NAScan-PLUS
Getting Started with ATT&CK: Detection and Analytics
https://medium.com/mitre-attack/getting-started-with-attack-detection-a8e49e4960d0
https://medium.com/mitre-attack/getting-started-with-attack-detection-a8e49e4960d0
基于攻防演练的社会工程案例猜想
https://zhuanlan.zhihu.com/p/67953724
https://zhuanlan.zhihu.com/p/67953724
自助安全扫描与代码审计系统架构实践
https://mp.weixin.qq.com/s/3N3eJzTaMwbznL_aofOjnQ
https://mp.weixin.qq.com/s/3N3eJzTaMwbznL_aofOjnQ
A Remote Access Tool Using Slack as a C2 Channel
https://www.coalfire.com/The-Coalfire-Blog/June-2019/Introducing-Slackor
https://www.coalfire.com/The-Coalfire-Blog/June-2019/Introducing-Slackor
SecWiki周刊(第276期)
https://www.sec-wiki.com/weekly/276
https://www.sec-wiki.com/weekly/276
记一次应急中发现的诡异事件
https://www.freebuf.com/geek/205497.html
https://www.freebuf.com/geek/205497.html
一次基于GAO报告的暗网追踪比特币枪支销售的OSINT调查
https://www.4hou.com/technology/18621.html
https://www.4hou.com/technology/18621.html
WhatsApp缓冲区溢出漏洞分析
https://www.anquanke.com/post/id/180459
https://www.anquanke.com/post/id/180459
-----微信ID:SecWiki-----
SecWiki,13年来一直专注安全技术资讯分析!
SecWiki:https://www.sec-wiki.com本期原文地址: SecWiki周刊(第277期)
