SecWiki周刊(第28期)
2014/09/08-2014/09/14
安全资讯
[Web安全]  一周海外安全事件回顾(8.31-9.6):扑朔迷离的艳照门
http://www.freebuf.com/news/special/43115.html
安全技术
[文档]  Easy Way to Compare Cisco Catalyst 3750-X Switch with Cisco 3850
http://www.router-switch.com/Price-cisco-switches-cisco-switch-catalyst-3750_c21
[无线安全]  JS投毒的另一种尝试
http://www.freebuf.com/articles/web/43353.html
[Web安全]  USENIX Security symposium Download
https://www.usenix.org/conference/usenixsecurity14/technical-sessions
[无线安全]  三款SDR平台对比:HackRF,bladeRF和USRP
http://blog.sina.com.cn/s/blog_72628e9f0102v5jm.html
[移动安全]  细数安卓WebView的那些“神洞”
http://ac2pezirnz.l25.yunpan.cn/lk/Q7BRzAQmrtSVE
[运维安全]  ElasticHQ:Sleek, intuitive, and powerful ElasticSearch Management and Monitoring
http://www.elastichq.org/
[漏洞分析]  CVE-2010-3301漏洞及利用分析
http://www.cfeng.org/articles/cve-2010-3301-analysis-of-exploit.html
[恶意分析]  Malicious Traffic Detection in Local Networks with Snort
http://infoscience.epfl.ch/record/141022/files/pdm.pdf
[数据挖掘]  NiuParser中文句法语义分析系统
http://www.niuparser.com/
[运维安全]  开源日志关联系统 opensource log Correlation
http://blog.csdn.net/cnbird2008/article/details/39137483
[Web安全]  安全体系建设及安全事件处理的图
http://photo.weibo.com/1931462497/talbum/detail/photo_id/3750317091335133?prel=p6_3#3750317090943084
[数据挖掘]  Vispy: OpenGL-based interactive visualization in Python
http://vispy.org/
[运维安全]  Ubuntu下搭建Zabbix
https://github.com/itnihao/zabbix-book/blob/master/03-chapter/zabbix_install_on_ubuntu.md
[Web安全]  XSS的原理分析与解剖(第二篇)
http://www.freebuf.com/articles/web/42727.html
[数据挖掘]  Data visualization tools for the web
https://github.com/showcases/data-visualization
[其它]  Google 文化学院
https://www.google.com/culturalinstitute/home
[Web安全]  OSX Persistence via PHP Webshell
http://www.room362.com/blog/2014/09/09/osx-persistence-via-php-webshell/
[数据挖掘]  word_cloud:A little word cloud generator in Python
https://github.com/amueller/word_cloud
[取证分析]  Analysis of Chinese MITM on Google
http://www.netresec.com/?page=Blog&month=2014-09&post=Analysis-of-Chinese-MITM-on-Google
[运维安全]  docker的安装及相关使用和说明文档
https://github.com/xufanghui/docker-ua
[数据挖掘]  「新五毛」的推文分析
http://blog.yesmryang.net/wumao-tweet/
[编程技术]  学习苹果Swift语言的一些在线资源
http://www.infoq.com/cn/news/2014/06/apple-swift-learning-resources
[数据挖掘]  聚类算法总结
http://blog.csdn.net/lzt1983/article/details/39236107
[漏洞分析]  memTrace: a framework for lightweight memory tracing
https://github.com/gannimo/memTrace
[移动安全]  瞬间爆炸-root掉你的手机
http://vdisk.weibo.com/s/annw3IyXNuLra/1409920086
[编程技术]  排名前十的SQL和NoSQL数据库
http://www.techug.com/the-top-10-sql-and-nosql-databases
[无线安全]  Advanced WiFi Attacks Using Commodity Hardware
http://modwifi.bitbucket.org/
[其它]  Requests for Startups
http://www.ycombinator.com/rfs/
[其它]  互联网之子(TheInternet's Own Boy): 亚伦·斯沃茨的故事
http://www.tudou.com/programs/view/jefojo_-HjQ/
[Web安全]  passivedns:被动方式收集DNS记录
https://github.com/gamelinux/passivedns
[恶意分析]  Detecting Phishing Sites in Your Logs
http://www.kahusecurity.com/2014/detecting-phishing-sites-in-your-logs/
[Web安全]  Website Security – Compromised Website Used To Hack Home Routers
http://blog.sucuri.net/2014/09/website-security-compromised-website-used-to-hack-home-routers.html
[移动安全]  一次app抓包引发的Android分析(续)
http://drops.wooyun.org/tips/2986
[运维安全]  处理ddos的方法总结
http://photo.weibo.com/1674988364/wbphotos/large/mid/3753194166990838/pid/63d64b4cgw1ek75gid566j21560n9tei
[移动安全]  Denial of App - Google Bug 13416059 分析
http://drops.wooyun.org/tips/2976
[设备安全]  BinaryNinjas Firmware Analysis
http://blog.binaryninjas.org/?p=209
[Web安全]  渗透测试:内网DNS投毒技术劫持会话
http://www.freebuf.com/articles/web/43157.html
[恶意分析]  lastline platform datasheet
http://www.lastline.com/resources/lastline_platform_datasheet.pdf
[编程技术]  d3-cloud:Create word clouds in JavaScript
https://github.com/jasondavies/d3-cloud
[运维安全]  security monitoring and incident response
https://github.com/showcases/security
[编程技术]  SciPy 2014
http://www.youku.com/playlist_show/id_22808640.html
-----微信ID:SecWiki-----
SecWiki,13年来一直专注安全技术资讯分析!
SecWiki:https://www.sec-wiki.com

本期原文地址: SecWiki周刊(第28期)