SecWiki周刊(第294期)
2019/10/14-2019/10/20
安全资讯
黑客通过AWS API密钥窃取到Imperva数据
https://nosec.org/home/detail/3049.html
https://nosec.org/home/detail/3049.html
儿童信息网络泄露严重 日本法律界推动专门立法工作补短板
https://nosec.org/home/detail/3048.html
https://nosec.org/home/detail/3048.html
安全技术
HITB CyberWeek 会议议题 PPT
https://cyberweek.ae/materials/
https://cyberweek.ae/materials/
Suricata安装部署&丢包优化&性能调优&规则调整&Pfring设置
https://github.com/al0ne/suricata_optimize
https://github.com/al0ne/suricata_optimize
Web漏洞Exploit编写——Java篇(一)
http://blog.blankshell.com/2019/10/14/web%e6%bc%8f%e6%b4%9eexploit%e7%bc%96%e5%86%99-java%e7%af%87%ef%bc%88%e4%b8%80%ef%bc%89/
http://blog.blankshell.com/2019/10/14/web%e6%bc%8f%e6%b4%9eexploit%e7%bc%96%e5%86%99-java%e7%af%87%ef%bc%88%e4%b8%80%ef%bc%89/
打造不一样的Shfit映像劫持后门
https://mp.weixin.qq.com/s/ABLJsP2HTe2L_QMLzCV67g
https://mp.weixin.qq.com/s/ABLJsP2HTe2L_QMLzCV67g
细述MITRE ATT&CK框架的实施和使用方式
https://mp.weixin.qq.com/s/bEUGuEQDuxVVi7f6mfnuTQ
https://mp.weixin.qq.com/s/bEUGuEQDuxVVi7f6mfnuTQ
新版burp-loader-keygen-2.jar
https://www.52pojie.cn/thread-1038295-1-1.html
https://www.52pojie.cn/thread-1038295-1-1.html
Suricata 万兆环境部署优化
https://paper.seebug.org/1054/
https://paper.seebug.org/1054/
容器云安全防御机制动态评估与优化框架
https://mp.weixin.qq.com/s/-g2MLk7i0QBToxdE-RHjSw
https://mp.weixin.qq.com/s/-g2MLk7i0QBToxdE-RHjSw
Kibana < 6.6.1 代码执行漏洞复现笔记
https://mp.weixin.qq.com/s/3r41HE3bnNHhWOw42uziTQ
https://mp.weixin.qq.com/s/3r41HE3bnNHhWOw42uziTQ
SecureComm 2019 论文录用列表
https://mp.weixin.qq.com/s/OKvainfalhDiDfvH8nAqXA
https://mp.weixin.qq.com/s/OKvainfalhDiDfvH8nAqXA
APT trends report Q3 2019
https://securelist.com/apt-trends-report-q3-2019/94530/
https://securelist.com/apt-trends-report-q3-2019/94530/
eve-ng搭建攻防域环境
https://xz.aliyun.com/t/6504
https://xz.aliyun.com/t/6504
从 Masscan, Zmap 源码分析到开发实践
https://paper.seebug.org/1052/
https://paper.seebug.org/1052/
jsonp的一些安全问题
https://xz.aliyun.com/t/6539
https://xz.aliyun.com/t/6539
史上最全Windows安全工具锦集
https://www.freebuf.com/sectool/215644.html
https://www.freebuf.com/sectool/215644.html
如何绕过大写过滤器实现XSS攻击
https://nosec.org/home/detail/3047.html
https://nosec.org/home/detail/3047.html
DGA域名的今生前世:缘起、检测、与发展
https://mp.weixin.qq.com/s/xbf0Qbppk8R0nx89Pb4YTg
https://mp.weixin.qq.com/s/xbf0Qbppk8R0nx89Pb4YTg
Charles 4.5.1逆向工程
http://scz.617.cn:8/misc/201910170937.txt
http://scz.617.cn:8/misc/201910170937.txt
新版burp-loader-keygen-2.jar
http://scz.617.cn/misc/201910151519.txt
http://scz.617.cn/misc/201910151519.txt
Signal Sciences 下一代WAF
https://mp.weixin.qq.com/s/daH3UatnuUvkFIq9BrZPyg
https://mp.weixin.qq.com/s/daH3UatnuUvkFIq9BrZPyg
v8 exploit - RealWorld CTF2019 accessible
https://xz.aliyun.com/t/6507
https://xz.aliyun.com/t/6507
如何利用开源工具收集美国关键基础设施情报
https://www.anquanke.com/post/id/188510
https://www.anquanke.com/post/id/188510
绕过雷蛇官网的动态验证码
https://nosec.org/home/detail/3056.html
https://nosec.org/home/detail/3056.html
利用Mcafee管理工具绕过McAfee杀毒软件
https://nosec.org/home/detail/3052.html
https://nosec.org/home/detail/3052.html
泛在电力物联网白皮书2019
https://mp.weixin.qq.com/s/gWLm5KMfkSlhNr0ptmIYwQ
https://mp.weixin.qq.com/s/gWLm5KMfkSlhNr0ptmIYwQ
2019中国信息安全自主可控行业政策盘点及网络安全行业分析
https://www.freebuf.com/articles/paper/214560.html
https://www.freebuf.com/articles/paper/214560.html
SecWiki周刊(第293期)
https://www.sec-wiki.com/weekly/293
https://www.sec-wiki.com/weekly/293
CVE-2019-0547 Windows DHCP Client 代码执行漏洞分析
https://www.anquanke.com/post/id/187894
https://www.anquanke.com/post/id/187894
从一份工作说明书看DHS的SOC运营内容与要求
https://mp.weixin.qq.com/s/3KPU2Ke6HsgeovQXduTU1Q
https://mp.weixin.qq.com/s/3KPU2Ke6HsgeovQXduTU1Q
通过进程创建模拟技术挖掘本地提权漏洞
https://nosec.org/home/detail/2955.html
https://nosec.org/home/detail/2955.html
Windows样本高级静态分析之识别汇编中C代码结构(switch)
https://xz.aliyun.com/t/6505
https://xz.aliyun.com/t/6505
-----微信ID:SecWiki-----
SecWiki,13年来一直专注安全技术资讯分析!
SecWiki:https://www.sec-wiki.com本期原文地址: SecWiki周刊(第294期)
