SecWiki周刊(第300期)
2019/11/25-2019/12/01
安全资讯
欧盟发布5G网络威胁图谱
https://www.4hou.com/info/news/21814.html
https://www.4hou.com/info/news/21814.html
安全技术
Web中间件漏洞总结之Nginx漏洞
https://xz.aliyun.com/t/6801
https://xz.aliyun.com/t/6801
MITRE ATT&CK威胁检测框架研究心得分享
https://mp.weixin.qq.com/s/6fQLlM-B3UAoK6jttBRXYA
https://mp.weixin.qq.com/s/6fQLlM-B3UAoK6jttBRXYA
Snort入侵检测系统的应用
https://mp.weixin.qq.com/s/pjzYte3p-l1CoybGM1v0eQ
https://mp.weixin.qq.com/s/pjzYte3p-l1CoybGM1v0eQ
路由器破解初探之栈溢出漏洞利用
https://xz.aliyun.com/t/6808
https://xz.aliyun.com/t/6808
逆向实战——32位和64位WinRAR破解及去广告
https://mp.weixin.qq.com/s/gZ50Uut2hhghzwXYA04ZDQ
https://mp.weixin.qq.com/s/gZ50Uut2hhghzwXYA04ZDQ
从内网到域控(offensive实战)
https://www.anquanke.com/post/id/193431
https://www.anquanke.com/post/id/193431
Attacking FreeIPA — Part I Authentication
https://posts.specterops.io/attacking-freeipa-part-i-authentication-77e73d837d6a
https://posts.specterops.io/attacking-freeipa-part-i-authentication-77e73d837d6a
代码审计入门之Jeeplus代码审计
https://www.freebuf.com/articles/web/220066.html
https://www.freebuf.com/articles/web/220066.html
CCS'19, London, UK丨论文分享(下)
https://mp.weixin.qq.com/s/IXweRBnhbgeJuPxgAvgP2A
https://mp.weixin.qq.com/s/IXweRBnhbgeJuPxgAvgP2A
安全运营三部曲之安全生态与安全国际
https://mp.weixin.qq.com/s/Fwk_Q7TE5pyq77_-IEp1mg
https://mp.weixin.qq.com/s/Fwk_Q7TE5pyq77_-IEp1mg
Frida框架在Fuzzing中的应用
http://riusksk.me/2019/11/30/Frida%E6%A1%86%E6%9E%B6%E5%9C%A8Fuzzing%E4%B8%AD%E7%9A%84%E5%BA%94%E7%94%A8/
http://riusksk.me/2019/11/30/Frida%E6%A1%86%E6%9E%B6%E5%9C%A8Fuzzing%E4%B8%AD%E7%9A%84%E5%BA%94%E7%94%A8/
Java反序列化漏洞原理解析
https://xz.aliyun.com/t/6787
https://xz.aliyun.com/t/6787
使用Peach进行模糊测试从入门到放弃
https://mp.weixin.qq.com/s/yYkbysywQXD5l-SS0jQ3_A
https://mp.weixin.qq.com/s/yYkbysywQXD5l-SS0jQ3_A
论企业如何快速建立SDL流程
https://mp.weixin.qq.com/s/fIfMGD5HvjN_MVlVb3yriQ
https://mp.weixin.qq.com/s/fIfMGD5HvjN_MVlVb3yriQ
SecWiki周刊(第299期)
https://www.sec-wiki.com/weekly/299
https://www.sec-wiki.com/weekly/299
Redhat 线下赛 WEB WP
https://xz.aliyun.com/t/6826
https://xz.aliyun.com/t/6826
追溯APT组织Lazarus的攻击历程
https://www.4hou.com/web/21763.html
https://www.4hou.com/web/21763.html
Windows内网协议学习NTLM篇之发起NTLM请求
https://www.anquanke.com/post/id/193493
https://www.anquanke.com/post/id/193493
攻防演练对抗赛之初识文件钓鱼
https://mp.weixin.qq.com/s/lhg71lVHfp9PY1m8sYXA_A
https://mp.weixin.qq.com/s/lhg71lVHfp9PY1m8sYXA_A
Nation-State Actors on the Dark Web
https://www.darkowl.com/blog/nation-state-actors-in-the-dark-web
https://www.darkowl.com/blog/nation-state-actors-in-the-dark-web
回调函数绕过D盾小套路
https://xz.aliyun.com/t/6823
https://xz.aliyun.com/t/6823
Windows系统安全事件日志取证工具:LogonTracer
https://www.freebuf.com/sectool/219786.html
https://www.freebuf.com/sectool/219786.html
持久化研究-Scheduled Tasks
https://xz.aliyun.com/t/6822
https://xz.aliyun.com/t/6822
-----微信ID:SecWiki-----
SecWiki,12年来一直专注安全技术资讯分析!
SecWiki:https://www.sec-wiki.com本期原文地址: SecWiki周刊(第300期)
