SecWiki周刊(第309期)
2020/01/27-2020/02/02
安全资讯
[法规]  2019年网络安全政策法规回顾
https://www.anquanke.com/post/id/197556
安全技术
[Web安全]  ATT&CK红队评估实战靶场vulnstack
https://mp.weixin.qq.com/s/vmUqdSbZXh6698R8IHoOyw
[Web安全]  收集整理的23种文件下载的方式
https://mp.weixin.qq.com/s/bmA73FSjVPqpiaacz-btAQ
[Web安全]  Java代码审计之入门篇(一)
https://www.anquanke.com/post/id/197641
[取证分析]  Decrypt WhatsApp encrypted media files
https://github.com/ddz/whatsapp-media-decrypt
[漏洞分析]  对zimbra邮服认证机制的一些探索
https://mp.weixin.qq.com/s/u-p6_srzby1bbejqClmf-A
[杂志]  SecWiki周刊(第308期)
https://www.sec-wiki.com/weekly/308
[工具]  IotShark - Monitoring and Analyzing IoT Traffic
https://github.com/sahilmgandhi/IotShark
[数据挖掘]  工业级知识图谱:经验与挑战
https://mp.weixin.qq.com/s/4Fdpik3EtEng-ri_7tGM0A
[漏洞分析]  Code injection in Workflows leading to SharePoint RCE (CVE-2020-0646)
https://www.mdsec.co.uk/2020/01/code-injection-in-workflows-leading-to-sharepoint-rce-cve-2020-0646/
[Web安全]  记一次验签机制伪造绕过的继续渗透测试
https://xz.aliyun.com/t/7143
[漏洞分析]  远程云端执行(RCE):Azure云架构中的漏洞分析(Part 1)
https://www.anquanke.com/post/id/197713
[数据挖掘]  从产品视角重新定义“检测”和“分析”
https://mp.weixin.qq.com/s/oq3T1fSKAHeDfWZNpciXSw
[恶意分析]  DailyIOC: IOC from articles, tweets for archives
https://github.com/StrangerealIntel/DailyIOC
[数据挖掘]  首届中文NL2SQL挑战赛决赛第3名方案+代码
https://github.com/beader/tianchi_nl2sql
[恶意分析]  emergency-response-checklist:应急响应指南
https://github.com/theLSA/emergency-response-checklist
-----微信ID:SecWiki-----
SecWiki,12年来一直专注安全技术资讯分析!
SecWiki:https://www.sec-wiki.com

本期原文地址: SecWiki周刊(第309期)