SecWiki周刊(第31期)
2014/09/29-2014/10/05
安全资讯
[Web安全]  ISC 2014中国互联网安全大会全纪实
http://www.freebuf.com/news/special/45524.html
安全技术
[Web安全]  Black Hat USA 2014 videos (playlist)
https://www.youtube.com/playlist?list=UUbbgnifxfH-nqx6z9XQ963Q
[其它]  阿里巴巴上市背后的技术力量
http://www.infoq.com/cn/news/2014/09/alibaba-ipo-tech-power
[恶意分析]  A Glance Into the Neutrino Botnet
http://blogs.mcafee.com/mcafee-labs/glance-neutrino-botnet
[取证分析]  SU-CTF 2014 – Cryptography 100 – Huge key writeup
http://wiremask.eu/su-ctf-2014-cryptography-100-huge-key-writeup/
[取证分析]  取证学习资料DVD
http://blog.csdn.net/cnbird2008/article/details/39737265
[会议]  shmoocon 2014 video
https://www.youtube.com/user/ChRiStIaAn008/playlists
[漏洞分析]  BAP: Binary Analysis Platform
http://bap.ece.cmu.edu/
[设备安全]  分享那些移动平台下的PLC数据远程监控调试软件
http://plcscan.org/blog/2014/10/simple-mobile-scada-solution/
[Web安全]  DNS tunnel的实现--dnscat2
http://x0day.me/index.php/archives/dns-tunnel-with-dnscat2.html
[移动安全]  Android动态逆向分析工具ZjDroid--脱壳神器
http://blog.csdn.net/androidsecurity/article/details/38121585
[Web安全]  Win2003提权资料分享
http://blog.wils0n.cn/?id=12
[漏洞分析]  Collection of Proof of Concepts and Potential Targets for #ShellShocker
https://github.com/mubix/shellshocker-pocs
[恶意分析]  “破壳”漏洞相关恶意代码样本分析报告
http://www.antiy.com/response/Analysis_Report_on_Sample_Set_of_Bash_Shellshock.html
[设备安全]  Psychson:Custom Firmware & Existing Firmware Patches
https://github.com/adamcaudill/Psychson
[移动安全]  Lacoon Discovers Xsser mRAT, the First Advanced iOS Trojan
https://www.lacoon.com/lacoon-discovers-xsser-mrat-first-advanced-ios-trojan/
[其它]  网络威慑与网络战争
http://www.valleytalk.org/2014/09/30/%e5%85%b0%e5%be%b7%e6%99%ba%e5%ba%93-%e3%80%82%e3%80%8a%e7%bd%91%e7%bb%9c%e5%a8%81%e6%85%91%e4%b8%8e%e7%bd%91%e7%bb%9c%e6%88%98%e4%ba%89%e3%80%8b/
[Web安全]  MITMf:Framework for Man-In-The-Middle attacks
https://github.com/byt3bl33d3r/MITMf
[其它]  美国众议院对华为与中兴的调查报告
http://vdisk.weibo.com/s/EtFH2YKZqKyw/1411924034
[Web安全]  maxisploit-scanner
https://code.google.com/p/maxisploit-scanner/
[Web安全]  中国被黑网站信息自动收集与统计
http://www.oschina.net/code/snippet_2008177_38727
[移动安全]  Dockerfiles:Build files for android-cross-compile
https://github.com/ddrown/Dockerfiles
[Web安全]  JCTF Writeup
http://drops.wooyun.org/tips/3131
[移动安全]  Android运行时ART加载OAT文件的过程分析
http://blog.csdn.net/luoshengyang/article/details/39307813
[漏洞分析]  CVE2014-6287分析报告
http://drops.wooyun.org/papers/3091
[Web安全]  XDCTF Web的WriteUp – parsec
http://parsec.me/800.html
[Web安全]  域渗透基础
http://blog.wils0n.cn/?id=5
[恶意分析]  Advanced Malware Analysis Training Session 4
http://www.slideshare.net/securityxploded/advanced-malware-analysis-training-session-4-antianalysis-techniques
[移动安全]  Chinese Android mRAT Spyware Targets Hong Kong Protest
https://www.lacoon.com/chinese-government-targets-hong-kong-protesters-android-mrat-spyware/
[编程技术]  初探单点登录 SSO
http://daoluan.net/blog/single-sign-on/
[移动安全]  移动安全这五年
http://bbs.pediy.com/showthread.php?p=1320731
[漏洞分析]  Vuln Hunt: Find the Security Vulnerability Challenge #1
http://blogs.microsoft.com/cybertrust/2014/10/02/vuln-hunt-find-the-security-vulnerability-challenge-1/
[Web安全]  Wiki-like CTF write-ups repository
https://github.com/ctfs/write-ups
[编程技术]  Android攻城狮的第一门课
http://www.imooc.com/learn/96
-----微信ID:SecWiki-----
SecWiki,12年来一直专注安全技术资讯分析!
SecWiki:https://www.sec-wiki.com

本期原文地址: SecWiki周刊(第31期)