SecWiki周刊(第325期)
2020/05/18-2020/05/24
安全资讯
2020年度网络安全十大潜力技术及五大市场前瞻
https://mp.weixin.qq.com/s/nDf1ZGvdWnsAt2lGRcF5wg
https://mp.weixin.qq.com/s/nDf1ZGvdWnsAt2lGRcF5wg
安全技术
Netwalker Fileless Ransomware Injected via Reflective Loading
https://blog.trendmicro.com/trendlabs-security-intelligence/netwalker-fileless-ransomware-injected-via-reflective-loading/
https://blog.trendmicro.com/trendlabs-security-intelligence/netwalker-fileless-ransomware-injected-via-reflective-loading/
邮件伪造之SPF绕过的5种思路
https://mp.weixin.qq.com/s/dqntjRLgcOD3D2bi1oDFAw
https://mp.weixin.qq.com/s/dqntjRLgcOD3D2bi1oDFAw
linux系统行为新型实时监控技术
https://mp.weixin.qq.com/s/60BYTv6ST03cguHiFFetVg
https://mp.weixin.qq.com/s/60BYTv6ST03cguHiFFetVg
IE-Bert-CNN: 百度2019语言与智能技术竞赛信息抽取模型
https://github.com/Wangpeiyi9979/IE-Bert-CNN
https://github.com/Wangpeiyi9979/IE-Bert-CNN
Archery: SQL 审核查询平台
https://github.com/hhyo/Archery
https://github.com/hhyo/Archery
记一次从车库到核心网段的渗透之路
https://ca3tie1.github.io/post/On-site-pentest/
https://ca3tie1.github.io/post/On-site-pentest/
对称加密与攻击案例分析
https://paper.seebug.org/1208/
https://paper.seebug.org/1208/
椭圆曲线加密与 NSA 后门考古
https://paper.seebug.org/1209/
https://paper.seebug.org/1209/
2020 Data Breach Investigations Report
https://enterprise.verizon.com/resources/reports/2020-data-breach-investigations-report.pdf
https://enterprise.verizon.com/resources/reports/2020-data-breach-investigations-report.pdf
SecWiki周刊(第324期)
https://www.sec-wiki.com/weekly/324
https://www.sec-wiki.com/weekly/324
通过sourcemap解压缩webpack
https://bacde.me/post/unpack-webpack-via-sourcemap/
https://bacde.me/post/unpack-webpack-via-sourcemap/
浅谈基于开源工具的威胁情报自动化生产
https://paper.seebug.org/1210/
https://paper.seebug.org/1210/
Cross-site scripting (XSS) cheat sheet - 2020
https://portswigger.net/web-security/cross-site-scripting/cheat-sheet#onafterscriptexecute
https://portswigger.net/web-security/cross-site-scripting/cheat-sheet#onafterscriptexecute
2020网鼎杯朱雀组部分Web题wp
https://www.anquanke.com/post/id/205679
https://www.anquanke.com/post/id/205679
图神经网络欺诈检测方法总结
https://mp.weixin.qq.com/s/ewzsURiU7bfG3gObzIP2Mw
https://mp.weixin.qq.com/s/ewzsURiU7bfG3gObzIP2Mw
再谈作为生产要素的数据安全
https://mp.weixin.qq.com/s/hkv4y7pQRBjLCgm3StKVSQ
https://mp.weixin.qq.com/s/hkv4y7pQRBjLCgm3StKVSQ
雄迈 IPC 摄像头后门漏洞分析
https://www.anquanke.com/post/id/206004
https://www.anquanke.com/post/id/206004
内网安全攻击模拟和异常检测规则实战
https://mp.weixin.qq.com/s/kELnd0dAGe8Qa-lkJtcoNQ
https://mp.weixin.qq.com/s/kELnd0dAGe8Qa-lkJtcoNQ
黑灰产的廉价“温床”——跑分平台
https://www.anquanke.com/post/id/205684
https://www.anquanke.com/post/id/205684
2019年开源软件风险研究报告
https://mp.weixin.qq.com/s/VgoS1EftRFcYv9n2PJHoRg
https://mp.weixin.qq.com/s/VgoS1EftRFcYv9n2PJHoRg
Browser Pwn XNUCA2019-JIT 分析与利用
https://www.anquanke.com/post/id/205572
https://www.anquanke.com/post/id/205572
简单梳理一下机器学习可解释性(Interpretability)
https://zhuanlan.zhihu.com/p/141013178
https://zhuanlan.zhihu.com/p/141013178
基于Docker的固件模拟
https://mp.weixin.qq.com/s/t8ijT6pBjT9vB5yrd9Qstw
https://mp.weixin.qq.com/s/t8ijT6pBjT9vB5yrd9Qstw
DeTTECT: Detect Tactics, Techniques & Combat Threats
https://github.com/rabobank-cdc/DeTTECT
https://github.com/rabobank-cdc/DeTTECT
SQL注入基础整理及Tricks总结
https://www.anquanke.com/post/id/205376
https://www.anquanke.com/post/id/205376
通过两道题浅看java安全
https://www.anquanke.com/post/id/205215
https://www.anquanke.com/post/id/205215
SANS:2020年自动化与集成调查报告
https://mp.weixin.qq.com/s/NZNK95gtUAFqMsxkgknTCQ
https://mp.weixin.qq.com/s/NZNK95gtUAFqMsxkgknTCQ
郭威:金融企业重保一线经验分享
https://mp.weixin.qq.com/s/2MNCTggf5bWT8NAYGyIVIQ
https://mp.weixin.qq.com/s/2MNCTggf5bWT8NAYGyIVIQ
红队-C2 Server基础构建
https://xz.aliyun.com/t/7758
https://xz.aliyun.com/t/7758
-----微信ID:SecWiki-----
SecWiki,13年来一直专注安全技术资讯分析!
SecWiki:https://www.sec-wiki.com本期原文地址: SecWiki周刊(第325期)
