SecWiki周刊(第330期)
2020/06/22-2020/06/28
安全技术
[恶意分析]  APT的思考: PowerShell命令混淆高级对抗
https://mp.weixin.qq.com/s/Sg0LK8emSWP1m-yds4VGrQ
[运维安全]  攻防演习-红军的反击
https://mp.weixin.qq.com/s/WrQa0XoBSak3HM1l650HEg
[Web安全]  sqlmap绕过csrf检测进行注入
https://blog.blankshell.com/2020/06/25/sqlmap%e7%bb%95%e8%bf%87csrf%e6%a3%80%e6%b5%8b%e8%bf%9b%e8%a1%8c%e6%b3%a8%e5%85%a5/
[工具]  WMI攻击与安全防御
https://mp.weixin.qq.com/s/wA7SXfVM3jYsH1VhZqANrA
[Web安全]  python cms审计记录
https://github.com/MisakiKata/python_code_audit/blob/master/%E5%AE%9E%E6%88%98%E6%93%8D%E4%BD%9C.md
[编程技术]  安全框架之综述
https://mp.weixin.qq.com/s/4jec18NXjV6UwubzrYgwzg
[运维安全]  hihttps: 一款完整源码的高性能Web应用防火墙
https://github.com/qq4108863/hihttps
[数据挖掘]  知识图谱之知识表示篇(一)
https://zhuanlan.zhihu.com/p/148785892
[Web安全]  Tomcat基于Servlet的无文件webshell的相关技术研究
https://mp.weixin.qq.com/s/gYGrdDtIldzrE7NHSxTDYQ
[Web安全]  从0到1学会搭建小型企业拓扑到由外向内的渗透测试
https://www.anquanke.com/post/id/208992
[漏洞分析]  循序渐进分析CVE-2020-1066
https://mp.weixin.qq.com/s/TU5Obmd76QdhfQ-40UxUBQ
[取证分析]  Mining DNS MX Records for Fun and Profit
https://medium.com/@jason_trost/mining-dns-mx-records-for-fun-and-profit-7a069da9ee2d
[取证分析]  手工打造基于ATT&CK矩阵的EDR系统
https://www.freebuf.com/articles/system/239107.html
[视频]   DIMVA 2020 视频列表
https://www.youtube.com/watch?v=8MM0qif7Qjw&list=PLm_RjVa4jQG9hGaSZQcsWgFO87CA_iTzq
[Web安全]  Linux Pam后门总结拓展
https://xz.aliyun.com/t/7902
[Web安全]  PWDB - New generation of Password Mass-Analysis
https://github.com/FlameOfIgnis/Pwdb-Public
[漏洞分析]  解释器类型的Pwn题目总结
https://www.anquanke.com/post/id/208940
[漏洞分析]  图解利用虚函数过GS保护
https://www.freebuf.com/vuls/238736.html
[数据挖掘]  标签传播算法解读
https://mp.weixin.qq.com/s/dX6CouK7LGNbXsRxRnS26w
[Web安全]  FOFA搜索结果提取技术分析
https://www.freebuf.com/sectool/238018.html
[运维安全]  Recovering Credentials from a Process inside a Docker Container
https://blog.pentesteracademy.com/recovering-credentials-from-a-docker-container-process-using-docker-checkpoint-and-gdb-ea22e8898d2b
[恶意分析]  Powershell免杀的探索
https://xz.aliyun.com/t/7903
[设备安全]  设备固件提取小结
https://www.freebuf.com/articles/terminal/229567.html
[其它]  SPIDER: Enabling Fast Patch Propagation in Related Software Repositories
https://securitygossip.com/blog/2020/05/26/spider-enabling-fast-patch-propagation-in-related-software-repositories/
[其它]  Java 安全-RMI-学习总结
https://paper.seebug.org/1251/
[Web安全]  自动化测试工具APPium初探
https://mp.weixin.qq.com/s/wwlqd_kO7vfpP6vTPrW_6Q
[Web安全]  Java代码审计之Struts2-001
https://xz.aliyun.com/t/7915
[恶意分析]  代码克隆检测技术
https://www.zuozuovera.com/archives/1668/
[恶意分析]  Rovnix Bootkit 恶意软件相关活动分析
https://paper.seebug.org/1253/
[Web安全]  Java Deserialization Exploitation With Customized Ysoserial Payloads
https://rhinosecuritylabs.com/research/java-deserializationusing-ysoserial/
[恶意分析]  Zloader的DGA算法解析
https://www.freebuf.com/articles/others-articles/238700.html
[Web安全]  Using SQL Injection to perform SSRF/XSPA attacks
https://ibreak.software/2020/06/using-sql-injection-to-perform-ssrf-xspa-attacks/
[漏洞分析]  基于异常的猎杀行动——自保护触发自杀
https://www.anquanke.com/post/id/209035
[其它]  Active Directory Exploitation Cheat Sheet
https://github.com/Integration-IT/Active-Directory-Exploitation-Cheat-Sheet
[杂志]  SecWiki周刊(第329期)
https://www.sec-wiki.com/weekly/329
[漏洞分析]  MLDetectVuln: AI算法解决大规模二进制程序函数相似性分析
https://github.com/Anemone95/MLDetectVuln
-----微信ID:SecWiki-----
SecWiki,13年来一直专注安全技术资讯分析!
SecWiki:https://www.sec-wiki.com

本期原文地址: SecWiki周刊(第330期)