SecWiki周刊(第35期)
2014/10/27-2014/11/02
安全资讯
无需木马感染即可监听键盘:新型恶意软件ScanBox问世
http://www.freebuf.com/news/49421.html
http://www.freebuf.com/news/49421.html
漏洞预警:FTP曝严重远程执行漏洞,影响多个版本Unix(附检测脚本)
http://www.freebuf.com/news/49411.html
http://www.freebuf.com/news/49411.html
Operation SMN – Disruption of Axiom Group
http://www.isightpartners.com/2014/10/operation-smn-axiom-group/
http://www.isightpartners.com/2014/10/operation-smn-axiom-group/
Hackers Are Using Gmail Drafts to Update Their Malware
http://www.wired.com/2014/10/hackers-using-gmail-drafts-update-malware-steal-data/
http://www.wired.com/2014/10/hackers-using-gmail-drafts-update-malware-steal-data/
一周海外安全事件回顾(10.20-10.26):IoT攻击的崛起
http://www.freebuf.com/news/49470.html
http://www.freebuf.com/news/49470.html
安全技术
Pro Git book V2
http://git-scm.com/book/en/v2
http://git-scm.com/book/en/v2
CVE-2014-3393详细分析与复现
http://drops.wooyun.org/papers/3451
http://drops.wooyun.org/papers/3451
Reflected File Download - A New Web Attack Vector
http://blog.spiderlabs.com/2014/10/reflected-file-download-the-white-paper.html
http://blog.spiderlabs.com/2014/10/reflected-file-download-the-white-paper.html
基于Android的ELF PLT/GOT符号重定向过程及ELF Hook实现
http://bbs.pediy.com/showthread.php?p=1326515#post1326515
http://bbs.pediy.com/showthread.php?p=1326515#post1326515
windows常见反调试
http://syclover.sinaapp.com/?p=350
http://syclover.sinaapp.com/?p=350
基于漏洞的安全攻防再思考:天下武功唯快不破
http://www.d1net.com/security/news/295159.html
http://www.d1net.com/security/news/295159.html
SQLi God Syntax V1.0
https://www.facebook.com/sqli.gurus/posts/721463764601880
https://www.facebook.com/sqli.gurus/posts/721463764601880
高级PHP应用程序漏洞审核技术
https://code.google.com/p/pasc2at/wiki/SimplifiedChinese
https://code.google.com/p/pasc2at/wiki/SimplifiedChinese
ISC2014:数据分析、关键词和地下产业
http://open.freebuf.com/inland/411.html
http://open.freebuf.com/inland/411.html
Spark Meetup的ppt
http://www.meetup.com/Shanghai-Apache-Spark-Meetup/files/
http://www.meetup.com/Shanghai-Apache-Spark-Meetup/files/
Workshop: Big Data Visualization for Security
http://www.slideshare.net/zrlram/workshop-big-data-visualization-for-security
http://www.slideshare.net/zrlram/workshop-big-data-visualization-for-security
R7-2014-15: GNU Wget FTP Symlink Arbitrary Filesystem Access
https://community.rapid7.com/community/metasploit/blog/2014/10/28/r7-2014-15-gnu-wget-ftp-symlink-arbitrary-filesystem-access
https://community.rapid7.com/community/metasploit/blog/2014/10/28/r7-2014-15-gnu-wget-ftp-symlink-arbitrary-filesystem-access
Windows x64下提权Exploit整理
http://le4f.net/post/post/windows-x64-local-privilege-escalation
http://le4f.net/post/post/windows-x64-local-privilege-escalation
viper:Binary analysis framework
https://github.com/botherder/viper
https://github.com/botherder/viper
使用WebRTC搭建前端视频聊天室——入门篇
http://segmentfault.com/blog/skyinlayer/1190000000436544
http://segmentfault.com/blog/skyinlayer/1190000000436544
CVE-2014-4113漏洞利用过程分析
http://www.tuicool.com/articles/BBbMju
http://www.tuicool.com/articles/BBbMju
Oracle Forms 10g 未认证远程代码执行漏洞分析(CVE-2014-4278)
http://www.secpulse.com/archives/1713.html
http://www.secpulse.com/archives/1713.html
21副GIF动图让你了解各种数学概念 | 外刊IT评论
http://www.vaikan.com/math-gifs/
http://www.vaikan.com/math-gifs/
Help! My IP Address Has Been Hijacked!
http://blogs.cisco.com/security/talos/help-my-ip-address-has-been-hijacked/
http://blogs.cisco.com/security/talos/help-my-ip-address-has-been-hijacked/
WiFi破解视频
http://pan.baidu.com/s/1qWx2hbA
http://pan.baidu.com/s/1qWx2hbA
cve2014-3153 漏洞之详细分析与利用
http://blog.topsec.com.cn/ad_lab/cve2014-3153/
http://blog.topsec.com.cn/ad_lab/cve2014-3153/
Nginx下多站点正确限制目录php执行权限
http://www.freebuf.com/articles/system/49428.html
http://www.freebuf.com/articles/system/49428.html
金刚——Android漏洞审计利器
http://security.tencent.com/index.php/blog/msg/73
http://security.tencent.com/index.php/blog/msg/73
网络基本功系列:细说网络那些事儿
https://community.emc.com/thread/197851?tstart=0
https://community.emc.com/thread/197851?tstart=0
CVE-2014-4414漏洞分析报告
http://sec.chinabyte.com/129/13110129.shtml
http://sec.chinabyte.com/129/13110129.shtml
Web安全工程师-学习流程
http://www.sec-wiki.com/skill/2
http://www.sec-wiki.com/skill/2
USE-AFTER-FREE NOT DEAD IN INTERNET EXPLORER: PART 1
http://k33nteam.org/blog-4-use-after-free-not-dead-in-internet-explorer-part-1.htm
http://k33nteam.org/blog-4-use-after-free-not-dead-in-internet-explorer-part-1.htm
CVE-2014-3393 Cisco ASA Software远程认证绕过漏洞
http://xteam.baidu.com/?p=49
http://xteam.baidu.com/?p=49
给程序员推荐一些提高工作效率的工具 | IT江湖
http://www.itjhwd.com/gcxytjyg/
http://www.itjhwd.com/gcxytjyg/
Operation SMN Full Report
http://www.novetta.com/files/9714/1446/8199/Executive_Summary-Final_1.pdf
http://www.novetta.com/files/9714/1446/8199/Executive_Summary-Final_1.pdf
调戏:Anti内存修改的梗
http://bbs.pediy.com/showthread.php?t=193850
http://bbs.pediy.com/showthread.php?t=193850
Twitter的野心:我们终将弃用密码
http://www.freebuf.com/news/49056.html
http://www.freebuf.com/news/49056.html
pyInspector:python inspect rootkit tool
https://github.com/pianoboysai/pyInspector
https://github.com/pianoboysai/pyInspector
Reversing D-Link’s WPS Pin Algorithm
http://www.devttys0.com/2014/10/reversing-d-links-wps-pin-algorithm/
http://www.devttys0.com/2014/10/reversing-d-links-wps-pin-algorithm/
Powershell tricks::Bypass AV
http://drops.wooyun.org/tips/3353
http://drops.wooyun.org/tips/3353
AKANA:APK弱点分析平台
http://akana.mobiseclab.org/index.jsp
http://akana.mobiseclab.org/index.jsp
如何成为一名黑客?
http://blog.jobbole.com/64196/
http://blog.jobbole.com/64196/
数据库触发器提权实验
http://phpsec.sinaapp.com/?p=289
http://phpsec.sinaapp.com/?p=289
搭建网站要考虑的事情
http://www.itjhwd.com/djwzglsq/
http://www.itjhwd.com/djwzglsq/
watchdog:监控文件系统事件的Python库和shell工具
http://hao.jobbole.com/python-watchdog/
http://hao.jobbole.com/python-watchdog/
“绕过”HIPS控制进程的初步探索
http://bbs.kafan.cn/thread-1777037-1-1.html
http://bbs.kafan.cn/thread-1777037-1-1.html
整理的Android开发资源
http://www.kuqin.com/shuoit/20140721/341305.html
http://www.kuqin.com/shuoit/20140721/341305.html
前端代码规范 及 最佳实践
http://blog.jobbole.com/79075/
http://blog.jobbole.com/79075/
破壳漏洞(CVE-2014-6271)综合分析:“破壳”漏洞系列分析之三
http://www.freebuf.com/articles/system/48406.html
http://www.freebuf.com/articles/system/48406.html
CVE-2014-4877 [wget] 分析
http://weibo.com/678750615
http://weibo.com/678750615
Xcon2014 && Geekpwn2014
http://www.cnblogs.com/LittleHann/p/4053307.html
http://www.cnblogs.com/LittleHann/p/4053307.html
Threat Introduced via Browser Extensions
http://blog.sucuri.net/2014/10/threat-introduced-via-browser-extensions.html
http://blog.sucuri.net/2014/10/threat-introduced-via-browser-extensions.html
Linksys WRT54G 固件分析并添加后门(译)
http://blog.depressedmarvin.com/blog/2014/10/08/linksys-wrt56g-backdoor-payload/
http://blog.depressedmarvin.com/blog/2014/10/08/linksys-wrt56g-backdoor-payload/
spindle:Web日志分析查询
https://github.com/adobe-research/spindle
https://github.com/adobe-research/spindle
Cisco ASA Software远程认证绕过漏洞
http://drops.wooyun.org/papers/3459
http://drops.wooyun.org/papers/3459
RootKit Detection + Prevention
http://forum.sysinternals.com/rootkit-detection-prevention_topic962.html
http://forum.sysinternals.com/rootkit-detection-prevention_topic962.html
精益技术简历之道——改善技术简历的47条原则
http://zh.lucida.me/blog/lean-technical-resume/
http://zh.lucida.me/blog/lean-technical-resume/
调戏:Anti硬断的梗(2)
http://bbs.pediy.com/showthread.php?t=193849
http://bbs.pediy.com/showthread.php?t=193849
Begnning Yii 2 0 (1 of 15)
https://www.youtube.com/watch?v=7KAhgrBDl3A
https://www.youtube.com/watch?v=7KAhgrBDl3A
CVE-2014-0569漏洞分析
http://blog.sina.com.cn/s/blog_6fc131560102v68r.html
http://blog.sina.com.cn/s/blog_6fc131560102v68r.html
几十种编程语言的快速入门教程
http://top.jobbole.com/15551/
http://top.jobbole.com/15551/
安全人员基本技能
http://www.sec-wiki.com/skill/1
http://www.sec-wiki.com/skill/1
经典难忘,360安全卫士10大版本回顾
http://bbs.kafan.cn/thread-1782564-1-1.html
http://bbs.kafan.cn/thread-1782564-1-1.html
dorothy2:A malware/botnet analysis framework written in Ruby
https://github.com/m4rco-/dorothy2
https://github.com/m4rco-/dorothy2
mogutt:企业办公即时通信软件
https://github.com/mogutt/README
https://github.com/mogutt/README
IDA Proc脚本系列:MSDN注释插件
http://www.tuicool.com/articles/y6Zzqim
http://www.tuicool.com/articles/y6Zzqim
GeekPwn集锦
http://www.91ri.org/11202.html
http://www.91ri.org/11202.html
.user.ini文件构成的PHP后门
http://drops.wooyun.org/tips/3424
http://drops.wooyun.org/tips/3424
Google停止对SSL 3.0的支持
http://www.infoq.com/cn/news/2014/10/google-ssl3
http://www.infoq.com/cn/news/2014/10/google-ssl3
NSC2014顶级黑客纵论安全之道
http://www.ijiandao.com/safe/salon/8590.html
http://www.ijiandao.com/safe/salon/8590.html
APT28: A Window into Russia’s Cyber Espionage Operations?
http://www.fireeye.com/blog/technical/2014/10/apt28-a-window-into-russias-cyber-espionage-operations.html
http://www.fireeye.com/blog/technical/2014/10/apt28-a-window-into-russias-cyber-espionage-operations.html
Kaspersky Hooking Engine Analysis
https://quequero.org/2014/10/kaspersky-hooking-engine-analysis/
https://quequero.org/2014/10/kaspersky-hooking-engine-analysis/
some common vulnerability checklist for iOS
http://www.slideshare.net/subho0071/pluggedin71
http://www.slideshare.net/subho0071/pluggedin71
osquery:Operating system instrumentation and monitoring
http://osquery.io/
http://osquery.io/
使用WebRTC搭建前端视频聊天室——信令篇
http://segmentfault.com/blog/skyinlayer/1190000000439103
http://segmentfault.com/blog/skyinlayer/1190000000439103
About Cisco ASA SSL VPN Backdoor
http://www.secpulse.com/archives/1694.html
http://www.secpulse.com/archives/1694.html
PM(产品经理)四件套
http://www.ikent.me/blog/4882
http://www.ikent.me/blog/4882
Android恶意代码编年史
http://blog.avlyun.com/1577.html
http://blog.avlyun.com/1577.html
Jinja2 2.0 /utils.py urlize vulnerability
http://www.hackersoul.com/post/jinja2_2_0_urlize_vulnerability.html
http://www.hackersoul.com/post/jinja2_2_0_urlize_vulnerability.html
手机银行https证书有效性验证引发的安全问题
http://phpsec.sinaapp.com/?p=316
http://phpsec.sinaapp.com/?p=316
从入门到精通:WiFi渗透
http://www.freebuf.com/vuls/48957.html
http://www.freebuf.com/vuls/48957.html
How to Start a Startup
http://startupclass.samaltman.com/
http://startupclass.samaltman.com/
使用WebRTC搭建前端视频聊天室——数据通道篇
http://segmentfault.com/blog/skyinlayer/1190000000733779
http://segmentfault.com/blog/skyinlayer/1190000000733779
360儿童卫士2 APP的https中间人劫持分析报告
http://weibo.com/p/1001603770739458185009
http://weibo.com/p/1001603770739458185009
balbuzard:package of malware analysis tools
https://bitbucket.org/decalage/balbuzard/
https://bitbucket.org/decalage/balbuzard/
Malicious USB Disks Allow For Possible Whole System Cont
http://blog.trendmicro.com/trendlabs-security-intelligence/cve-2014-4115-analysis-malicious-usb-disks-allow-for-possible-whole-system-control/
http://blog.trendmicro.com/trendlabs-security-intelligence/cve-2014-4115-analysis-malicious-usb-disks-allow-for-possible-whole-system-control/
警惕最新的Smoke Loader和Andromeda变种botnet
http://blog.vulnhunt.com/index.php/2014/10/29/smoke-loader_and_andromeda_botnet/
http://blog.vulnhunt.com/index.php/2014/10/29/smoke-loader_and_andromeda_botnet/
免费学习编程的9个地方
http://code.csdn.net/news/2822252
http://code.csdn.net/news/2822252
qtunnel:A secure socket tunnel
https://github.com/getqujing/qtunnel
https://github.com/getqujing/qtunnel
BAT及各大互联网公司2014前端笔试面试题:HTML/CSS篇
http://cloudbbs.org/forum.php?mod=viewthread&tid=28375
http://cloudbbs.org/forum.php?mod=viewthread&tid=28375
Mysql Trigger
http://drops.wooyun.org/tips/3435
http://drops.wooyun.org/tips/3435
Hack.lu 2014 Writeup
http://gou.gg/blog/hacklu_2014.html
http://gou.gg/blog/hacklu_2014.html
安全专题
学习编程的视频网站
https://www.sec-wiki.com/topic/51
https://www.sec-wiki.com/topic/51
Android root exploits
https://www.sec-wiki.com/topic/50
https://www.sec-wiki.com/topic/50
-----微信ID:SecWiki-----
SecWiki,13年来一直专注安全技术资讯分析!
SecWiki:https://www.sec-wiki.com本期原文地址: SecWiki周刊(第35期)
