SecWiki周刊(第351期)
2020/11/16-2020/11/22
安全技术
针对小程序的漏洞挖掘
https://www.sec-in.com/article/648
https://www.sec-in.com/article/648
TailorScan: 自用缝合怪内网扫描器
https://github.com/uknowsec/TailorScan
https://github.com/uknowsec/TailorScan
2020西湖论剑IoT闯关赛回顾&Writeup
https://mp.weixin.qq.com/s/IGZUIY2w8aRJZUbZa3UqHA
https://mp.weixin.qq.com/s/IGZUIY2w8aRJZUbZa3UqHA
太湖杯密码学 Aegis 题解
https://www.anquanke.com/post/id/222629
https://www.anquanke.com/post/id/222629
webscan:browser-based network IP scanner
http://samy.pl/webscan/
http://samy.pl/webscan/
从0到tfp0第一部分:基础知识
https://xz.aliyun.com/t/8509
https://xz.aliyun.com/t/8509
Linux透明代理在红队渗透中的应用
https://payloads.online/archivers/2020-11-13/1
https://payloads.online/archivers/2020-11-13/1
Greybox Automatic Exploit Generation for Heap Overflows in Language Interpreters
https://seanhn.files.wordpress.com/2020/11/heelan_phd_thesis.pdf
https://seanhn.files.wordpress.com/2020/11/heelan_phd_thesis.pdf
Advanced Threat predictions for 2021
https://securelist.com/apt-predictions-for-2021/99387/
https://securelist.com/apt-predictions-for-2021/99387/
zbn: 安全编排与自动化响应平台
https://github.com/zbnio/zbn
https://github.com/zbnio/zbn
NIST《网络靶场指南》浅析
https://mp.weixin.qq.com/s/0FQwtu-TKyVuaAhpdu0huA
https://mp.weixin.qq.com/s/0FQwtu-TKyVuaAhpdu0huA
探索先进自动化漏洞挖掘技术中的不足
https://mp.weixin.qq.com/s/1q_YCJoyCREtgU3X2_0uqQ
https://mp.weixin.qq.com/s/1q_YCJoyCREtgU3X2_0uqQ
2020NPUCTF公开赛 WEB部分Writeup
https://www.sec-in.com/article/280
https://www.sec-in.com/article/280
利用avdump转储lsass.exe进程
https://mp.weixin.qq.com/s/bHDMTlY-YZxx9dS-MqQfRA
https://mp.weixin.qq.com/s/bHDMTlY-YZxx9dS-MqQfRA
高级的MSSQL注入技巧
https://xz.aliyun.com/t/8513
https://xz.aliyun.com/t/8513
强网杯2020决赛RealWord题ADoBe(ADB)
https://www.anquanke.com/post/id/222391
https://www.anquanke.com/post/id/222391
神经工程与脑机接口信息安全 全景图 V0.1
https://www.anquanke.com/post/id/223008
https://www.anquanke.com/post/id/223008
Python 源码混淆与加密
https://mp.weixin.qq.com/s/LmxdXRjMCOIisQzCISBoGw
https://mp.weixin.qq.com/s/LmxdXRjMCOIisQzCISBoGw
常见WAF进程/服务与WAF识别总结
https://mp.weixin.qq.com/s/qjLCgmSPOY0iaF53g7VzMg
https://mp.weixin.qq.com/s/qjLCgmSPOY0iaF53g7VzMg
Decrypting OpenSSH sessions for fun and profit
https://research.nccgroup.com/2020/11/11/decrypting-openssh-sessions-for-fun-and-profit/
https://research.nccgroup.com/2020/11/11/decrypting-openssh-sessions-for-fun-and-profit/
玩转容器安全一 - 虚拟机搭建简易版K8s集群
https://blog.csdn.net/bloodzero_new/article/details/109829702
https://blog.csdn.net/bloodzero_new/article/details/109829702
知名网络空间普查与网络测绘组织研究报告 第二期-Shodan篇
http://plcscan.org/blog/2020/11/research-report-of-renowned-internet-census-organization-shodan/
http://plcscan.org/blog/2020/11/research-report-of-renowned-internet-census-organization-shodan/
国内在线车联网平台(道路运输车辆卫星定位系统)安全威胁分析报告
http://plcscan.org/blog/2020/11/china-internet-of-vehicles-security-threat-analysis-report/
http://plcscan.org/blog/2020/11/china-internet-of-vehicles-security-threat-analysis-report/
基于某款游戏利用的反射攻击分析
https://security.tencent.com/index.php/blog/msg/169
https://security.tencent.com/index.php/blog/msg/169
看雪Re_翩若惊鸿
https://www.sec-in.com/article/661
https://www.sec-in.com/article/661
SecWiki周刊(第350期)
https://www.sec-wiki.com/weekly/350
https://www.sec-wiki.com/weekly/350
记一次三层网络环境的靶场渗透
https://xz.aliyun.com/t/8519
https://xz.aliyun.com/t/8519
浅谈URI中的任意文件下载
https://www.sec-in.com/article/549
https://www.sec-in.com/article/549
回首再看CTF中的那些PHP弱类型
https://www.sec-in.com/article/654
https://www.sec-in.com/article/654
常见反病毒进程/服务/识别总结
https://mp.weixin.qq.com/s/0BslalFBU0pmf0TbLus2UA
https://mp.weixin.qq.com/s/0BslalFBU0pmf0TbLus2UA
-----微信ID:SecWiki-----
SecWiki,13年来一直专注安全技术资讯分析!
SecWiki:https://www.sec-wiki.com本期原文地址: SecWiki周刊(第351期)
