SecWiki周刊(第354期)
2020/12/07-2020/12/13
安全资讯
2020网络安全大事记 - 监管判例篇
https://mp.weixin.qq.com/s/60-O9GGYPNZZW6KVvY_c8w
https://mp.weixin.qq.com/s/60-O9GGYPNZZW6KVvY_c8w
安全技术
从 CVE-2020-17144 看实战环境的漏洞武器化
https://mp.weixin.qq.com/s/nVtE-OFoO076x6T0147AMw
https://mp.weixin.qq.com/s/nVtE-OFoO076x6T0147AMw
记一次St2-045的绕过
https://www.sec-in.com/article/550
https://www.sec-in.com/article/550
SecWiki周刊(第353期)
https://www.sec-wiki.com/weekly/353
https://www.sec-wiki.com/weekly/353
中国网络安全公司资本关系图谱 V2.0
https://mp.weixin.qq.com/s/cv8z0791TLrVG2HYKY1pdg
https://mp.weixin.qq.com/s/cv8z0791TLrVG2HYKY1pdg
数据安全怎么做——静态敏感数据治理
https://mp.weixin.qq.com/s/AejcWwJWxZWHf9dDRfVWPA
https://mp.weixin.qq.com/s/AejcWwJWxZWHf9dDRfVWPA
基于AI的暗网流量检测识别效果专题研究
http://cyberopportunity.cn/?p=1280
http://cyberopportunity.cn/?p=1280
从FireEye的泄露看红队的差距
https://mp.weixin.qq.com/s/K2W-hgCUFOzgxrhF6U1s1A
https://mp.weixin.qq.com/s/K2W-hgCUFOzgxrhF6U1s1A
30行代码搞定Monero活跃节点探测
https://mp.weixin.qq.com/s/omsTd3q5tOkknfK35tXGXg
https://mp.weixin.qq.com/s/omsTd3q5tOkknfK35tXGXg
实战-站库分离拿下WebShell
https://xz.aliyun.com/t/8584
https://xz.aliyun.com/t/8584
中间件内存马注入&冰蝎连接
https://mp.weixin.qq.com/s/eI-50-_W89eN8tsKi-5j4g
https://mp.weixin.qq.com/s/eI-50-_W89eN8tsKi-5j4g
逆向智能门锁漏洞分析PART(二)
https://mp.weixin.qq.com/s/IutPFguZmNvPZd5XrlK6Mg
https://mp.weixin.qq.com/s/IutPFguZmNvPZd5XrlK6Mg
黑吃黑Getshell到提权实战案例
https://mp.weixin.qq.com/s/Hr-ybKz2CbG4yyTpww23rA
https://mp.weixin.qq.com/s/Hr-ybKz2CbG4yyTpww23rA
从mimikatz学Windows本地hash抓取
https://xz.aliyun.com/t/8601
https://xz.aliyun.com/t/8601
FireEye红队工具失窃事件分析和思考
https://mp.weixin.qq.com/s/fkH9TZKOcWb_Ttvl-VlA4w
https://mp.weixin.qq.com/s/fkH9TZKOcWb_Ttvl-VlA4w
红队中易被攻击的一些重点系统漏洞整理
https://github.com/r0eXpeR/redteam_vul
https://github.com/r0eXpeR/redteam_vul
玩转容器安全三 - Harbor私有镜像仓库
https://blog.csdn.net/bloodzero_new/article/details/111055044
https://blog.csdn.net/bloodzero_new/article/details/111055044
逆向智能门锁漏洞分析PART(一)
https://mp.weixin.qq.com/s/pIeV3uNfRzAYggxRSo7P_g
https://mp.weixin.qq.com/s/pIeV3uNfRzAYggxRSo7P_g
红蓝对抗之Linux内网渗透
https://security.tencent.com/index.php/blog/msg/174
https://security.tencent.com/index.php/blog/msg/174
RoarCTF-WriteUp
https://mp.weixin.qq.com/s/Ipy-PCnxQWlctQk1oI9arw
https://mp.weixin.qq.com/s/Ipy-PCnxQWlctQk1oI9arw
SQL注入渗透PostgreSQL(bypass tricks)
https://xz.aliyun.com/t/8621
https://xz.aliyun.com/t/8621
Spring全家桶各类RCE漏洞浅析
https://mp.weixin.qq.com/s/gfCtSJoefYLjJpaksbKLrQ
https://mp.weixin.qq.com/s/gfCtSJoefYLjJpaksbKLrQ
邮件攻防--宏免杀姿势1
http://wolvez.club/2020/12/10/mailsec01/
http://wolvez.club/2020/12/10/mailsec01/
FireEye RedTeam 被黑了
https://mp.weixin.qq.com/s/WupcVZATcNkKE93XcgJ4qg
https://mp.weixin.qq.com/s/WupcVZATcNkKE93XcgJ4qg
Kerberos Bronze Bit Attack (CVE-2020-17049) Scenarios to Potentially Compromise
https://www.hub.trimarcsecurity.com/post/leveraging-the-kerberos-bronze-bit-attack-cve-2020-17049-scenarios-to-compromise-active-directory
https://www.hub.trimarcsecurity.com/post/leveraging-the-kerberos-bronze-bit-attack-cve-2020-17049-scenarios-to-compromise-active-directory
serverless functions攻防初探
https://www.cdxy.me/?p=836
https://www.cdxy.me/?p=836
针对以色列水利/水务基础设施的网络攻击回顾
https://mp.weixin.qq.com/s/XvPf_irbpZF6B0-fnn1OBA
https://mp.weixin.qq.com/s/XvPf_irbpZF6B0-fnn1OBA
BypassAv小技巧
https://www.sec-in.com/article/733
https://www.sec-in.com/article/733
FireEye红队工具失窃事件跟进分析
https://mp.weixin.qq.com/s/X-bBV44nMQvDlnl6f4eX7Q
https://mp.weixin.qq.com/s/X-bBV44nMQvDlnl6f4eX7Q
SharePoint Rce 系列分析(一)
https://mp.weixin.qq.com/s/FfHc8TFUs_4H8JHWbYv3FQ
https://mp.weixin.qq.com/s/FfHc8TFUs_4H8JHWbYv3FQ
-----微信ID:SecWiki-----
SecWiki,13年来一直专注安全技术资讯分析!
SecWiki:https://www.sec-wiki.com本期原文地址: SecWiki周刊(第354期)
