SecWiki周刊(第357期)
2020/12/28-2021/01/03
安全技术
[Web安全]  记一次利用阿D注入渗透实战案例
https://mp.weixin.qq.com/s/DqqQkvZ1gNDyLcyNC2COAQ
[Web安全]  AD-Pentest-Notes: 用于记录内网渗透(域渗透)学习
https://github.com/chriskaliX/AD-Pentest-Notes
[观点]  安全研究员的自我修养
https://mp.weixin.qq.com/s/BuHQSLLeJ-EMhQSqFLgDgg
[漏洞分析]   静态程序分析入门教程
https://github.com/RangerNJU/Static-Program-Analysis-Book
[运维安全]  数据安全建设实践系列——数据资产平台建设
https://mp.weixin.qq.com/s/oofMyBaS7EMnUMy61Y-5MQ
[恶意分析]  关于Python病毒样本的分析方法
https://www.anquanke.com/post/id/226721
[漏洞分析]  基于机器学习的漏洞检测高影响因素实证研究
https://www.anquanke.com/post/id/220795
[运维安全]  开源自研HIDS——AgentSmith-HIDS
https://mp.weixin.qq.com/s/sAh_VH5zTuxHRFawYMvuOw
[工具]  MDAT - 综合数据库攻击利用工具
https://github.com/SafeGroceryStore/MDAT
[漏洞分析]  fire_vulnerability_scanner: 一款http协议的漏洞扫描框架
https://github.com/coodyer/fire_vulnerability_scanner
[Web安全]  鲲鹏计算专场-WriteUp
https://mp.weixin.qq.com/s/S7d-oS_b3Xx688a_jeQC2w
[杂志]  SecWiki周刊(第356期)
https://www.sec-wiki.com/weekly/356
[其它]  浅谈Mysql蜜罐识别
https://mp.weixin.qq.com/s/f30RvhYlB97dXnjzv4_H_Q
[恶意分析]   JARM : 检测恶意服务器的可靠指纹
https://mp.weixin.qq.com/s/p55LNt9PK0MKEjN3MGPAOg
[Web安全]  Windows Lateral Movement Part 1 – WMI Event Subscription
https://www.mdsec.co.uk/2020/09/i-like-to-move-it-windows-lateral-movement-part-1-wmi-event-subscription/
[观点]  网空靶场:从炒作到现实-2020
https://mp.weixin.qq.com/s/zu2Je_A_x06k78tzrXyjbg
[恶意分析]  DNSMon: 用DNS数据进行威胁发现(2)
https://blog.netlab.360.com/use-dns-data-produce-threat-intelligence-2/
[漏洞分析]  reverse engineering course covering x86, x64, ARM
https://github.com/mytechnotalent/Reverse-Engineering-Tutorial
[视频]  2020 南京大学 “操作系统:设计与实现”
https://www.bilibili.com/video/BV1N741177F5
[漏洞分析]  FreeRTOS Reverse Engineering
https://mp.weixin.qq.com/s/mnus1BN1CLX4rhrZ1ubnKQ
[运维安全]  opencve: CVE Alerting Platform
https://github.com/opencve/opencve
[运维安全]  基于Docker的分布式OpenVAS(GVM)
https://www.freebuf.com/sectool/259225.html
[移动安全]  apkleaks: Scanning APK file for URIs, endpoints & secrets
https://github.com/dwisiswant0/apkleaks
[漏洞分析]  Vulnerabilities of Machine Learning Infrastructure (Slides/Video)
http://www.scada.sl/2020/12/vulnerabilities-of-machine-learning.html
-----微信ID:SecWiki-----
SecWiki,9年来一直专注安全技术资讯分析!
SecWiki:https://www.sec-wiki.com

本期原文地址: SecWiki周刊(第357期)