SecWiki周刊(第54期)
2015/03/09-2015/03/15
安全资讯
[恶意分析]  Operating System Vulnerabilities, Exploits and Insecurity
http://www.welivesecurity.com/2015/03/10/operating-system-vulnerabilities-exploits-insecurity/
[会议]  2015年3月12日杭州沙龙通知
http://www.sec-un.org/hangzhou-march-12-2015-sharon-informed-2.html
[Web安全]  US military looks to 3,000 new security hires by 2016
http://www.welivesecurity.com/2015/03/10/us-military-looks-3000-new-security-hires-2016/
[会议]  INFILTRATE 2015 conference
http://www.infiltratecon.com/speakers.html
安全技术
[无线安全]  WIFI万能钥匙Python查询脚本
http://thecjw.0ginr.com/blog/archives/534
[恶意分析]  CVE-2015-0204 OpenSSL FREAK Attack漏洞检测方法及修复建议
https://sobug.com/article/detail/15
[漏洞分析]  360加固保ELF脱壳总结
http://thecjw.0ginr.com/blog/archives/552
[运维安全]  Data-Hack SQL注入检测
http://drops.wooyun.org/tips/5118
[恶意分析]  CVE-2015-0240:Samba全系版本远程命令执行漏洞检测方法及修复建议
https://sobug.com/article/detail/14
[移动安全]  详解Android App AllowBackup配置带来的风险
https://sobug.com/article/detail/16
[取证分析]  Python Registry Parser (regparse)
http://sysforensics.org/2015/03/python-registry-parser.html
[运维安全]  Justniffer:network protocol analyzer
http://justniffer.sourceforge.net/
[运维安全]  2015 春节 CC 攻击习科调查 IV
http://attach.blackbap.org/pdf/CC_Attack_by_mateng7410.pdf
[恶意分析]  peCloak.py – An Experiment in AV Evasion
http://www.securitysift.com/pecloak-py-an-experiment-in-av-evasion/
[Web安全]  wig:WebApp Information Gatherer
https://github.com/jekyc/wig
[Web安全]  新浪微博IPAD客户端XSS(file域) + 构造Worm
http://www.leavesongs.com/PENETRATION/ipad-weibo-store-xss-worm.html
[移动安全]  Smack技术远控木马
http://blog.avlyun.com/2015/03/2193/smack-remote-control/
[Web安全]  利用redis写webshell
http://www.secpulse.com/archives/5357.html
[漏洞分析]  分析配置文件的格式解密加密数据
http://drops.wooyun.org/binary/5147
[漏洞分析]  Making Finfisher Undetectable
http://lqdc.github.io/making-finfisher-undetectable.html
[Web安全]  Fireeye Mandiant 2014 安全报告 Part2
http://drops.wooyun.org/news/5153
[编程技术]  Elasticsearch权威指南
http://es.xiaoleilu.com/
[Web安全]  密码找回逻辑漏洞总结
http://drops.wooyun.org/web/5048
[数据挖掘]  Machine Learning for Programming
http://www.infoq.com/presentations/machine-learning-general-programming
[Web安全]  Fingerprinter:Versions Fingerprinter
https://github.com/erwanlr/Fingerprinter
[数据挖掘]  机器学习资料大汇总
http://www.52ml.net/star
-----微信ID:SecWiki-----
SecWiki,12年来一直专注安全技术资讯分析!
SecWiki:https://www.sec-wiki.com

本期原文地址: SecWiki周刊(第54期)