SecWiki周刊(第71期)
2015/07/06-2015/07/12
安全资讯
2015企业无线网络安全报告
http://www.freebuf.com/articles/wireless/72084.html
http://www.freebuf.com/articles/wireless/72084.html
2016 DARPA Cyber Grand Challenge Final Competition
http://www.darpa.mil/news-events/2015-07-08
http://www.darpa.mil/news-events/2015-07-08
Gmail隐私大拷问:看完你还敢用吗
http://silic.org/post/Trouble_in_Gmail_Privacy
http://silic.org/post/Trouble_in_Gmail_Privacy
Amazon Is Data Mining Reviewers’ Personal Relationships
http://consumerist.com/2015/07/06/amazon-is-data-mining-reviewers-personal-relationships/
http://consumerist.com/2015/07/06/amazon-is-data-mining-reviewers-personal-relationships/
WikiLeaks:The Hackingteam Archives
https://wikileaks.org/hackingteam/emails/
https://wikileaks.org/hackingteam/emails/
OLE Packager allows code execution in all versions
http://seclists.org/bugtraq/2015/Jul/23
http://seclists.org/bugtraq/2015/Jul/23
HackingTeam Database Download
http://ht.musalbas.com/
http://ht.musalbas.com/
Hacking Team hacked, attackers claim 400GB in dumped data
http://www.csoonline.com/article/2943968/data-breach/hacking-team-hacked-attackers-claim-400gb-in-dumped-data.html
http://www.csoonline.com/article/2943968/data-breach/hacking-team-hacked-attackers-claim-400gb-in-dumped-data.html
Information related to the attacks on HackingTeam
http://www.hackingteam.com/index.php/about-us
http://www.hackingteam.com/index.php/about-us
XKEYSCORE: NSA's Google for the World's Private Communications
https://firstlook.org/theintercept/2015/07/01/nsas-google-worlds-private-communications/
https://firstlook.org/theintercept/2015/07/01/nsas-google-worlds-private-communications/
安全技术
简要分析Hacking Team 远程控制系统
http://blog.nsfocus.net/2015/07/hacking-team-rcs-report/
http://blog.nsfocus.net/2015/07/hacking-team-rcs-report/
(Python)Gensim集成基于Textrank的文本摘要模块
https://github.com/piskvorky/gensim/pull/324
https://github.com/piskvorky/gensim/pull/324
基于Lua+Kafka+Heka的Nginx Log实时监控系统
http://mlongbo.com/2015/NginxLog%E5%AE%9E%E6%97%B6%E7%9B%91%E6%8E%A7%E7%B3%BB%E7%BB%9F/
http://mlongbo.com/2015/NginxLog%E5%AE%9E%E6%97%B6%E7%9B%91%E6%8E%A7%E7%B3%BB%E7%BB%9F/
web日志异常检测实践之长度异常模型
http://danqingdani.blog.163.com/blog/static/18609419520156613154903
http://danqingdani.blog.163.com/blog/static/18609419520156613154903
Windows 3389 RDP BackDoor Deployment Hacking && Detection
http://www.cnblogs.com/LittleHann/p/4627614.html
http://www.cnblogs.com/LittleHann/p/4627614.html
Hacking Team Android Browser Exploit代码分析
http://drops.wooyun.org/papers/7030
http://drops.wooyun.org/papers/7030
做开源软件项目会用到的服务简介
http://pm.readthedocs.org/tao/opensource.html
http://pm.readthedocs.org/tao/opensource.html
Hacking Team 泄露(开源)资料导览手册
http://drops.wooyun.org/news/6977
http://drops.wooyun.org/news/6977
Kaggle Competition Past Solutions
http://www.chioka.in/kaggle-competition-solutions/
http://www.chioka.in/kaggle-competition-solutions/
基于代理的web扫描器的实现
http://zhuanlan.zhihu.com/netxfly/20099454
http://zhuanlan.zhihu.com/netxfly/20099454
TSRC安全群英汇-西安议题下载
http://security.tencent.com/index.php/blog/msg/86
http://security.tencent.com/index.php/blog/msg/86
OpenSSL CVE-2015-1793: Man-in-the-Middle Attack
https://ma.ttias.be/openssl-cve-2015-1793-man-middle-attack/
https://ma.ttias.be/openssl-cve-2015-1793-man-middle-attack/
2015 RSA Threat Intelligence 小观察
http://www.jianshu.com/p/1eab6e1ab2fc
http://www.jianshu.com/p/1eab6e1ab2fc
XSS Challenge Wiki
https://github.com/cure53/XSSChallengeWiki
https://github.com/cure53/XSSChallengeWiki
MD5, SHA1, SHA512 online decrypter, rainbow tables
http://md5decoder.org/
http://md5decoder.org/
Strong Ciphers for Apache, nginx and Lighttpd
https://cipherli.st/
https://cipherli.st/
Unmasking Kernel Exploits
http://labs.lastline.com/unmasking-kernel-exploits
http://labs.lastline.com/unmasking-kernel-exploits
简要分析Hacking Team 远程控制系统
http://blog.nsfocus.net/2015/07/hacking-team-rcs-report/#more-402
http://blog.nsfocus.net/2015/07/hacking-team-rcs-report/#more-402
monit: monitoring of processes, programs, filesystems and hosts
https://mmonit.com/monit/
https://mmonit.com/monit/
How To Bypass Apple EFI Firmware Lock
https://www.ghostlyhaks.com/blog/blog/hacking/18-how-to-bypass-apple-efi-firmware-lock
https://www.ghostlyhaks.com/blog/blog/hacking/18-how-to-bypass-apple-efi-firmware-lock
后续故事:数字军火级别的"BadIRET"漏洞利用(CVE-2014-9322)
http://hardenedlinux.org/jekyll/update/2015/07/05/badiret-exp.html
http://hardenedlinux.org/jekyll/update/2015/07/05/badiret-exp.html
新人如何快速玩转乌云
http://zone.wooyun.org/content/21420
http://zone.wooyun.org/content/21420
You Don't Know JS
https://github.com/getify/You-Dont-Know-JS
https://github.com/getify/You-Dont-Know-JS
pep8:Simple Python style checker in one Python file
https://github.com/jcrocholl/pep8
https://github.com/jcrocholl/pep8
大数据安全分析——理念篇
http://www.jianshu.com/p/42bdd34ac320
http://www.jianshu.com/p/42bdd34ac320
websploit is an advanced MITM framework
https://github.com/websploit/websploit
https://github.com/websploit/websploit
Hunting XXE for Fun and Profit
http://blog.bugcrowd.com/advice-from-a-researcher-xxe/
http://blog.bugcrowd.com/advice-from-a-researcher-xxe/
-----微信ID:SecWiki-----
SecWiki,13年来一直专注安全技术资讯分析!
SecWiki:https://www.sec-wiki.com本期原文地址: SecWiki周刊(第71期)
