SecWiki周刊(第72期)
2015/07/13-2015/07/19
安全资讯
How We Fared in the Cyber Grand Challenge
http://blog.trailofbits.com/2015/07/15/how-we-fared-in-the-cyber-grand-challenge/
http://blog.trailofbits.com/2015/07/15/how-we-fared-in-the-cyber-grand-challenge/
国外开源威胁情报资源相关网站
http://www.sec-un.org/nuke-students-foreign-open-source-threat-intelligence-gathered-resources-related-websites.html
http://www.sec-un.org/nuke-students-foreign-open-source-threat-intelligence-gathered-resources-related-websites.html
14 days running a secret Dark Web pedophile honeypot
http://geekslop.com/2015/catching-pedophiles-running-secret-dark-web-tor-honeypot
http://geekslop.com/2015/catching-pedophiles-running-secret-dark-web-tor-honeypot
Feds bust through huge Tor-hidden child porn site using questionable malware
http://arstechnica.com/tech-policy/2015/07/feds-bust-through-huge-tor-hidden-child-porn-site-using-questionable-malware/
http://arstechnica.com/tech-policy/2015/07/feds-bust-through-huge-tor-hidden-child-porn-site-using-questionable-malware/
2015年上半年数据库漏洞威胁报告
http://www.aqniu.com/security-reports/8620.html
http://www.aqniu.com/security-reports/8620.html
安全技术
Dedecms远程写文件漏洞分析
http://blog.nsfocus.net/dedecms-write-file-vuln/
http://blog.nsfocus.net/dedecms-write-file-vuln/
The New Metasploit Browser Autopwn: Strikes Faster and Smarter - Part 1
https://community.rapid7.com/community/metasploit/blog/2015/07/15/the-new-metasploit-browser-autopwn-strikes-faster-and-smarter--part-1
https://community.rapid7.com/community/metasploit/blog/2015/07/15/the-new-metasploit-browser-autopwn-strikes-faster-and-smarter--part-1
Advanced cfg bypass on adobe flash player 18 defcon russia 23
http://www.slideshare.net/DefconRussia/advanced-cfg-bypass-on-adobe-flash-player-18
http://www.slideshare.net/DefconRussia/advanced-cfg-bypass-on-adobe-flash-player-18
反黑逆向溯源追踪之:某某某局入侵事件分析
http://lcx.cc/?i=4555
http://lcx.cc/?i=4555
Hacking Team Helped Italian Special Group with BGP Routing Hijack
https://labs.opendns.com/2015/07/12/how-hacking-team-helped-italian-special-operations-group-with-bgp-routing-hijack/
https://labs.opendns.com/2015/07/12/how-hacking-team-helped-italian-special-operations-group-with-bgp-routing-hijack/
Hacking Team's "Bad BIOS": A Commercial Rootkit for UEFI Firmware
http://www.intelsecurity.com/advanced-threat-research/blog.html
http://www.intelsecurity.com/advanced-threat-research/blog.html
chainbreaker:Mac OS X Keychain Forensic Tool
https://github.com/n0fate/chainbreaker
https://github.com/n0fate/chainbreaker
AlphaFuzzer:多功能的漏洞挖掘工具
http://blog.topsec.com.cn/ad_lab/alphafuzzer/
http://blog.topsec.com.cn/ad_lab/alphafuzzer/
《安全参考》HACKCTO-201507-31-渗透测试上
http://pan.baidu.com/s/1o6qrJPS
http://pan.baidu.com/s/1o6qrJPS
Hacking Team Mac OSX 64位 Shellcode 技术分析
http://security.tencent.com/index.php/blog/msg/89
http://security.tencent.com/index.php/blog/msg/89
Significant Flash exploit mitigations are live in v18.0.0.209
http://googleprojectzero.blogspot.com/2015/07/significant-flash-exploit-mitigations_16.html
http://googleprojectzero.blogspot.com/2015/07/significant-flash-exploit-mitigations_16.html
SmmBackdoor:System Management Mode backdoor for UEFI
https://github.com/Cr4sh/SmmBackdoor
https://github.com/Cr4sh/SmmBackdoor
SlimerJS:A scriptable browser for Web developers
http://slimerjs.org/
http://slimerjs.org/
大数据安全分析——分析篇
http://www.jianshu.com/p/15f2d92fc9c3
http://www.jianshu.com/p/15f2d92fc9c3
MultiProxies 支持多代理的渗透测试框架
http://p.x0day.me/
http://p.x0day.me/
如何在 virtualenv 环境下搭建 Python Web
http://segmentfault.com/a/1190000002991175
http://segmentfault.com/a/1190000002991175
Exercises for my tutorials on Theano
https://github.com/goodfeli/theano_exercises
https://github.com/goodfeli/theano_exercises
A cheat-sheet for password crackers
http://www.unix-ninja.com/p/A_cheat-sheet_for_password_crackers
http://www.unix-ninja.com/p/A_cheat-sheet_for_password_crackers
基于数据分析的邮件系统安全
http://drops.wooyun.org/tips/7086
http://drops.wooyun.org/tips/7086
解密“智魁”攻击行动——针对路由器蠕虫攻击事件分析报告
http://security.alibaba.com/blog/blog.htm?spm=0.0.0.0.mO6T6P&id=26
http://security.alibaba.com/blog/blog.htm?spm=0.0.0.0.mO6T6P&id=26
黑客防线2015年第5期杂志
http://www.hacker.com.cn/show-7-2748-1.html
http://www.hacker.com.cn/show-7-2748-1.html
ipcat:Categorization of IP Addresses
https://github.com/client9/ipcat
https://github.com/client9/ipcat
2015阿里安全峰会
http://pan.baidu.com/s/1o6EEley
http://pan.baidu.com/s/1o6EEley
基于“安全情报”与“情景感知”的对抗ppt分享
http://www.sec-un.org/ppt-security-forum-to-share-based-on-security-intelligence-and-context-awareness-against-share-ppt.html
http://www.sec-un.org/ppt-security-forum-to-share-based-on-security-intelligence-and-context-awareness-against-share-ppt.html
黑狐木马最新变种——“肥兔”详细分析
http://drops.wooyun.org/papers/7117
http://drops.wooyun.org/papers/7117
JavaScript Privilege Escalation in Adobe Reader
https://labs.mwrinfosecurity.com/advisories/2015/07/17/javascript-privilege-escalation-in-adobe-reader/
https://labs.mwrinfosecurity.com/advisories/2015/07/17/javascript-privilege-escalation-in-adobe-reader/
Hacking Team Flash 0Day 分析分享
http://blog.nsfocus.net/2015/07/hacking-team-flash-0day/
http://blog.nsfocus.net/2015/07/hacking-team-flash-0day/
CapTipper:Malicious HTTP traffic explorer
https://github.com/omriher/CapTipper
https://github.com/omriher/CapTipper
安全专题
Web2.0爬虫库
https://www.sec-wiki.com/topic/63
https://www.sec-wiki.com/topic/63
-----微信ID:SecWiki-----
SecWiki,13年来一直专注安全技术资讯分析!
SecWiki:https://www.sec-wiki.com本期原文地址: SecWiki周刊(第72期)
