SecWiki周刊(第179期)
2017/07/31-2017/08/06
安全资讯
[无线安全]  宝马,福特等多款品牌车辆TCUs存漏洞,可导致远程执行任意代码
http://www.4hou.com/info/news/6965.html
[新闻]  丝绸之路3.1“被黑”,老板宣称破产
http://www.4hou.com/info/news/6982.html
[新闻]  HBO电视网被黑:《权力游戏 7》视频泄露
http://www.4hou.com/info/6926.html
[新闻]  WikiLeaks 公开 Macron 竞选团队的电子邮件
http://www.solidot.org/story?sid=53297
[新闻]  NSA Collects MS Windows Error Information
https://www.schneier.com/blog/archives/2017/08/nsa_collects_ms.html
安全技术
[工具]  社工盒子 最全面的社会工程学工具
https://bbs.ichunqiu.com/thread-25409-1-1.html?from=sec
[漏洞分析]  复现Struts2-048高危漏洞
http://www.toutiao.com/i6447260880299098638/
[会议]  安全顶会之CCS 2017 录用论文列表
https://acmccs.github.io/papers/
[漏洞分析]  DotNetNuke任意代码执行漏洞(CVE–2017–9822)分析预警
https://cert.360.cn/warning/detail?id=e689288863456481733e01b093c986b6
[设备安全]  ISF(Industrial Exploitation Framework) 基于Python的工控漏洞利用框架
https://github.com/dark-lbp/isf
[恶意分析]  YaraGuardian: Django web interface for managing Yara rules
https://github.com/PUNCH-Cyber/YaraGuardian
[取证分析]  暗网收集公开情报资源(上):利用OnionScan搭建属于自己的暗网搜索引擎
http://bobao.360.cn/learning/detail/2952.html
[取证分析]  暗网系列之:利用Python + OnionScan 打造自己的安全威胁情报平台(一)
https://mp.weixin.qq.com/s?__biz=MzIxMzQ3MzkwMQ==&mid=2247489932&idx=1&sn=860bfed6583f1e2b2bf4f05bee42198c&scene=0#wechat_redirect
[设备安全]  us-17-Yuwei-Ghost-Telephonist-Link-Hijack-Exploitations-In-4G-LTE-CS-Fallback
https://www.blackhat.com/docs/us-17/thursday/us-17-Yuwei-Ghost-Telephonist-Link-Hijack-Exploitations-In-4G-LTE-CS-Fallback.pdf
[工具]  [渗透神器系列] Metasploit
https://thief.one/2017/08/01/1/
[恶意分析]  A Look at JS_POWMET, a Completely Fileless Malware
http://blog.trendmicro.com/trendlabs-security-intelligence/look-js_powmet-completely-fileless-malware/
[Web安全]  如何使用深度学习检测XSS
http://www.freebuf.com/news/142069.html
[编程技术]  Web端口复用正向后门研究实现与防御
http://www.freebuf.com/articles/web/142628.html
[取证分析]  如何使用OnionScan定制暗网爬虫
http://bobao.360.cn/learning/detail/3166.html
[漏洞分析]  Windows Lnk远程代码执行漏洞(CVE-2017-8464)利用测试
http://www.4hou.com/system/6938.html
[漏洞分析]  漏洞应急响应之批量poc验证
https://bbs.ichunqiu.com/thread-21441-1-1.html?from=sec
[编程技术]  Koadic C3 COM Command & Control - JScript RAT
https://github.com/zerosum0x0/koadic
[无线安全]  隐形的监控——无线键盘侦听
http://www.toutiao.com/i6444684546402157070/
[漏洞分析]  详细的漏洞复现-vsftpd-v2.3.4
https://bbs.ichunqiu.com/thread-25066-1-1.html?from=sec
[工具]  Brida:将frida与burp结合进行移动app渗透测试
http://www.4hou.com/penetration/6916.html
[运维安全]  DNS域名解析解剖
https://zhuanlan.zhihu.com/p/28305778
[漏洞分析]  攻破黑市最流行的钓鱼网站
https://bbs.ichunqiu.com/thread-24972-1-1.html?from=sec
[漏洞分析]  教你通过Node.js漏洞完成渗透测试
https://bbs.ichunqiu.com/thread-24807-1-1.html?from=sec
[Web安全]  当我们谈论“安全意识”时,我们在谈论什么?
https://sosly.me/index.php/2017/07/30/anquanyishi/
[Web安全]  SiteScan: 网站基本信息自动扫描系统
https://github.com/jasonsheh/SiteScan
[Web安全]  渗透测试方法论之文件上传
https://bbs.ichunqiu.com/thread-23193-1-1.html?from=sec
[运维安全]  Github信息泄露升级版案例
http://www.ms509.com/?p=718
[漏洞分析]  CVE-2015-2545 Word 利用样本分析
http://paper.seebug.org/368/
[其它]  使用Neo4j可视化Windows日志
http://www.4hou.com/technology/6875.html
[设备安全]  攻击者侵入系统后如何提升账户权限:提权技术详细分析
https://mp.weixin.qq.com/s/4U4w2NZQUDnwcJ1On5kE9A
[漏洞分析]  白帽子的反击,一次社工智障锁机病毒er
https://bbs.ichunqiu.com/thread-25199-1-1.html?from=sec
[Web安全]  Fuzzing SQL,XSS and Command Injection using Burp Suite
http://www.hackingarticles.in/fuzzing-sqlxss-command-injection-using-burp-suite/
[编程技术]  [代码审计] Java代码审计连载之—添油加醋
https://bbs.ichunqiu.com/thread-25475-1-1.html?from=sec
[取证分析]  暗网收集公开情报资源(下):Python+Shodan+SSH密钥
http://bobao.360.cn/learning/detail/2955.html
[恶意分析]  Cobalt strikes back: an evolving multinational threat to finance
http://blog.ptsecurity.com/2017/08/cobalt-group-2017-cobalt-strikes-back.html
[Web安全]  gwhatweb: CMS识别 python gevent实现
https://github.com/boy-hack/gwhatweb
[Web安全]  文件寄生——寄生虫自体繁衍的道路.
https://bbs.ichunqiu.com/thread-21322-1-1.html?from=sec
[Web安全]  深入理解hash长度扩展攻击(sha1为例)
http://www.freebuf.com/articles/web/69264.html
[比赛]  DEFCON 25 CTF參賽記
http://maskray.me/blog/2017-08-01-defcon-25-ctf
[取证分析]  crawler_email: crawl email of BBS 论坛邮件地址获取
https://github.com/jingchengyou/crawler_email
[运维安全]  linux安全加固
http://mp.weixin.qq.com/s/0nxiZw1NUoQTjxcd3zl6Zg
[工具]  Blackhat兵器谱新添IOT安全武器
http://www.freebuf.com/column/142421.html
[Web安全]  educn-sqlScan: 对全国edu域名以及其二级域名进行的一次Sql注入
https://github.com/fiht/educn-sqlScan
[漏洞分析]  us-17-Borgaonkar-New-Adventures-In-Spying-3G-And-4G-Users-Locate-Track-And-Monit
https://www.blackhat.com/docs/us-17/wednesday/us-17-Borgaonkar-New-Adventures-In-Spying-3G-And-4G-Users-Locate-Track-And-Monitor.pdf
[Web安全]  Java代码审计连载之—SQL注入
https://bbs.ichunqiu.com/thread-22170-1-1.html?from=sec
[Web安全]  Linux各类后门整理
https://bbs.ichunqiu.com/thread-25119-1-1.html?from=sec
[Web安全]  3亿6千万被黑密码免费下载及使用介绍
https://www.troyhunt.com/introducing-306-million-freely-downloadable-pwned-passwords/
[杂志]  SecWiki周刊(第178期)
https://www.sec-wiki.com/weekly/178
[Web安全]  带你走进二进制-一次APT攻击分析
https://bbs.ichunqiu.com/thread-25291-1-1.html?from=sec
[运维安全]  从无到有通过ISO27001认证-建设篇
https://xianzhi.aliyun.com/forum/read/1922.html
[Web安全]  [原创] 我在全球最大的同性社交平台那点事
https://bbs.ichunqiu.com/thread-24971-1-1.html?from=sec
[漏洞分析]  Pingback漏洞利用技术
http://blog.csdn.net/u011721501/article/details/76581012
[Web安全]  渗透过程中的 Some Tricks
https://evi1cg.me/archives/Tricks.html
[移动安全]  iOS渗透测试第一步---环境配置及简单基础
https://bbs.ichunqiu.com/thread-25273-1-1.html?from=sec
[比赛]  DEF CON CTF 2017 Final Scores and Data Dumps
https://blog.legitbs.net/2017/07/def-con-ctf-2017-final-scores-and-data.html
[Web安全]  Exploiting Second Order SQLi Flaws by using Burp & Custom Sqlmap Tamper
https://pentest.blog/exploiting-second-order-sqli-flaws-by-using-burp-custom-sqlmap-tamper/
[Web安全]  从看日志了解黑客攻击手法
https://bbs.ichunqiu.com/thread-25379-1-1.html?from=sec
[其它]  Mandiant and Adi Peretz Leaks(含文件下载)[翻墙]
https://pastebin.com/raw/6HugrWH4
[工具]  WSSiP: A WebSocket Manipulation Proxy
https://github.com/nccgroup/wssip
[取证分析]  extractTVpasswords: extract passwords from TeamViewer memory using Frida
https://github.com/vah13/extractTVpasswords
[运维安全]  IoTChecklist: Baseline IoT security checklist 物联网安全基线检查
https://github.com/SecarmaLabs/IoTChecklist
[Web安全]  日志追凶之从看日志了解黑客攻击手法
https://bbs.ichunqiu.com/thread-25379-1-1.html
[恶意分析]  一个钓鱼木马的分析(二)
http://www.freebuf.com/column/143364.html
[数据挖掘]  最全的中文版深度学习资源索引
https://github.com/Sambor123/Awesome-Deep-Learning-for-Chinese
[恶意分析]  一次对恶意邮件分析并拿下其赎金服务器的溯源
http://www.4hou.com/info/news/6970.html
[其它]  绕过AppLocker系列之CreateRestrictedToken的利用
http://www.4hou.com/technology/6810.html
[Web安全]  一次对路边饮用水RFID供应机的跑路玩法
https://bbs.ichunqiu.com/thread-24889-1-1.html?from=sec
[编程技术]  手把手教你编写一个简单的PHP模块形态的后门
http://www.freebuf.com/articles/web/141911.html
[移动安全]  安卓漏洞学习一
http://mp.weixin.qq.com/s/aM3rIkwxE2LuE_1jSdWFkA
[取证分析]  BlackHat2017热点之DefPloreX—大规模网络犯罪取证的机器学习工具
http://www.4hou.com/tools/6881.html
[恶意分析]  TrickBot comes with new tricks – attacking Outlook and browsing data
https://blog.malwarebytes.com/threat-analysis/2017/08/trickbot-comes-with-new-tricks-attacking-outlook-and-browsing-data/
[运维安全]  从无到有通过ISO27001认证-审核篇
https://xianzhi.aliyun.com/forum/read/1939.html
[Web安全]   Python系列之——利用Python实现微博监控
https://bbs.ichunqiu.com/thread-25216-1-1.html?from=sec
[恶意分析]  Command and Control via Gmail
https://pentestlab.blog/2017/08/03/command-and-control-gmail/
[Web安全]   抱歉,马斯克,你的特斯拉归我了
https://bbs.ichunqiu.com/thread-25280-1-1.html?from=sec
[移动安全]  逆向脱壳附加数据处理
https://bbs.ichunqiu.com/thread-22711-1-1.html?from=sec
[比赛]  h1702ctf 2017移动安全挑战赛全程回顾
https://zhuanlan.zhihu.com/p/28201274?group_id=875742872190738432
[Web安全]  调戏木马病毒的正确姿势——上篇
http://bbs.ichunqiu.com/thread-16848-1-1.html?from=sec
[运维安全]  云基础架构之CHIPSEC固件安全基线
https://hardenedlinux.github.io/system-security/2017/07/31/firmware_chipsec.html
[编程技术]  在不熟悉C/C++情况下,hook windows事件
http://www.4hou.com/info/news/6935.html
[Web安全]  基于PHP的日志审计系统研究
http://mp.weixin.qq.com/s/pIUICSwbgdo0JHAGgRxIAg
[Web安全]  文件寄生——寻找宿主的不归路(NTFS文件流实际应用)
https://bbs.ichunqiu.com/thread-21137-1-1.html?from=sec
[无线安全]  狗汪汪玩转嵌入式——I2C 协议分析
https://xianzhi.aliyun.com/forum/read/1910.html
[其它]  how-do-i-get-started-with-v8-development-17e976ebe4a
https://medium.com/@fhinkel/how-do-i-get-started-with-v8-development-17e976ebe4af
[数据挖掘]  QA-Snake: 基于多搜索引擎和深度学习技术的自动问答
https://github.com/SnakeHacker/QA-Snake
[移动安全]  [客户端安全] 调戏木马病毒的正确姿势——下篇
https://bbs.ichunqiu.com/thread-16846-1-1.html?fron=sec
[恶意分析]  HID攻击进阶——WHID injector
http://www.toutiao.com/i6447694012714320397/
[Web安全]  教你用python打造WiFiddos
http://bbs.ichunqiu.com/thread-18592-1-1.html?frpm=sec
[Web安全]  IOS渗透测试第一步-基础知识统一放送
https://bbs.ichunqiu.com/thread-25281-1-1.html?from=sec
-----微信ID:SecWiki-----
SecWiki,12年来一直专注安全技术资讯分析!
SecWiki:https://www.sec-wiki.com

本期原文地址: SecWiki周刊(第179期)