SecWiki周刊(第192期)
2017/10/30-2017/11/05
安全资讯
APT组织Gaza Cybergang重出江湖 深度利用了微软漏洞
http://www.4hou.com/info/news/8305.html
http://www.4hou.com/info/news/8305.html
Discord成为暗网中最受欢迎的通讯APP
http://www.freebuf.com/sectool/152405.html
http://www.freebuf.com/sectool/152405.html
中华人民共和国电子商务法(草案二次审议稿)
http://www.100ec.cn/detail--6421980.html
http://www.100ec.cn/detail--6421980.html
深化“互联网+先进制造业” 发展工业互联网的指导意见
http://www.scio.gov.cn/32344/32345/35889/37278/tw37280/Document/1605158/1605158.htm?from=timeline&isappinstalled=0
http://www.scio.gov.cn/32344/32345/35889/37278/tw37280/Document/1605158/1605158.htm?from=timeline&isappinstalled=0
D-Link 网站存在SQL注入漏洞,导致4000合作伙伴账户信息泄露
https://nosec.org/my/threats/1601
https://nosec.org/my/threats/1601
俄罗斯反VPN法案生效
http://www.aqniu.com/industry/29102.html
http://www.aqniu.com/industry/29102.html
等保2.0---向网络强国更进一步
https://mp.weixin.qq.com/s/SP5T8axbV2aJBHcqfGBCJw
https://mp.weixin.qq.com/s/SP5T8axbV2aJBHcqfGBCJw
互联网新闻信息服务单位内容管理从业人员管理办法
https://www.chinanews.com/gn/2017/10-30/8363963.shtml
https://www.chinanews.com/gn/2017/10-30/8363963.shtml
Oscar:我对人生的期望
https://mp.weixin.qq.com/s/UTgvKvXLZry79NPEvVzDbA
https://mp.weixin.qq.com/s/UTgvKvXLZry79NPEvVzDbA
物联网安全公司ForeScout上市
http://www.aqniu.com/industry/29039.html
http://www.aqniu.com/industry/29039.html
中国网络安全公司投融资活动汇总 2017Q3
https://mp.weixin.qq.com/s/WWlv144rHlayXAGt9zcHVA
https://mp.weixin.qq.com/s/WWlv144rHlayXAGt9zcHVA
安全技术
2017 IEEE Cybersecurity Development (SecDev大会录用论文)
http://ieeexplore.ieee.org/xpl/mostRecentIssue.jsp?punumber=8071083
http://ieeexplore.ieee.org/xpl/mostRecentIssue.jsp?punumber=8071083
nmask'tool框架开源说明
https://thief.one/2017/11/02/1/
https://thief.one/2017/11/02/1/
LSTM-Human-Activity-Recognition: 基于 LSTM 的人类活动行为识别
https://github.com/guillaume-chevalier/LSTM-Human-Activity-Recognition
https://github.com/guillaume-chevalier/LSTM-Human-Activity-Recognition
reCAPTCHA: 自动识别图形验证码的burp插件
https://github.com/bit4woo/reCAPTCHA
https://github.com/bit4woo/reCAPTCHA
一些关于代理的知识
http://foreversong.cn/archives/774
http://foreversong.cn/archives/774
目前可用的burp suite pro版本
http://www.secer.com.cn/article/190
http://www.secer.com.cn/article/190
Webug 靶场3.0渗透教程(全16关)
http://www.freebuf.com/articles/web/151617.html
http://www.freebuf.com/articles/web/151617.html
A Basic Windows DKOM Rootkit Pt 1
https://www.landhb.me/posts/v9eRa/a-basic-windows-dkom-rootkit-pt-1/
https://www.landhb.me/posts/v9eRa/a-basic-windows-dkom-rootkit-pt-1/
ACM CCS 2017 会议集
https://dl.acm.org/citation.cfm?id=3133956
https://dl.acm.org/citation.cfm?id=3133956
ACM CCS 2017 会议每日报道:Day 1
https://zhuanlan.zhihu.com/p/30617226?group_id=909044111547256832
https://zhuanlan.zhihu.com/p/30617226?group_id=909044111547256832
ACM CCS 2017 会议每日报道:Day 0
https://zhuanlan.zhihu.com/p/30592885?group_id=908604867867512832
https://zhuanlan.zhihu.com/p/30592885?group_id=908604867867512832
TscanCode: 针对C++/C#/Lua代码的静态代码扫描解决方案
https://github.com/Tencent/TscanCode
https://github.com/Tencent/TscanCode
逆向实践:批量验证微信号是否存在
http://www.freebuf.com/articles/terminal/151937.html
http://www.freebuf.com/articles/terminal/151937.html
GoCrack: A Managed Password Cracking Tool hashcat的可视化界面
https://www.fireeye.com/blog/threat-research/2017/10/gocrack-managed-password-cracking-tool.html
https://www.fireeye.com/blog/threat-research/2017/10/gocrack-managed-password-cracking-tool.html
TCP会话劫持原理与测试
http://mp.weixin.qq.com/s/jel3FsI4W1VsQ1AIVTA0Vg
http://mp.weixin.qq.com/s/jel3FsI4W1VsQ1AIVTA0Vg
Seccubus - 漏洞扫描跟踪平台
https://www.seccubus.com/
https://www.seccubus.com/
详解php文件包含原理(读取文件源码、图片马、各种协议、远程getshell等)
https://bbs.ichunqiu.com/thread-28688-1-1.html?from=sec
https://bbs.ichunqiu.com/thread-28688-1-1.html?from=sec
Android蓝牙远程命令执行漏洞利用实践:从PoC到Exploit
http://mp.weixin.qq.com/s/5Qp-O3u3bul4kYgE3a0yrw
http://mp.weixin.qq.com/s/5Qp-O3u3bul4kYgE3a0yrw
浅谈人工智能:现状、任务、构架与统一
https://mp.weixin.qq.com/s/-wSYLu-XvOrsST8_KEUa-Q
https://mp.weixin.qq.com/s/-wSYLu-XvOrsST8_KEUa-Q
ACM CCS 2017 会议每日报道:Day 2
https://zhuanlan.zhihu.com/p/30658875
https://zhuanlan.zhihu.com/p/30658875
Decrypt PHP's eval based encryption with debugger
https://mp.weixin.qq.com/s/zTpVhTQnM4_kRJeHaVDJPg
https://mp.weixin.qq.com/s/zTpVhTQnM4_kRJeHaVDJPg
Security Analysis of Telegram Telegram安全性分析报告
https://courses.csail.mit.edu/6.857/2017/project/19.pdf
https://courses.csail.mit.edu/6.857/2017/project/19.pdf
VirtualApp技术黑产利用研究报告
http://www.freebuf.com/articles/paper/152091.html
http://www.freebuf.com/articles/paper/152091.html
Deobfuscating PHPJiami
http://www.kahusecurity.com/2017/deobfuscating-phpjiami/
http://www.kahusecurity.com/2017/deobfuscating-phpjiami/
CTF内存取证入坑指南
http://www.freebuf.com/column/152545.html
http://www.freebuf.com/column/152545.html
阿里巴巴在移动端生物识别技术实践分享
http://www.freebuf.com/articles/terminal/151619.html
http://www.freebuf.com/articles/terminal/151619.html
Elasticsearch 安全加固 101
https://www.elastic.co/cn/blog/reinforce-the-security-of-elasticsearch-101
https://www.elastic.co/cn/blog/reinforce-the-security-of-elasticsearch-101
PDF文件解析与PDF恶代分析中的一些坑
http://bobao.360.cn/learning/detail/4627.html
http://bobao.360.cn/learning/detail/4627.html
WeReport: 渗透报告自动化生成平台
https://github.com/bugsafe/WeReport
https://github.com/bugsafe/WeReport
Powershell下载文件技术研究
http://mp.weixin.qq.com/s/Lv0bz6ENJDtoJ3YjqXrjNA
http://mp.weixin.qq.com/s/Lv0bz6ENJDtoJ3YjqXrjNA
vulndocker: 漏洞靶场平台
https://github.com/leveryd/vulndocker
https://github.com/leveryd/vulndocker
CLDAP反射放大攻击超过SSDP和CharGen成为第三大反射型DDoS攻击
http://blog.netlab.360.com/cldap-is-now-the-3rd-reflection-amplified-ddos-attack-vector-surpassing-ssdp-and-chargen/
http://blog.netlab.360.com/cldap-is-now-the-3rd-reflection-amplified-ddos-attack-vector-surpassing-ssdp-and-chargen/
TP-LINK 远程代码执行漏洞 CVE-2017-13772 趣谈
https://paper.seebug.org/434/
https://paper.seebug.org/434/
用Go开发可以内网活跃主机嗅探器
https://github.com/timest/goscan/issues/1
https://github.com/timest/goscan/issues/1
Vulnerability box 不同漏洞类型描述与修复建议
https://book.nmask.cn/
https://book.nmask.cn/
ImXSS开源发布附设计文档
https://xianzhi.aliyun.com/forum/topic/457/
https://xianzhi.aliyun.com/forum/topic/457/
Comparing EternalPetya and BadRabbit
https://bartblaze.blogspot.jp/2017/10/comparing-eternalpetya-and-badrabbit.html
https://bartblaze.blogspot.jp/2017/10/comparing-eternalpetya-and-badrabbit.html
简单的Getshell和提权
https://xianzhi.aliyun.com/forum/read/2295.html
https://xianzhi.aliyun.com/forum/read/2295.html
WebEye:识别WEB服务器类型、CMS类型、WAF类型、WHOIS信息
https://github.com/zerokeeper/WebEye
https://github.com/zerokeeper/WebEye
如何使用树莓派自制网络监视器
http://www.freebuf.com/geek/152403.html
http://www.freebuf.com/geek/152403.html
工控安全半月报第一期(2017-10)
http://icsmaster.com/news/monthly_report_10_2.html
http://icsmaster.com/news/monthly_report_10_2.html
机器学习在安全攻防场景的应用与分析
http://www.freebuf.com/articles/neopoints/152457.html
http://www.freebuf.com/articles/neopoints/152457.html
The Many Security Usages of Anomaly Detection DNS 异常检测
https://www.nominum.com/tech-blog/many-security-usages-anomaly-detection/
https://www.nominum.com/tech-blog/many-security-usages-anomaly-detection/
使用 Mimikatz 和 Powersploit 提取 Windows 禁止导出的证书并逃避防护软件
http://www.4hou.com/system/8276.html
http://www.4hou.com/system/8276.html
卡巴斯基实验室对 Gaza cybergang 团伙2017年的行动调查报告
https://securelist.com/gaza-cybergang-updated-2017-activity/82765/
https://securelist.com/gaza-cybergang-updated-2017-activity/82765/
SecWiki周刊(第191期)
https://www.sec-wiki.com/weekly/191
https://www.sec-wiki.com/weekly/191
用DNS域名关联声望系统批量捣毁一个伪装Flash更新的恶意软件团伙
https://www.nominum.com/tech-blog/continuous-threat-malware-hiding-fake-adobe-flash-updates/
https://www.nominum.com/tech-blog/continuous-threat-malware-hiding-fake-adobe-flash-updates/
AIRMASTER: 红蓝对抗中对过期域名的利用
https://github.com/t94j0/AIRMASTER
https://github.com/t94j0/AIRMASTER
漏洞分析之Typecho二连爆
http://mp.weixin.qq.com/s/C9ojGt4TYZKX30lhTOT3VQ
http://mp.weixin.qq.com/s/C9ojGt4TYZKX30lhTOT3VQ
Apache James 服务器反序列化漏洞(CVE-2017-12628)分析和利用
http://www.4hou.com/technology/8298.html
http://www.4hou.com/technology/8298.html
Hunting and Analyzing Phishing Kits at Scale
https://duo.com/blog/phish-in-a-barrel-hunting-and-analyzing-phishing-kits-at-scale
https://duo.com/blog/phish-in-a-barrel-hunting-and-analyzing-phishing-kits-at-scale
基于异常行为的未知勒索软件检测
https://paper.seebug.org/431/
https://paper.seebug.org/431/
Automatic Static Detection of Malicious JavaScript
https://researchcenter.paloaltonetworks.com/2017/10/engineers-work-automatic-static-detection-malicious-javascript/
https://researchcenter.paloaltonetworks.com/2017/10/engineers-work-automatic-static-detection-malicious-javascript/
RansomDetection: 基于行为的Ransomware检测原型
https://github.com/mogongtech/RansomDetection
https://github.com/mogongtech/RansomDetection
-----微信ID:SecWiki-----
SecWiki,12年来一直专注安全技术资讯分析!
SecWiki:https://www.sec-wiki.com本期原文地址: SecWiki周刊(第192期)
