SecWiki周刊(第1期)
2014/03/03-2014/03/09
安全资讯
[新闻]  Acunetix Launch Online Vulnerability Scanner
http://www.acunetix.com/blog/news/acunetix-launch-online-vulnerability-scanner/
安全技术
[Web安全]  安全扫描器 IBM APPSCAN8.8
http://www.5d87.com/tools/114.html
[运维安全]  Linux下tcpdump抓包工具的使用
http://sec007.cc/1493.html
[书籍]  《云端时代杀手级应用:大数据分析》
http://sec007.cc/1481.html
[Web安全]  0ops CTF/0CTF writeup
http://www.programlife.net/0ops-ctf-writeup.html
[运维安全]  Web Shell Detector
http://www.shelldetector.com/
[恶意分析]  Obfuscated shellcode inside a malicious RTF document
http://zairon.wordpress.com/2014/03/06/obfuscated-shellcode-inside-a-malicious-rtf-document/
[运维安全]  开发-运维-开发,一路走来的收获与感悟
http://vdisk.weibo.com/s/dBzv2siaYCbV
[数据挖掘]  统计学:数据图像化
http://v.163.com/movie/2011/12/8/I/M8H1NPQM9_M8H1TQE8I.html
[其它]  Risks and Realization of HTTPS Traffic Analysis
https://scirate.com/arxiv/1403.0297
[Web安全]  深入了解SQL注入绕过waf和过滤机制
http://drops.wooyun.org/tips/968
[编程技术]  简易爬虫搜索引擎 – JSearchEngine
http://www.freebuf.com/tools/27400.html
[新闻]  Acunetix Launch Online Vulnerability Scanner
http://www.acunetix.com/blog/news/acunetix-launch-online-vulnerability-scanner/
[工具]  kippo:SSH Honeypot
https://code.google.com/p/kippo/
[数据挖掘]  二十大数据可视化工具点评
http://www.ctocio.com/hotnews/8874.html
[数据挖掘]  Oryx:开源机器学习项目
http://www.oschina.net/p/oryx
[Web安全]  漏洞小总结:浏览器里那些奇怪的逻辑
http://drops.wooyun.org/papers/1020
[Web安全]   [PHP] date() is evil (XSS’able)
http://0xa.li/php-date-is-xssable/
[数据挖掘]  Python Tools for Machine Learning
http://www.cbinsights.com/team-blog/python-tools-machine-learning/
[其它]  Hue:the open source Apache Hadoop UI
http://cloudera.github.io/hue/
[Web安全]  雅虎某分站的XSS导致雅虎邮箱沦陷
http://drops.wooyun.org/papers/1024
[运维安全]  一个资深乙方DBA的运维理念
http://vdisk.weibo.com/s/C2Nopul7KxyHb/1394165963
[Web安全]  My experience with Google interviews
http://miki.it/blog/2013/9/18/google-interview-vs-facebook-interview/
[数据挖掘]  Rothschild预测2014奥斯卡花落谁家
http://blog.sina.com.cn/s/blog_4caedc7a0102f0bm.html
[编程技术]  抽奖类活动项目的一些技术Tips
http://blog.csdn.net/heiyeshuwu/article/details/20552705
[Web安全]  【.NET小科普之一】数据库信息在哪儿
http://drops.wooyun.org/tips/975
[编程技术]  微信公众平台后台接入简明指南
http://www.liaoxuefeng.com/article/0013900476318564121d01facf844cba508396f95d9bb82000
[编程技术]  TinyDocGen:Word文档生成
http://www.oschina.net/p/tinydocgen
[恶意分析]  Cyphort Discovers Zero-day Variant Of Zeus In The Wild
http://www.cyphort.com/blog/cyphort-discovers-zero-day-variant-zeus-wild/
[其它]  物联网强势来袭 捍卫互联网安全“三大余弦定理”
http://sec007.cc/1465.html
[其它]   Bulletproof SSL/TLS and PKI March Update: Protocol Attacks
http://blog.ivanristic.com/2014/03/bulletproof-update-protocol-attacks.html
[恶意分析]  Cylance - The Science of Security
http://www.youtube.com/watch?v=EydrYSGs1V8#t=63
[编程技术]  PeLib:an open source C++ library
http://www.pelib.com/index.php
[其它]  解析波兰遭遇大规模DNS劫持事件
http://sec007.cc/1470.html
[其它]  《把你的英语用起来》英语学习路线图
http://www.read.org.cn/html/2350-ba-ni-de-ying-yu-yong-qi-lai-ying-yu-xue-xi-lu-xian-tu.html
[恶意分析]  四类APT安全解决方案面面观
http://sec.chinabyte.com/163/12672163_3.shtml
[Web安全]  linux渗透测试技巧2则
http://drops.wooyun.org/papers/1015
[其它]  深度剖析京东云引擎核心技术
http://www.infoq.com/cn/articles/jingdong-cloud-engine-core-technology
[工具]  IP归属地数据库下载
http://tool.17mon.cn/ipdb.html
[其它]  SSL man-in-the-middle attacks on RDP
https://labs.portcullis.co.uk/blog/ssl-man-in-the-middle-attacks-on-rdp/
[编程技术]  kityminder:在线脑图编辑器
https://github.com/kitygraph/kityminder/
安全专题
一些恶意沙箱工具
https://www.sec-wiki.com/topic/39
-----微信ID:SecWiki-----
SecWiki,12年来一直专注安全技术资讯分析!
SecWiki:https://www.sec-wiki.com

本期原文地址: SecWiki周刊(第1期)