SecWiki周刊(第105期)
2016/02/29-2016/03/06
安全资讯
[取证分析]  一起绕过双因子验证的实际入侵案例
http://www.aqniu.com/threat-alert/13953.html
安全技术
[文档]   USA 2016 RSA Conference Slide & Media
http://www.rsaconference.com/events/us16/downloads-and-media
[Web安全]  安卓微信、QQ自带浏览器 UXSS 漏洞
http://blog.knownsec.com/2016/02/android-weixin-qq-uxss/
[恶意分析]  Google Summer of Code 2016 Project Ideas
http://www.honeynet.org/gsoc/ideas
[编程技术]  隐藏/删除所有微博脚本
http://blog.depressedmarvin.com/2016/03/03/hide-all-your-weibo-post/
[运维安全]  GitHarvester:harvesting information from GitHub
https://github.com/metac0rtex/GitHarvester
[恶意分析]  Blackout - Memory Analysis of BlackEnergy Big dropper
http://malware-unplugged.blogspot.tw/2016/02/blackout-memory-analysis-of-blackenergy.html
[取证分析]  AIL framework - Analysis Information Leak framework
https://github.com/CIRCL/AIL-framework
[Web安全]  简单验证码识别及工具编写思路
http://drops.wooyun.org/tips/13043
[数据挖掘]  基于用户行为动态变化的内部威胁检测方法
http://www.freebuf.com/articles/system/97703.html
[恶意分析]  Limon Sandbox for Analyzing Linux Malwares
http://malware-unplugged.blogspot.tw/2015/11/limon-sandbox-for-analyzing-linux.html
[Web安全]  fuckCoreMail爆破说明书
https://github.com/pyphrb/fuckCoreMail
[Web安全]  Common Security Issues in Financially-Orientated Web Applications
https://www.nccgroup.trust/uk/our-research/common-security-issues-in-financially-orientated-web-applications/
[恶意分析]  Adding a scoring system in peepdf
http://eternal-todo.com/blog/adding-scoring-system-peepdf-pdf-analysis
[Web安全]  Sublist3r: Fast subdomains enumeration tool for penetration testers
https://github.com/aboul3la/Sublist3r
[文档]  2015年中国互联网安全报告
https://a4b0af.lt.yunpan.cn/lk/cxTSuYQNLeKPr
[Web安全]  Little HTML event attributes fuzzer
http://pastebin.com/AayLzNyB
[恶意分析]  Tax Scams Gone International
http://blog.talosintel.com/2016/02/tax-scams.html#more
[漏洞分析]  Scanner of DROWN attack against TLS
https://github.com/nimia/public_drown_scanner
[漏洞分析]  a lot of vulnerable OS X applications
http://vulnsec.com/2016/osx-apps-vulnerabilities/
-----微信ID:SecWiki-----
SecWiki,12年来一直专注安全技术资讯分析!
SecWiki:https://www.sec-wiki.com

本期原文地址: SecWiki周刊(第105期)