SecWiki周刊(第114期)
2016/05/02-2016/05/08
安全资讯
[文档]  2016数据泄露报告
http://www.aqniu.com/industry/15571.html
[其它]  Craig Wright is not Satoshi Nakamoto
http://www.nikcub.com/posts/craig-wright-is-not-satoshi-nakamoto/
[运维安全]  加拿大金矿公司被黑 14.8GB数据被盗
http://www.aqniu.com/threat-alert/15557.html
安全技术
[漏洞分析]  翰海源面试题2之MSN加密过程逆向及未公开漏洞分析
http://pan.baidu.com/s/1eRL7UBg
[漏洞分析]  Write Up: Remote Command Execute in Wordpress 4.5.1
http://ricterz.me/posts/Write%20Up:%20Remote%20Command%20Execute%20in%20Wordpress%204.5.1
[视频]  Class Intro, WebApp sec basics, and burp suite basics
https://www.youtube.com/watch?list=PL8JzjH888lZVNJgGr7KyJ2QdozxM5fGz4&v=6gz_vob8uK0
[无线安全]  伪AP检测技术研究
http://drops.wooyun.org/wireless/15128
[漏洞分析]  Analyzing ImageTragick Exploits in the Wild
https://blog.sucuri.net/2016/05/analyzing-imagetragick-exploits-in-the-wild.html
[文档]  xKungfoo2016 演讲稿下载
http://xkungfoo.org/xKungfoo2016-Shanghai-PDF.zip
[文档]   0con&0ctf 2016
http://0con.0ops.net/
[Web安全]  CCTF Web WriteUp
http://www.math1as.com/index.php/archives/244/
[论文]  DIMVA 2016 Accepted Paper List
http://dimva2016.mondragon.edu/en/program
[Web安全]  How the Pwnedlist Got Pwned
http://krebsonsecurity.com/2016/05/how-the-pwnedlist-got-pwned/
[Web安全]  Securing PowerShell in the Enterprise
http://www.asd.gov.au/publications/protect/Securing_PowerShell.pdf
[其它]  yet-another-padding-oracle-in-openssl-cbc-ciphersuit
https://blog.cloudflare.com/yet-another-padding-oracle-in-openssl-cbc-ciphersuites/
[Web安全]  Raptor - WAF - Web application firewall using DFA
https://github.com/CoolerVoid/raptor_waf
[杂志]  Phrack Magazine #63
http://phrack.org/issues/69/1.html
[漏洞分析]  A Decade of Exploit Database Data
https://www.offensive-security.com/offsec/decade-of-exploit-database-data/
[运维安全]  利用 Java Binary Webshell 对抗静态检测
https://security.tencent.com/index.php/blog/msg/104
[Web安全]  Apache OpenMeetings 会议系统getshell 二探
http://zone.wooyun.org/content/27047
[漏洞分析]  Proof of Concepts for CVE-2016–3714:ImageTragick
https://github.com/ImageTragick/PoCs
[Web安全]  wafCheck.py DEMO - Hook urllib2 / requests
http://www.n0tr00t.com/2016/05/03/wafCheck_demo.html
[漏洞分析]  Acunetix 0day RCE - (SYSTEM)
https://github.com/dzonerzy/acunetix_0day
-----微信ID:SecWiki-----
SecWiki,12年来一直专注安全技术资讯分析!
SecWiki:https://www.sec-wiki.com

本期原文地址: SecWiki周刊(第114期)