SecWiki周刊(第14期)
2014/06/02-2014/06/08
安全资讯
被DEF CON会议拒绝的安全研究员公开中国网络间谍活动报告
http://www.solidot.org/story?sid=39805
http://www.solidot.org/story?sid=39805
一周海外安全事件回顾(20140531-0606)
http://www.freebuf.com/news/special/36124.html
http://www.freebuf.com/news/special/36124.html
Exclusive: U.S. companies seek cyber experts for top jobs, board seats
http://www.reuters.com/article/2014/05/30/us-usa-companies-cybersecurity-exclusive-idUSKBN0EA0BX20140530?feedType=RSS&feedName=technologyNews
http://www.reuters.com/article/2014/05/30/us-usa-companies-cybersecurity-exclusive-idUSKBN0EA0BX20140530?feedType=RSS&feedName=technologyNews
安全技术
CVE-2012-1889 exploit sample analysis
http://www.secniu.com/maybe-cve-2012-1889-exploit-analysis/
http://www.secniu.com/maybe-cve-2012-1889-exploit-analysis/
AMiner Paper Citation & Author Collaboration Networks
http://arnetminer.org/AMinerNetwork
http://arnetminer.org/AMinerNetwork
Altman:the webshell tool
https://github.com/keepwn/Altman
https://github.com/keepwn/Altman
非扫描式定位攻击域内SQL Server
http://drops.wooyun.org/pentesting/2134
http://drops.wooyun.org/pentesting/2134
为什么 Linux 的 htop 命令完胜 top 命令
http://linux.cn/article-3141-1.html?fromuid=0
http://linux.cn/article-3141-1.html?fromuid=0
简单介绍python-nmap 模块的使用
http://www.xocoder.com/archives/1088
http://www.xocoder.com/archives/1088
Elasticsearch 权威指南
http://fuxiaopang.gitbooks.io/learnelasticsearch/
http://fuxiaopang.gitbooks.io/learnelasticsearch/
rdp cracker rdp密码破解程序
https://baoz.net/rdp-cracker-3389-cracker/
https://baoz.net/rdp-cracker-3389-cracker/
Adobe Shockwave - A case study on memory disclosure
http://phrack.org/papers/shockwave_memory_disclosure.html
http://phrack.org/papers/shockwave_memory_disclosure.html
Defcon babyfirst-Heap程序分析
http://www.91ri.org/9198.html
http://www.91ri.org/9198.html
Automatically uncover XSS inside Flash
http://insight-labs.org/?p=1281
http://insight-labs.org/?p=1281
Live Memory Forensics on Android with Volatility
https://www1.informatik.uni-erlangen.de/filepool/publications/Live_Memory_Forensics_on_Android_with_Volatility.pdf
https://www1.informatik.uni-erlangen.de/filepool/publications/Live_Memory_Forensics_on_Android_with_Volatility.pdf
How To Defend Against Advanced IE Exploitation
http://researchcenter.paloaltonetworks.com/2014/06/defend-advanced-ie-exploitation/
http://researchcenter.paloaltonetworks.com/2014/06/defend-advanced-ie-exploitation/
APT 高级漏洞利用技术
http://vdisk.weibo.com/s/BgiHan4xseFf/1401439686
http://vdisk.weibo.com/s/BgiHan4xseFf/1401439686
生物特征识别之指纹识别,伪造,指纹设备缺陷设计
http://drops.wooyun.org/tips/2140
http://drops.wooyun.org/tips/2140
Hacking with JSP Shells
https://www.netspi.com/blog/entryid/126/hacking-with-jsp-shells
https://www.netspi.com/blog/entryid/126/hacking-with-jsp-shells
LVS在大规模网络环境下的应用
http://www.osforce.cn/course/193
http://www.osforce.cn/course/193
Flash+Upload Csrf 攻击技术
http://blog.knownsec.com/2014/06/flashupload_csrf_attacking/
http://blog.knownsec.com/2014/06/flashupload_csrf_attacking/
2014中国计算机网络安全年会
http://2014.cert.org.cn/metting_rc.html
http://2014.cert.org.cn/metting_rc.html
-----微信ID:SecWiki-----
SecWiki,12年来一直专注安全技术资讯分析!
SecWiki:https://www.sec-wiki.com本期原文地址: SecWiki周刊(第14期)
