SecWiki周刊（第142期)

SecWiki周刊（第142期）

2016/11/14-2016/11/20

安全资讯

[其它] 国外网络安全博客Top 50
http://blog.feedspot.com/cyber_security_blogs/

[设备安全] NIST 发布大规模物联网安全报告[PDF]
http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-160.pdf

[新闻] Kapustkiy 回归，下一个目标是谁？
http://www.mottoin.com/91952.html

[视频] 使用USRP追踪飞机
https://v.qq.com/x/page/e0346ll12xf.html

[事件] 加拿大政府官网疑似被攻破
http://www.mottoin.com/92296.html

[爆库] Hacker Breaks into Italian Government Website, 45,000 Users Exposed
http://news.softpedia.com/news/hacker-breaks-into-italian-government-website-45-000-users-exposed-510332.shtml

[事件] GitHub 800 万用户信息疑似泄露
http://www.mottoin.com/92180.html

[事件] 黑客暴露了AdultFriendFinder的4.12亿账户&& twitter 900W用户名数据
http://www.mottoin.com/91846.html

[事件] 全球招聘网站巨头PageGroup被黑,泄露数百万求职者信息
http://www.mottoin.com/91881.html

[会议] 周鸿祎帮你一篇文章看懂乌镇互联网大会两大热点：互联网经济下半场、人工智能
http://www.mottoin.com/92166.html

[恶意分析] 周鸿祎：IOT时代存在巨大威胁
http://www.mottoin.com/92059.html

[新闻] 美国成人网站使用WebSocket绕过广告屏蔽插件
http://mp.weixin.qq.com/s?__biz=MjM5MDE0Mjc4MA==&mid=2650994833&idx=1&sn=1d005c7aab59cb1fb908e84188ebf6a8&chksm=bdbf00c28ac889d47f9e71d8b7b7fc37053a75ae710e7586d09bf99c4561260f9d295e5d8b95&scene=0#rd

[法规] NIST耗时两年编撰《网络安全工程技术指南》已正式发布
https://www.easyaq.com/newsdetail/id/1018922002.shtml

[事件] 锦行科技出奇•守正-幻云发布会即将重磅开启
http://www.mottoin.com/92201.html

[新闻] 32家信息系统集成及服务大型一级企业出炉
http://mp.weixin.qq.com/s?__biz=MzI3MzAzNDAyMQ==&mid=2657592814&idx=2&sn=23e8e2f29dd838ec35b2f211f9838741&chksm=f0ba7ba4c7cdf2b2e4ac176b231e77ca135ea6f4b72d86f25fb170015a39fe1c4a9ed047cb3b&mpshare=1&scene=2&srcid=1118ABdLefWDNyTsrK5mAKWB&from=timeline#rd

[新闻] 中国央行招聘区块链专家开发数字货币
http://www.solidot.org/story?sid=50409

[恶意分析] Secret Backdoor in Some U.S. Phones Sent Data to China
http://www.nytimes.com/2016/11/16/us/politics/china-phones-software-security.html?_r=0

[观点] 黑客、情报与铁王座
http://mp.weixin.qq.com/s?__biz=MzI0NDE0MTE3MQ==&mid=2653514860&idx=1&sn=22c2811253158c9caa9a809218dfe0ad&chksm=f2bf9170c5c81866b538c060d5e637c85c31e6f353b94875aa9a1adcc9c1db6f18d8593cd22f&mpshare=1&scene=2&srcid=11197z96K0odPQpzjmI304jK&from=timeline#rd

[新闻] 我国网络空间防御技术取得重大突破
http://news.sciencenet.cn/htmlnews/2016/11/360863.shtm

[人物] 如何成为移动安全的领跑者，爱加密CEO郭训平
http://mp.weixin.qq.com/s?__biz=MzIzMTAzNzUxMQ==&mid=2652876253&idx=1&sn=261b363b0e12bbe21c7b6315b8fe3580&chksm=f34142f5c436cbe3c57f498cec84ae1d542bb2cb1727f0069c5c612fa39d4e5e0511954da07a&scene=0#rd

安全技术

[Web安全] 基于centos6.8的Suricata+Barnyard2的Snorby-IDS
http://blog.csdn.net/qq_29277155/article/details/53205582

[运维安全] NIST特刊800-160：系统安全工程
https://cdn.easyaq.com/@/20161117/1479369118426090915.pdf

[书籍] Python Data Science Handbook： Python数据分析手册书籍
https://github.com/jakevdp/PythonDataScienceHandbook

[移动安全] How Can Drones Be Hacked? The updated list of vulnerable drones & attack tools
https://medium.com/@swalters/how-can-drones-be-hacked-the-updated-list-of-vulnerable-drones-attack-tools-dd2e006d6809#.j11w643iz

[Web安全] Open Source Intelligence Tools and Resources Handbook[PDF]
http://www.i-intelligence.eu/wp-content/uploads/2016/11/2016_November_Open-Source-Intelligence-Tools-and-Resources-Handbook.pdf

[移动安全] DeGuard:apk-deguard 在线APK反混淆工具
http://www.apk-deguard.com/

[移动安全] How To Set Up A Drone Vulnerability Testing Lab
https://medium.com/@swalters/how-to-set-up-a-drone-vulnerability-testing-lab-db8f7c762663#.kzi1a0dob

[移动安全] 打造一个手机端的渗透平台
http://www.mottoin.com/92241.html

[运维安全] 京东Nginx平台化实践
http://mp.weixin.qq.com/s?__biz=MzA3MzYwNjQ3NA==&mid=2651297317&idx=1&sn=ffc57671c8c55d257f8a6d0ad3b502b6&chksm=84ff4200b388cb1668925a6293736729d45d39339292a6536da8f59392a221cb219be5cd64fd&mpshare=1&scene=2&srcid=1115tAgLbSASsLPau5QnIxFW&from=timeline#rd

[Web安全] jSQL Injection v0.77 - Java application for automatic SQL database injection
http://www.kitploit.com/2016/11/jsql-injection-v077-java-application.html

[无线安全] 无线之破解wpa2加密的wifi密码
http://www.mottoin.com/92122.html

[恶意分析] 滥用NPM库实现敏感数据提取
http://www.mottoin.com/91795.html

[移动安全] Janus: 盘古团队打造的移动应用安全分析社区化平台
http://demo.appscan.io/web/search-rule.html#type=rule&page=1

[Web安全] PHP Hacker代码审计秘籍
http://www.freebuf.com/articles/rookie/119969.html

[无线安全] 蓝牙攻击-基础篇
http://www.whitecell-club.org/?p=1524

[会议] 带你走进维也纳版的CCS2016（现场报告点评三）
http://mp.weixin.qq.com/s?__biz=MzA4ODYzMjU0NQ==&mid=2652307009&idx=1&sn=d6b3302e4a17e12a3bf7046de6c56b37&chksm=8bc563cfbcb2ead9455d5adb9ee6c0efc1e5c8ece6b26f229b225b90cbf2ab31bf5c53bdb97c&scene=0#rd

[数据挖掘] JDong: 京东数据爬虫接口
https://github.com/Chyroc/JDong

[数据挖掘] 自然语言处理工具包spaCy介绍
http://www.52nlp.cn/%e8%87%aa%e7%84%b6%e8%af%ad%e8%a8%80%e5%a4%84%e7%90%86%e5%b7%a5%e5%85%b7%e5%8c%85spacy%e4%bb%8b%e7%bb%8d

[数据挖掘] 大数据框架对比：Hadoop、Storm、Samza、Spark和Flink
http://www.infoq.com/cn/articles/hadoop-storm-samza-spark-flink

[恶意分析] IOT僵尸Mirai源码浅析
http://mp.weixin.qq.com/s?__biz=MzAwMTk5MzEwNw==&mid=2247483716&idx=1&sn=e3053c732e724ba1aa3064234ca0de0d&chksm=9ad071b8ada7f8ae7e5ad1025909308145c38a96b60b77914b91282284af0b35909458ec69bf&mpshare=1&scene=1&srcid=1117DK0KzENwVkQ0YkhMuAMR#rd

[恶意分析] CHM渗透：从入门到“入狱”
http://www.freebuf.com/articles/system/119874.html

[运维安全] 终端安全产品的进化：终端安全检测和响应
http://bobao.360.cn/news/detail/3761.html

[运维安全] DDoS黑产调研
http://www.arkteam.net/?p=1340

[无线安全] 一种新型攻击手法：监听WIFI变化嗅探手机输入
http://www.mottoin.com/91945.html

[Web安全] 命令执行和绕过的一些小技巧
http://bobao.360.cn/learning/detail/3192.html

[移动安全] needle: IOS的安全测试框架
https://github.com/mwrlabs/needle

[Web安全] lightbulb-framework: 一款WAF审计工具
https://github.com/lightbulb-framework/lightbulb-framework

[运维安全] 企业级入侵检测系统及实时告警的开源实现
http://bobao.360.cn/learning/detail/3185.html

[其它] 数据泄露信息发布网站
http://www.leakedin.com/

[工具] poisontap:在锁定的计算中植入后门
https://github.com/samyk/poisontap

[移动安全] OSXCollector： a forensic evidence collection & analysis toolkit for OSX.
http://yelp.github.io/osxcollector/

[漏洞分析] CVE-2016-0176漏洞及利用详解
http://keenlab.tencent.com/zh/2016/11/18/A-Link-to-System-Privilege/

[移动安全] iRET：IOS 逆向渗透测试工具套件
http://www.mottoin.com/91857.html

[Web安全] CVE-2016-5007 Spring Security / MVC Path Matching Inconsistency
http://www.mottoin.com/92079.html

[恶意分析] 中文：使用Raspberry Pi Zero在锁定的计算机中安装后门
http://www.mottoin.com/92104.html

[Web安全] 使用nmap和自定义子域名文件发现目标子域
http://www.mottoin.com/92113.html

[数据挖掘] Qunar用户画像构建策略及应用实践
http://mp.weixin.qq.com/s?__biz=MzA5NzkxMzg1Nw==&mid=2653161282&idx=1&sn=b1de3043ebc5fbdc3ee1e608174cf06d&chksm=8b493a2cbc3eb33a2de914c9b692c083516677c122162fc1e29469e3d503479f765ecf43be4a&mpshare=1&scene=1&srcid=1118Wr9QCtL8sRInNGHaSkKd#rd

[工具] 国内几大cdn ip地址段
http://www.cmsky.com/cn-cdn-ip

[Web安全] SHELLING - an offensive approach to the anatomy of improperly written OS command
https://github.com/ewilded/shelling

[漏洞分析] a tool to perform static analysis of known vulnerabilities in docker
https://github.com/eliasgranderubio/check_docker_image

[编程技术] 大众点评订单系统分库分表实践 -
http://tech.meituan.com/dianping_order_db_sharding.html

[Web安全] 在SQLite中实现命令执行
http://www.mottoin.com/91908.html

[工具] OWASP Directory Access scanner
https://github.com/stanislav-web/OpenDoor

[其它] PowerShell Reverse HTTPs Shell
https://github.com/subTee/PoshRat

[运维安全] 验证码的前世今生（前世篇）
https://zhuanlan.zhihu.com/p/23326828

[移动安全] New Hack: How to Bypass iPhone Passcode to Access Photos and Messages Wednesday
http://thehackernews.com/2016/11/iphone-hacking.html

[移动安全] Google's tamper detection for Android 移动端威胁情报检测/风控SDK
https://koz.io/inside-safetynet/

[运维安全] 从Nginx Access日志中挖掘有价值的漏洞
http://mp.weixin.qq.com/s?__biz=MzI5ODE0ODA5MQ==&mid=2652277631&idx=1&sn=49f5aa92ba552df0aa43804c191a90fa&chksm=f74862ebc03febfd5b5866dfb1785319cf1a79cc026322624c0803cb65986ec6f2a2e9bc45b9&scene=0#rd

[恶意分析] dorothy2：开源的恶意软件/僵尸网络分析框架
http://www.mottoin.com/92101.html

[工具] PowerShell Empire Web：基于web接口管理Empire
http://www.mottoin.com/91966.html

[运维安全] NoSQLAttack: Python编写的开源的mongoDB攻击工具
https://github.com/youngyangyang04/NoSQLAttack

[无线安全] 使用USRP探索无线世界 Part 1：USRP从入门到追踪飞机飞行轨迹
http://www.freebuf.com/articles/wireless/119950.html

[编程技术] A Better Login System: PHP编程实现基于ACL认证过程
https://code.tutsplus.com/tutorials/a-better-login-system--net-3461

[设备安全] awesome-iot-hacks: A Collection of Hacks in IoT Space
https://github.com/nebgnahz/awesome-iot-hacks

[漏洞分析] 跨平台内核Fuzzer框架
https://n0where.net/cross-platform-kernel-fuzzer-framework/

[运维安全] 浅谈如何利用IP数据来辅助风控和安全系统
http://www.freebuf.com/special/120041.html

[Web安全] 绕过Ebay xss保护
http://www.mottoin.com/92305.html

[Web安全] 从XSS到RCE2.5 - Black Hat Europe Arsenal 2016
https://github.com/Varbaek/xsser

[编程技术] 为何我暂停了维护 Python 社区的志愿者工作
https://www.oschina.net/news/79150/why-i-took-october-off-from-oss-volunteering

[Web安全] 使用Commix绕过安全防护利用命令执行漏洞
http://www.mottoin.com/91806.html

[移动安全] HackingTeam back for your Androids, now extra insecure!
http://rednaga.io/2016/11/14/hackingteam_back_for_your_androids/

[移动安全] AndroidLinker与SO加壳技术之下篇
http://yaq.qq.com/blog/15

[漏洞分析] VBulletin 核心插件 forumrunner SQL注入(CVE-2016-6195)漏洞分析
http://paper.seebug.org/116/

[Web安全] Pwning Your Java Messaging With Deserialization Vulnerabilities[PDF]
https://www.blackhat.com/docs/us-16/materials/us-16-Kaiser-Pwning-Your-Java-Messaging-With-Deserialization-Vulnerabilities.pdf

[恶意分析] 两个BackDoor样本的共性“基因”与差异
http://mp.weixin.qq.com/s?__biz=MzI4ODA4MTcxMA==&mid=2649550038&idx=1&sn=63d285a2e45042a42dd10258b2340817&chksm=f3db9e97c4ac17818a43695e1a406ceaee3a3b8501bb2ff67ad043a91d5bfbe3ee0ce4536561&mpshare=1&scene=1&srcid=1117LOqeq6fDpDgJEtsVgfeo#rd

[Web安全] Bypassing Two-Factor Authentication on OWA & Office365 Portals
http://www.blackhillsinfosec.com/?p=5396

[杂志] SecWiki周刊（第141期)
https://www.sec-wiki.com/weekly/141

-----微信ID：SecWiki-----
SecWiki，12年来一直专注安全技术资讯分析！
SecWiki：https://www.sec-wiki.com

本期原文地址: SecWiki周刊(第142期)

SecWiki周刊（第142期）

最新公告

友情链接

SecWiki公众号

安全学术圈