SecWiki周刊（第145期)

SecWiki周刊（第145期）

2016/12/05-2016/12/11

安全资讯

[比赛] Metasploitable3 Capture the Flag Competition
https://community.rapid7.com/community/metasploit/blog/2016/12/07/metasploitable3-capture-the-flags-competition

[新闻] 乌云社区-临时版？
http://zone.drops.wiki/

[新闻] 美空军参谋长纵论信息时代战争的新变化
http://mp.weixin.qq.com/s?__biz=MzA3NDMxOTQwNw==&mid=2650046945&idx=1&sn=905cdfe0b968d7dd5c394d7468569e1b&chksm=8701b2a1b0763bb7b4120d1b2ae73b072d09f8429155fc039a7691ea41bf82597138947c9943&scene=0#rd

[其它] Top 6 breach response best practices for 2017
https://www.helpnetsecurity.com/2016/12/06/breach-response-best-practices/

[新闻] 国外购买泄露数据的9大途径
http://www.freebuf.com/news/122418.html

[人物] WebRAY权小文：产品就是工程师的尊严
http://mp.weixin.qq.com/s?__biz=MzIzMTAzNzUxMQ==&mid=2652876526&idx=1&sn=02bf2db3d229b336578154f3a603c7da&chksm=f34141c6c436c8d08f3be41b38309871b6a322620786771a0ff7188b2fc94b009938a7e050db&mpshare=1&scene=2&srcid=1202lEal3QTlDNYMQqmX7aVa&from=timeline#rd

[新闻] 2016补天白帽沙龙江西记
http://mp.weixin.qq.com/s?__biz=MzA5ODMyMzQ1OQ==&mid=2698432247&idx=2&sn=9b9910e110a3331bd4d655e48480da3b&chksm=b5b1339b82c6ba8de8753a99c44d31dfdae9349c93224a0cc46c62c2d1f372731ba477183236&mpshare=1&scene=23&srcid=1205qqi6TmSNlIfcZpeyMGcN#rd

[新闻] Hacker Claims To Push Malicious Firmware Update to 3.2 Million Home Routers
http://motherboard.vice.com/read/hacker-claims-to-push-malicious-firmware-update-to-32-million-home-routers

[新闻] 美国NSF拨款7600万美元作为网络安全研究经费
http://mp.weixin.qq.com/s?__biz=MzI4MjA1MzkyNA==&mid=2655294640&idx=4&sn=f88eb68d2c25265b4e29380761fe65b6&chksm=f02fe8fbc75861ed5a7ed059b7b94bcb9e5f91e3a2c4fe99bd359d15bfc7529ce8000bb2df1b&scene=0#rd

[新闻] 第三次中美网络犯罪高级别联合对话成果清单
http://mp.weixin.qq.com/s?__biz=MzIyNjE0NTQ2OA==&mid=2651229381&idx=1&sn=975d39855c0356005e751b6aa9ab300a&chksm=f386c916c4f14000e1eb84d0ed7dc454be2c88da263ed8fe3ebb68cfa4aecf02bd45d44cbfa9&mpshare=1&scene=2&srcid=1209Lg8tts2eg28p0EdnZus4&from=timeline#rd

[观点] 走近科学：“爱因斯坦”（EINSTEIN）计划综述
http://www.arkteam.net/?p=1218

[新闻] Exploiting machine learning in cybersecurity
https://techcrunch.com/2016/07/01/exploiting-machine-learning-in-cybersecurity/?ncid=rss&utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Techcrunch+%28TechCrunch%29

[人物] 安司密信刘林：掌握你发出的每条信息
http://weibo.com/ttarticle/p/show?id=2309404051148104407941

[新闻] 中国教授离王健林的小目标有多远
http://blog.sciencenet.cn/blog-414166-1019093.html

安全技术

[Web安全] Blasting_dictionary: 各种爆破字典集合
https://github.com/rootphantomer/Blasting_dictionary

[Web安全] Cobalt Strike 3.6 – 提权之路
http://www.mottoin.com/93482.html

[Web安全] 一个不错的线上XSS 训练网站【需翻墙】
https://public-firing-range.appspot.com/address/index.html

[比赛] JarvisOJ：CTF在线答题系统
https://www.jarvisoj.com/about

[Web安全] Burpsuite 1.7破解版本 Cracked 2017/12/3
https://www.ohlinge.cn/tool/burpsuite_1-7_cracked.html

[Web安全] Burp Suite 官方文档中文版
https://yw9381.gitbooks.io/burp_suite_doc_zh_cn/content/

[其它] HCTF 2016网络攻防大赛官方Writeup
http://www.freebuf.com/articles/web/121778.html

[Web安全] 论文：神经网络来检测钓鱼帖，你将不会相信接下来发生的一切
https://arxiv.org/pdf/1612.01340v1.pdf

[移动安全] Android：Native层文件解析漏洞分析
http://yaq.qq.com/blog/18

[Web安全] phpvulhunter: PHP源码扫描开源工具
https://github.com/OneSourceCat/phpvulhunter

[文档] OWASP 2016 上海区域沙龙 —安全 Fun 享会
http://www.owasp.org.cn/OWASP_Events/owasp1203

[Web安全] BurpSuite 实战指南
https://pan.baidu.com/s/1eS2w8z4

[事件] 委内瑞拉军方网站被入侵
http://www.mottoin.com/93136.html

[编程技术] 基于Tor匿名网络的多ip爬虫
https://www.urlteam.org/2016/12/%e5%9f%ba%e4%ba%8etor%e5%8c%bf%e5%90%8d%e7%bd%91%e7%bb%9c%e7%9a%84%e5%a4%9aip%e7%88%ac%e8%99%ab/

[文档] 【PPT下载】SyScan360上海站精彩演讲内容汇总
http://bobao.360.cn/news/detail/3818.html

[运维安全] OSINT Framework 相关工具总结
http://osintframework.com/

[Web安全] 使用Anonsurf在Kali实现匿名访问
http://www.mottoin.com/93529.html

[无线安全] Pyxiewps python编写的爆破WPS PIN码的脚本
https://github.com/jgilhutton/pyxiewps_WPShack-Python

[漏洞分析] Exploiting 64-bit IE on Windows 8.1 – The Pwn2Own Case Study
https://vimeo.com/album/3553614/video/190996672

[Web安全] urlfuzzing：高级的URL Fuzzing和whois信息查询python脚本
https://github.com/zayedaljaberi/urlfuzzing

[恶意分析] Webshells - Every Time the Same Story…(Part 2)
https://dfir.it/blog/2016/01/18/webshells-every-time-the-same-story-dot-dot-dot-part2/

[恶意分析] Now Mirai Has DGA Feature Built in
http://blog.netlab.360.com/new-mirai-variant-with-dga/

[恶意分析] 使用Powershell和PNG在Imgur上投毒
http://www.mottoin.com/93127.html

[运维安全] IPsec VPN 服务器一键安装脚本
https://github.com/hwdsl2/setup-ipsec-vpn/blob/master/README-zh.md

[恶意分析] 基于静态分析的机器学习方式检测恶意软件
https://sentinelone.com/blogs/detecting-malware-pre-execution-static-analysis-machine-learning/

[文档] 2016 年上半年中国网站安全报告
http://blog.nsfocus.net/wp-content/uploads/2016/12/2016H1-china-website-security-report.pdf

[文档] 安全高风险用户：独立和不对等的信息对抗
https://www.johnscottrailton.com/security-for-the-high-risk-user/

[比赛] Pwnhub 邀请赛 Web writeup
http://d0n9.me/2016/12/08/Pwnhub%E9%82%80%E8%AF%B7%E8%B5%9B-web%E9%A2%98%E7%9B%AEwriteup/

[数据挖掘] 吴恩达 NIPS 2016：利用深度学习开发人工智能应用的基本要点
http://weibo.com/ttarticle/p/show?id=2309351000224050014816084383&u=3216881963&m=4050101346842427&cu=3216881963&ru=2118746300&rm=4050079864019949

[Web安全] 在线MySQL 密码生成/反查攻击
http://www.mysql-password.com/

[运维安全] 一种被动的Tor网络去匿名化方法
http://www.arkteam.net/?p=1414

[恶意分析] 通过EVENTVWR.EXE和注册表劫持绕过UAC
http://www.mottoin.com/93412.html

[运维安全] 运维军团独家原创DDos防护工具
http://mp.weixin.qq.com/s/a1PQSrRDTGojudZQkTsXFQ

[杂志] SecWiki周刊（第144期)
https://www.sec-wiki.com/weekly/144

[漏洞分析] Safari浏览器JavaScript引擎JavaScriptCore的漏洞利用技术
http://drops.wiki/index.php/2016/12/10/jscpwn/

[取证分析] 基站查询网址、软件、API接口汇总
http://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651103904&idx=1&sn=bad186157d6db95445f792604f8be4cf&chksm=f1aed59ac6d95c8ca3296da440c507563ab51ffc808f660c35b6b5e3196846e7b9bf0d3ee034&scene=0#rd

[恶意分析] 黑客通过收集的SSH keys 进行传播攻击
https://www.ssh.com/malware/

[恶意分析] Analysis of the DAO exploit
http://hackingdistributed.com/2016/06/18/analysis-of-the-dao-exploit/

[恶意分析] Webshells: Rise of the Defenders (Part 4)
https://dfir.it/blog/2016/12/07/webshells-rise-of-the-defenders-part-4/

[恶意分析] Webshells - Every Time the Same Purpose, Every Time a Different Story (Part 1)
https://dfir.it/blog/2015/08/12/webshell-every-time-the-same-purpose/

[工具] 取证分析工具集
http://www.securitywizardry.com/index.php/products/forensic-solutions.html

[恶意分析] Eventvwr无文件UAC绕过在Cobalt Strike 中的实现
http://www.mottoin.com/93433.html

[工具] PortEx：分析PE文件的java库
http://www.mottoin.com/93561.html

[Web安全] roundcube command execution via email
https://blog.ripstech.com/2016/roundcube-command-execution-via-email/

[移动安全] [0day] Bypassing Apple's System Integrity Protection
https://objective-see.com/blog/blog_0x14.html

[论文] 带你走进维也纳版的CCS2016（现场报告点评六）
https://www.inforsec.org/wp/?p=1567#more-1567

[移动安全] Android逆向与病毒分析
http://mp.weixin.qq.com/s?__biz=MzI4MzI4MDg1NA==&mid=2247483766&idx=1&sn=556e4013ecf61057dc3f3ef75c5d31e0&chksm=eb8c55cfdcfbdcd9f7e78824778887b491929509f38210c93db973a306ffdcce5637d23f5cca&mpshare=1&scene=1&srcid=1206iFN4fygpyaOXHbuTI6Hl#rd

[设备安全] Buying and Selling SCADA Zero-Days
http://resources.infosecinstitute.com/how-much-is-a-zero-day-exploit-for-an-scadaics-system/

[漏洞分析] Roundcube v1.2.2命令执行漏洞分析
https://lightrains.org/roundcube-remote-command-execution/

[Web安全] RIPS平台的漏洞分析核心技术详解
https://blog.ripstech.com/2016/introducing-the-rips-analysis-engine/

[移动安全] 12月Android安全补丁风险评估
http://appscan.360.cn/blog/?p=178

[Web安全] 暴力发现GET/POST参数脚本
https://github.com/mak-/parameth

[Web安全] ManageEngine ServiceDesk加密解密研究
http://mp.weixin.qq.com/s?__biz=MjM5MDkwNjA2Nw==&mid=2650373963&idx=1&sn=f8965118c06e4d59c0233b19abb6fbe7&chksm=beb07cf789c7f5e144b78546bb6b5580e83556d38868b13ff53cdcca752cd2d623c9872f7bbf&mpshare=1&scene=2&srcid=1208xUvfborZxtQGdZcRUPWp&from=timeline#rd

[运维安全] GitMiner: Tool for advanced mining for content on Github
https://github.com/UnkL4b/GitMiner

[工具] FireAway：下一代防火墙Bypass工具
http://www.mottoin.com/93473.html

[数据挖掘] 谈一谈朴素贝叶斯作为基分类器的Adaboost算法
http://dataunion.org/26453.html

[工具] 基于Ubuntu的BlackBox Linux 4.7版本发布
http://www.mottoin.com/93356.html

[Web安全] Linux下常见命令及部分安全软件使用命令列表
https://github.com/andrewjkerr/security-cheatsheets

[其它] Windows System Information 6.1.7601 – XML External Entity Vulnerability
http://zwx.fr/2016/12/windows-system-information-6-1-7601-xml-external-entity-vulnerability/

[Web安全] 通过反射型XSS绕过配合form-action绕过CSP
http://www.mottoin.com/93211.html

[设备安全] 0day可导致成千上百万的网络摄像头沦为僵尸网络
https://www.cybereason.com/zero-day-exploits-turn-hundreds-of-thousands-of-ip-cameras-into-iot-botnet-slaves/

[Web安全] 技术分享: WebMail Hacking
http://www.mottoin.com/wp-content/uploads/2016/11/Webmail-Hacking.ppt

[运维安全] hunter：调用 Windows API 枚举用户登录信息
http://www.mottoin.com/93286.html

[恶意分析] Webshells - Every Time the Same Story…(Part 3)
https://dfir.it/blog/2016/07/06/webshells-every-time-the-same-story-dot-dot-dot-part-3/

[Web安全] ssrfDetector: Server-side request forgery detector
https://github.com/JacobReynolds/ssrfDetector

[Web安全] 利用 XML Signature 攻击绕过 SAML 2.0 单点登录
http://www.mottoin.com/93405.html

-----微信ID：SecWiki-----
SecWiki，12年来一直专注安全技术资讯分析！
SecWiki：https://www.sec-wiki.com

本期原文地址: SecWiki周刊(第145期)

SecWiki周刊（第145期）

最新公告

友情链接

SecWiki公众号

安全学术圈