SecWiki周刊(第147期)
2016/12/19-2016/12/25
安全资讯
[Web安全]  Web安全工程师微专业
http://mooc.study.163.com/smartSpec/detail/1001227001.htm?utm_source=9305777&utm_medium=cps&utm_campaign=affiliate
[视频]  互联网安全志愿者联盟:配合执法部门打击网络灰黑产业链
http://tv.cctv.com/2016/12/24/VIDEvKOS1muC2zyhFgaBJY9m161224.shtml
[漏洞分析]  US State Police Have Spent Millions on Israeli Phone Cracking Tech
http://motherboard.vice.com/read/us-state-police-have-spent-millions-on-israeli-phone-cracking-tech-cellebrite
[事件]  俄罗斯黑客出售美国选举援助委员会网站权限与数据
http://www.mottoin.com/94240.html
[运维安全]  SANS:2016年安全分析调研报告
http://yepeng.blog.51cto.com/3101105/1885339
[事件]  2016年网络安全大事记
https://mp.weixin.qq.com/s?__biz=MjM5Njc3NjM4MA==&mid=2651069792&idx=1&sn=cd801051b04cf4b151779b6e5bc54787&chksm=bd14adb38a6324a5ce5eb5c8dcb14c6388b6e21de601272e9e7269d34263e2262326b6cc6695&mpshare=1
[新闻]  Shadow Brokers再次兜售NSA黑客工具包
http://bobao.360.cn/news/detail/3857.html
[新闻]  纽约金融监管机构推迟安全规则
http://www.cnbc.com/2016/12/21/ny-financial-regulator-to-delay-cybersecurity-rules.html
[新闻]  北向峰会讲点啥?
http://www.aqniu.com/news-views/12677.html
[新闻]  偷情网站 Ashley Madison 因数据泄露被罚160万美元
http://www.aqniu.com/news-views/21813.html
[新闻]  FBI逮捕DDoS僵尸网络的租赁者
http://www.solidot.org/story?sid=50788
[人物]  王琦:一个极致主义者的从零到一
https://mp.weixin.qq.com/s?__biz=MzIzMTAzNzUxMQ==&mid=2652876881&idx=1&sn=7f867c97ac4c0f358846cbfee5e7259a&chksm=f3415f79c436d66ff110e521f2a8076dd19069f418cf41abac07ebb8894716e5600006c75bcf&scene=0&key=564c3e9811aee0abc6a88e647fdeb8154f916928a55b8adfc5e02e3c302a7c73647ae55bd69130c0d4d8ff520b549e11ac
[法规]  全面透视|老王逐条解读网络安全法
https://www.sec-un.org/4933.html
[观点]  美国在抓捕俄罗斯黑客上面临重重困难
http://www.solidot.org/story?sid=50791
[新闻]  西电与360公司合作共建网络安全创新研究院
https://mp.weixin.qq.com/s?__biz=MzAwNDgwMTY5MQ==&mid=2657419072&idx=1&sn=cc6a86099eb599f18a7e97e3371879be&chksm=80b60ab4b7c183a25018aed376e018b68184ded3ae1f8f69bfefc9f65caec1347edbf687e331&mpshare=1&scene=2&srcid=1220joEa5ITjndEe1rwbNwzJ&from=timeline&key=564c3e9811aee0ab371db1b6d5d952f0d09a99457ec
[人物]  一个普通白帽子的安全从业之路
https://mp.weixin.qq.com/s?__biz=MzIzMTAzNzUxMQ==&mid=2652876955&idx=1&sn=09c104ff3aaa466503e44ba2ddc8b2ba&chksm=f3415fb3c436d6a5ca002dc4fa0423f4ed40427b6b9380e41d61a96e229242f4be62fbea5d9d&scene=0&key=564c3e9811aee0ab408698de52d220e9209833f8c59371683268876aa5ce4661716b39afad95e3d54e0e73c7b9624a7dac
[新闻]  迪拜警方开始使用犯罪预测软件
http://www.solidot.org/story?sid=50846
安全技术
[Web安全]  文件上传漏洞绕过方法
https://www.aptive.co.uk/blog/unrestricted-file-upload-testing/
[Web安全]  从“小白”到“白帽子黑客”的实用指南
http://mp.weixin.qq.com/s?__biz=MzIxNDI0MDAxNg==&mid=100000063&idx=1&sn=6ca03d6092bf79412b2baf5b1b174b08&chksm=17abdf4020dc5656476
[漏洞分析]  cobaltstrike3.6 破解版
http://evi1cg.me/archives/CobaltStrike_3_6_Cracked.html
[Web安全]  基于谷歌SSL透明证书的子域名查询脚本
https://github.com/We5ter/GSDF
[Web安全]  WeCenter 3.1.9 存储 XSS漏洞分析
http://linux.im/2016/12/22/WeCenter-319-Stored-XSS-Vuln.html
[Web安全]  巡风:企业内网的漏洞快速应急巡航扫描系统(附Docker版本)
http://www.mottoin.com/94253.html
[论文]  安全顶会 NDSS 2017 接收论文列表
http://www.internetsociety.org/events/ndss-symposium/ndss-symposium-2017/ndss-2017-programme
[移动安全]  iOS安全审计入门
http://www.freebuf.com/articles/terminal/123098.html
[运维安全]  Splunk大数据分析经验分享:从入门到夺门而逃
http://www.freebuf.com/articles/database/123006.html
[数据挖掘]  XGBoost, LightGBM性能大对比
https://mp.weixin.qq.com/s?__biz=MzIzMDA1MTM3Mg==&mid=2653077671&idx=2&sn=52242203da8cbcc007558d19bc79b1a6&chksm=f36f3be4c418b2f2b907a932703dab122327dd5519181429d10f9bf681cce6c1d921921ffc08&mpshare=1&scene=2&srcid=1221aPaK1shSu2ZBvdg6mfJ8&from=timeline&key=564c3e9811aee0ab0d4dc0f8db7071f8cba623eb13d
[Web安全]  DSVW: Damn Small Vulnerable Web(小型靶场一枚)
https://github.com/stamparm/DSVW
[取证分析]  poseidon: 360公司日志搜索平台「开源」
https://github.com/Qihoo360/poseidon
[Web安全]  Tengine WAF 实践
http://www.mottoin.com/94365.html
[运维安全]  openresty最佳实践笔记
http://snoopyxdy.blog.163.com/blog/static/601174402016111434342439
[漏洞分析]  FuzzySec:Windows Kernel Exploitation: Integer Overflow
http://www.fuzzysecurity.com/tutorials/expDev/18.html
[运维安全]  Harbor: 基于Docker Distribution的企业级Registry服务
http://vmware.github.io/harbor/index_cn.html
[编程技术]  Docker — 从入门到实践
https://github.com/yeasy/docker_practice
[运维安全]  xunfeng: 巡风是一款适用于企业内网的漏洞快速应急,巡航扫描系统
https://github.com/ysrc/xunfeng
[数据挖掘]  awesome-ml-for-cybersecurity: Machine Learning for Cyber Security
https://github.com/jivoi/awesome-ml-for-cybersecurity#awesome-machine-learning-for-cyber-security-
[工具]  CloudFlare_enum:使用CloudFlare进行子域名枚举的脚本
http://www.mottoin.com/94481.html
[设备安全]  HG533路由器分析教程之找到硬件调试接口
http://drops.wiki/index.php/2016/12/22/hg533/
[Web安全]  Dnsteal:一个利用DNS请求传输文件的工具
http://www.mottoin.com/94437.html
[Web安全]  MongoDB安全 – PHP注入攻击
http://www.mottoin.com/94341.html
[运维安全]  使用Hashcat破解外国字符构成的密码的终极指南
http://drops.wiki/index.php/2016/12/21/hashcat/
[编程技术]  MySQL大表优化方案
https://segmentfault.com/a/1190000006158186
[Web安全]  BurpSuite插件分享:基于Python的Web应用Fuzzing插件PyJFuzz
http://www.mottoin.com/94302.html
[运维安全]  FCN: 一款傻瓜式的一键接入私有网络的工具
https://github.com/boywhp/fcn
[Web安全]  F_A_S_T扫描器: 定向全自动化渗透测试
https://github.com/RASSec/pentestEr_Fully-automatic-scanner
[Web安全]  Writing Burp Extensions (Shodan Scanner)
http://resources.infosecinstitute.com/writing-burp-extensions-shodan-scanner/
[工具]  Whitewidow:自动化SQL漏洞扫描器
http://www.mottoin.com/94222.html
[Web安全]  RASscan: 内网端口极速扫描器
https://github.com/RASSec/RASscan
[Web安全]  Docker for win10下使用ubuntu安装DVWA-1.9
http://www.mottoin.com/94363.html
[其它]  美国国家学术出版社所有PDF图书开放免费下载
https://mp.weixin.qq.com/s?__biz=MjM5NTA2NDY5Mg==&mid=202072231&idx=3&sn=7347ed72a209f0395e82d49d5fef30d1&mpshare=1&scene=1&srcid=1222U2OLJ7LrcZoRl14R4ZBg&key=564c3e9811aee0ab98bf5d003b3d7a069520af0c239b90f87f34d074c9c7807a9d04e8c5c425a961134387b36e5e6f438ac541adcd5c15af7555e7aea969dd905bae153d2b0d7
[运维安全]  安全系统建设心路
https://mp.weixin.qq.com/s?__biz=MzI5ODE0ODA5MQ==&mid=2652277732&idx=1&sn=abe118d87f769d8fdec9698fab911b3f&chksm=f7486270c03feb6691ff8830754e7db3765b7680723ceb7ae5f4c21a854878514c384ead0595
[Web安全]  浅谈Web安全验证码
http://blog.nsfocus.net/discussion-web-security-authentication-code/
[移动安全]  基于文件特征的Android模拟器检测(附实现代码下载)
https://mp.weixin.qq.com/s?__biz=MzI4MzI4MDg1NA==&mid=2247483773&idx=1&sn=d654e17c9c3b5e689f9ac04a45a8f993&chksm=eb8c55c4dcfbdcd2a1bf2d0ef9446684291ee82930b8a0d8e7b55cd9a7178039e0b2559502d4&mpshare=1&scene=1&srcid=12195FpjYzbz2LJMuBkTtvbY
[运维安全]  ThreatHunting Project:Hunting for adversaries in your IT environment
http://www.threathunting.net/
[Web安全]  不一样的HTTP Headers (一)
http://www.mottoin.com/93711.html
[工具]  一些有用的取证工具
https://www.peerlyst.com/posts/some-useful-forensics-tools-for-your-forensics-investigation-adminadmin
[Web安全]  Mimikatz Delivery via ClickOnce with URL Parameters
http://subt0x10.blogspot.com/2016/12/mimikatz-delivery-via-clickonce-with.html
[Web安全]  秒爆十万字典:奇葩技巧快速枚举“一句话后门”密码
http://www.freebuf.com/sectool/122169.html
[编程技术]  FCN P2P通信原理
http://weibo.com/ttarticle/p/show?id=2309404054853990141449
[数据挖掘]  自动化、安全分析和人工智能,从Gartner预测看网络安全新规则
http://www.freebuf.com/articles/neopoints/123545.html
[漏洞分析]  awesome-windows-exploitation: Windows Exploitation resources
https://github.com/enddo/awesome-windows-exploitation
[设备安全]  IOActive研究员声称可入侵松下机载娱乐系统
http://www.freebuf.com/vuls/123712.html
[Web安全]  A collection of JavaScript engine CVEs with PoCs
https://github.com/tunz/js-vuln-db
[杂志]  SecWiki周刊(第146期)
https://www.sec-wiki.com/weekly/146
[编程技术]  词法分析器的实现
http://www.cnblogs.com/yanlingyin/archive/2012/04/17/2451717.html
[恶意分析]  Paper: Spreading techniques used by malware
https://www.virusbulletin.com/blog/2016/december/paper-spreading-techniques-used-malware/
[移动安全]  Android Telephony拒绝服务漏洞(CVE-2016-6763)分析
http://drops.wiki/index.php/2016/12/20/android-telephony/
[恶意分析]  A Lightweight, Compact, No-Nonsense ATM Malware
http://blog.trendmicro.com/trendlabs-security-intelligence/alice-lightweight-compact-no-nonsense-atm-malware/
[Web安全]  Bottle HTTP 头注入漏洞探究
https://www.leavesongs.com/PENETRATION/bottle-crlf-cve-2016-9964.html
[数据挖掘]  Python股市数据分析教程
https://yq.aliyun.com/articles/66878
[编程技术]  开启TCP BBR拥塞控制算法
https://github.com/iMeiji/shadowsocks_install/wiki/%E5%BC%80%E5%90%AFTCP-BBR%E6%8B%A5%E5%A1%9E%E6%8E%A7%E5%88%B6%E7%AE%97%E6%B3%95
[运维安全]  Engineering Security Through Uber's Custom Email IDS
http://eng.uber.com/custom-email-ids/
[运维安全]  Docker网络隔离初步设想
http://vipdocker.com/2016/09/14/docker-network-isolation/
[恶意分析]  2016年Exploit Kits漏洞TOP 10分析
https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651062549&idx=1&sn=26c4b0a90108a754867e1af4194d7f8f&chksm=bd1f939e8a681a88f863f2b6325a429e83d811d0b724ed69421522be5b13fc854484e0eff2e9&scene=0
[文档]  The Kings In Your Castle Part 5: APT correlation and do-it-yourself threat resea
https://cyber.wtf/2016/12/15/the-kings-in-your-castle-part-5-apt-correlation-and-do-it-yourself-threat-research/
[Web安全]  Oracle酒店管理平台的远程命令执行和持卡人数据泄漏漏洞分析(CVE-2016-5663/4/5)
http://www.mottoin.com/94271.html
[设备安全]  Threat model for firmware security
http://media.weibo.cn/article?id=2309404056293743685964&jumpfrom=weibocom&luicode=10000370&from=timeline
[文档]  Law Enforcement Use of Cell-Site Simulation Technologies: Privacy Concerns and R
https://info.publicintelligence.net/US-CellSiteSimulatorsPrivacy.pdf
[运维安全]  Learning From A Year of Security Breaches
https://medium.com/starting-up-security/learning-from-a-year-of-security-breaches-ed036ea05d9b#.xobwljx47
[运维安全]  小威“扫毒”记
https://mp.weixin.qq.com/s?__biz=MzAwNTgyODU3NQ==&mid=2651060913&idx=1&sn=dcaca141a8ab0e38a2c160c3916dea74&chksm=80e1e001b7966917e735fe0f2c0144214853d05bb5d32d9e15dd7eed436db440f6ce3bbe9784&mpshare=1&scene=1&srcid=1220ViejfQoILn27MNxFpWHw&key=564c3e9811aee0aba2cf7b6489a62b7a73c7d3b99a68e8c29b70d9738
[漏洞分析]  样本逆向中系统调用的识别方法
http://rootkiter.com/2016/12/18/%E6%A0%B7%E6%9C%AC%E9%80%86%E5%90%91%E4%B8%AD%E7%B3%BB%E7%BB%9F%E8%B0%83%E7%94%A8%E7%9A%84%E8%AF%86%E5%88%AB%E6%96%B9%E6%B3%95.html
[运维安全]  用树莓派搭建小型honeynet
http://www.mottoin.com/94306.html
[Web安全]  谈谈HSTS超级Cookie
http://blog.csdn.net/u011721501/article/details/53849064
[数据挖掘]  利用Python实现knn算法
http://computational-communication.com/python-knn/
[编程技术]  A Good User Interface 好的用户界面设计该如何做
http://goodui.org/
[数据挖掘]  如何通过TensorFlow实现深度学习算法并运用到企业实践中
http://dataunion.org/26671.html
[工具]  dns recon & research, find & lookup dns records
https://dnsdumpster.com/
[Web安全]  Disclosing the Primary Email address for each Facebook user
http://www.dawgyg.com/2016/12/21/disclosing-the-primary-email-address-for-each-facebook-user/
[Web安全]  Learning From A Year of Security Breaches – Starting Up Security
https://medium.com/starting-up-security/learning-from-a-year-of-security-breaches-ed036ea05d9b#.23b72hmck
-----微信ID:SecWiki-----
SecWiki,12年来一直专注安全技术资讯分析!
SecWiki:https://www.sec-wiki.com

本期原文地址: SecWiki周刊(第147期)