SecWiki周刊(第152期)
2017/01/23-2017/01/29
安全资讯
企业威胁情报采集中心ETIAC与应急响应平台SRCMS v2发布
https://lightrains.org/happy-new-year-2017/
https://lightrains.org/happy-new-year-2017/
malwaremustdie 博客镜像站点
https://mmd.sougaoqing.com
https://mmd.sougaoqing.com
千亿中国互联网投资基金成立
https://www.huxiu.com/article/179401.html
https://www.huxiu.com/article/179401.html
安全技术
【新年贺礼】知名渗透测试套件BurpSuite Pro v1.7.12破解版
http://www.mottoin.com/95188.html
http://www.mottoin.com/95188.html
获取IP相对应域名脚本
https://github.com/jevalenciap/iptodomain
https://github.com/jevalenciap/iptodomain
解读Gartner 2016年十大信息安全技术
http://www.freebuf.com/articles/security-management/107149.html
http://www.freebuf.com/articles/security-management/107149.html
FIDO(快速在线身份认证)文档库
https://fidoalliance.org/specs/
https://fidoalliance.org/specs/
DNS Rebinding技术绕过SSRF/代理IP限制
http://blog.csdn.net/u011721501/article/details/54667714
http://blog.csdn.net/u011721501/article/details/54667714
csrss白名单技术
http://git.oschina.net/killvxk/subvert
http://git.oschina.net/killvxk/subvert
使用Sysmon和Splunk探测网络环境中横向渗透
http://www.cnblogs.com/xiaoxiaoleo/p/6343403.html
http://www.cnblogs.com/xiaoxiaoleo/p/6343403.html
【公益译文】STIX Profile概览白皮书
http://blog.nsfocus.net/stix-profile-overview-white-paper/
http://blog.nsfocus.net/stix-profile-overview-white-paper/
使用Django + Vue.js快速而优雅地构建前后端分离项目
https://mp.weixin.qq.com/s?__biz=MzIwNjQwMzUwMQ==&mid=2247484894&idx=1&sn=a4c84a650feb0ca30e915e555c8f80db&chksm=9723671ca054ee0ac0c976fe7521e248845558d952bbb8bea011f7bd12bc83921f44d009f6d9
https://mp.weixin.qq.com/s?__biz=MzIwNjQwMzUwMQ==&mid=2247484894&idx=1&sn=a4c84a650feb0ca30e915e555c8f80db&chksm=9723671ca054ee0ac0c976fe7521e248845558d952bbb8bea011f7bd12bc83921f44d009f6d9
CNNIC 发布第 39 期中国互联网络发展状况统计报告
http://www.cnnic.cn/gywm/xwzx/rdxw/20172017/201701/W020170122510934037090.pdf
http://www.cnnic.cn/gywm/xwzx/rdxw/20172017/201701/W020170122510934037090.pdf
FingerPrint: Web应用指纹识别 (关注新指纹规则)
https://github.com/tanjiti/FingerPrint
https://github.com/tanjiti/FingerPrint
常见Web源码泄露总结
http://www.mottoin.com/95749.html
http://www.mottoin.com/95749.html
2016年度Web漏洞统计之Exploit-db
http://www.freebuf.com/vuls/125382.html
http://www.freebuf.com/vuls/125382.html
安全客2016年刊—汇聚全年安全圈优秀技术文章
http://bobao.360.cn/news/detail/3948.html
http://bobao.360.cn/news/detail/3948.html
指尖上的威胁情报——ThreatPinch
https://mp.weixin.qq.com/s?__biz=MzA3MTUwMzI5Nw==&mid=2654431102&idx=1&sn=09b7c56de3de3dbb856d82d257fd4a56&chksm=84ef5bd0b398d2c6e8437d70cd226b3870174d12bfebbeb6c7efd4451a415df8bbc1057c3910
https://mp.weixin.qq.com/s?__biz=MzA3MTUwMzI5Nw==&mid=2654431102&idx=1&sn=09b7c56de3de3dbb856d82d257fd4a56&chksm=84ef5bd0b398d2c6e8437d70cd226b3870174d12bfebbeb6c7efd4451a415df8bbc1057c3910
Meraki RCE: When Red Team and Vulnerability Research fell in love. Part 2
https://research.trust.salesforce.com/Meraki-RCE-When-Red-Team-and-Vulnerability-Research-fell-in-love.-Part-2/
https://research.trust.salesforce.com/Meraki-RCE-When-Red-Team-and-Vulnerability-Research-fell-in-love.-Part-2/
Python framework for IT security tools
https://github.com/ThomasTJdev/WMD
https://github.com/ThomasTJdev/WMD
Android Malware About to Get Worse: GM Bot Source Code Leaked
https://securityintelligence.com/android-malware-about-to-get-worse-gm-bot-source-code-leaked/
https://securityintelligence.com/android-malware-about-to-get-worse-gm-bot-source-code-leaked/
How to Perform DDoS Test as a Pentester
https://pentest.blog/how-to-perform-ddos-test-as-a-pentester/
https://pentest.blog/how-to-perform-ddos-test-as-a-pentester/
WAF产品经理眼中比较理想的WAF
http://www.freebuf.com/articles/neopoints/125807.html
http://www.freebuf.com/articles/neopoints/125807.html
E-Mail Tracker Blocker 禁止邮件跟踪(隐私保护)
https://github.com/JannikArndt/EMailTrackerBlocker
https://github.com/JannikArndt/EMailTrackerBlocker
wordpress-exploit-framework: A framework for penetration testing of WordPress
https://github.com/rastating/wordpress-exploit-framework/
https://github.com/rastating/wordpress-exploit-framework/
-----微信ID:SecWiki-----
SecWiki,12年来一直专注安全技术资讯分析!
SecWiki:https://www.sec-wiki.com本期原文地址: SecWiki周刊(第152期)
