SecWiki周刊(第158期)
2017/03/06-2017/03/12
安全资讯
[漏洞分析]  【漏洞预警】Struts 2 被爆远程命令执行漏洞 S2-045
http://www.mottoin.com/97954.html
[设备安全]  深圳公司生产的物联网设备被发现后门
http://www.solidot.org/story?sid=51580
[会议]  RootedCON 史上第一位中国演讲者的西班牙安全之旅
http://bobao.360.cn/news/detail/4036.html
[爆库]  Hacker Selling Over 1 Million Decrypted Gmail and Yahoo Passwords On Dark Web
http://thehackernews.com/2017/03/gmail-yahoo-password-hack.html
[新闻]  垃圾邮件运营商泄漏了 13.7 亿电子邮件地址
http://www.solidot.org/story?sid=51597
[观点]  2017RSA大会参展心得分享会#之安博通CEO苏长君深度文稿分享
https://mp.weixin.qq.com/s?__biz=MzI0NjU3ODk1Nw==&mid=2247484894&idx=1&sn=841ef6bdfe405da88ff16d27acf1e3fe&scene=0#wechat_redirect
[新闻]  每周安全资讯(2017.02.27—2017.03.05)
http://www.mottoin.com/97801.html
安全技术
[Web安全]  Struts2 S2-045 漏洞检测利用工具 Exp GUI 版
https://github.com/Flyteas/Struts2-045-Exp
[Web安全]  DOM 型 XSS 解析
http://mp.weixin.qq.com/s/ia2itmIPdBwbVi57GAAeuw
[编程技术]  【王者荣耀】C#与C++互相调用实现原理分析报告
http://gslab.qq.com/article-257-1.html
[漏洞分析]  【漏洞预警】CVE-2017-2636:linux 内核n_hdlc驱动模块 本地提权漏洞
http://bobao.360.cn/learning/detail/3586.html
[运维安全]  金融行业企业安全运营之路2016.10.28
https://pan.baidu.com/s/1ch4ugI
[工具]  WEB端一句话管理系统
https://github.com/boy-hack/WebshellManager
[恶意分析]  双尾蝎组织(APT-C-23)分析报告
https://ti.360.com/upload/report/file/APTSWXLVJ8fnjoxck.pdf
[工具]  社会工程学密码分析
https://blog.yesfree.pw/?post=152
[漏洞分析]  DOTA2 NtHack外挂分析报告
http://gslab.qq.com/article-255-1.html
[Web安全]  bcrpscan: 智能备份文件扫描工具
https://github.com/secfree/bcrpscan
[Web安全]  域渗透基础简单信息收集(基础篇)
https://xianzhi.aliyun.com/forum/read/805.html
[Web安全]  60字节 - 无文件渗透测试实验
https://www.n0tr00t.com/2017/03/09/penetration-test-without-file.html
[运维安全]  Building a Sysmon Dashboard with an ELK Stack
https://cyberwardog.blogspot.com/2017/03/building-sysmon-dashboard-with-elk-stack.html
[编程技术]  外卖订单爬虫:美团,饿了么,百度
https://github.com/mudiyouyou/waimai-crawler
[Web安全]  phptrace:跟踪PHP在运行时的函数调用、请求信息、执行流程
https://github.com/Qihoo360/phptrace
[视频]  movies-for-hackers: 黑客电影汇集
https://github.com/k4m4/movies-for-hackers
[运维安全]  五步七招,开启最强DDoS攻防战!
http://mt.sohu.com/20170215/n480734620.shtml
[移动安全]  Reverse Engineering Samsung S6 SBOOT
http://blog.quarkslab.com/reverse-engineering-samsung-s6-sboot-part-i.html
[Web安全]  ​如何快速利用s02-45漏洞获取服务器权限
http://simeon.blog.51cto.com/18680/1904351
[运维安全]  kali下安装Openvas
http://0cx.cc/Install_openvas_on_kali.jspx
[漏洞分析]  镇守最后一道防线:三种逃逸沙盒技术分析
http://www.4hou.com/technology/3665.html
[恶意分析]  webshell样本集合 (2011-2017)
https://www.secsilo.com/silo/view?id=8e6c876e8fa2d0c5379b0df5afed362b
[运维安全]  初创公司如何实现 Ansible 多机房自动部署发布
http://www.4hou.com/special/3701.html
[取证分析]  中情局数千份机密文档泄露:各种0day工具、恶意程序应有尽有
http://www.freebuf.com/news/128802.html
[Web安全]  Drupal 7.X服务模块从反序列化到远程命令执行
http://www.mottoin.com/98140.html
[漏洞分析]  Wordpress Username Enumeration 漏洞分析(CVE-2017-5487)
http://paper.seebug.org/239/
[设备安全]  物联网设备Telnet口令快速扫描工具
http://www.freebuf.com/sectool/128661.html
[Web安全]  intrigue-core: 基于扫描和接口的域名信息收集平台
https://github.com/intrigueio/intrigue-core
[恶意分析]  Exploit kits: Winter 2017 review 恶意利用包概述
https://blog.malwarebytes.com/threat-analysis/2017/03/exploit-kits-winter-2017-review/
[Web安全]  hacking-guatemalas-dns-spying-on-active-directory-users-by-exploiting-a-tld-misc
https://thehackerblog.com/hacking-guatemalas-dns-spying-on-active-directory-users-by-exploiting-a-tld-misconfiguration/
[Web安全]  说说OSP在OpenVAS扫描体系内的担当
http://www.mottoin.com/98347.html
[Web安全]  基于CMS插件的扫描器
https://github.com/droope/droopescan
[Web安全]  NativePayload_DNS:通过DNS传输的后门Payload和绕过反病毒的项目
http://www.mottoin.com/98026.html
[Web安全]  S2-045 原理初步分析(CVE-2017-5638)
http://paper.seebug.org/241/
[运维安全]  【独家】我的企业安全推动方法
https://xianzhi.aliyun.com/forum/read/793.html
[运维安全]  Ponemon Institute的《威胁情报的价值:北美和英国公司的研究报告》
http://mp.weixin.qq.com/s?__biz=MzI4NzU2NjU4NQ==&mid=2247484109&idx=1&sn=56b5d16517082096e982d7d823b87c8e&scene=0#wechat_redirect
[无线安全]  修改路由器的DNS后我做了什么?
http://t.tips/?action=show&id=23440
[其它]  互联网公司WAF系统设计
http://www.freebuf.com/articles/network/128370.html
[恶意分析]  隐匿的攻击之-Tor Fronting
http://www.4hou.com/technology/3516.html
[文档]  一张图看懂CIA:攻击能力强是有原因的
http://www.4hou.com/info/3757.html
[取证分析]  CIA malware and hacking tools
https://news.ycombinator.com/item?id=13810015&from=timeline
[Web安全]  Content-Type: Malicious - New Apache Struts2 0-day Under Attack
http://blog.talosintelligence.com/2017/03/apache-0-day-exploited.html?m=1
[其它]  一条命令引发的思考
https://xianzhi.aliyun.com/forum/mobile/read/790.html
[取证分析]  看我如何发现Facebook注册用户手机号码
http://www.freebuf.com/vuls/128456.html
[其它]  程序员路上用到的各种优秀资料、神器及框架
https://github.com/stanzhai/be-a-professional-programmer
[取证分析]  隐私泄露:查开房网站的背后
http://www.freebuf.com/news/128317.html
[取证分析]  Spammers expose their entire operation through bad backups
http://www.csoonline.com/article/3176433/security/spammers-expose-their-entire-operation-through-bad-backups.html
[设备安全]  近20万WiFi监控摄像头存在远程代码执行漏洞,可随意组建僵尸网络
http://www.4hou.com/info/news/3778.html
[运维安全]  如何打造一个能有效抵御“羊毛党”攻击的系统?
http://www.4hou.com/info/news/3714.html
[杂志]  SecWiki周刊(第157期)
https://www.sec-wiki.com/weekly/157
[恶意分析]  美情报系统身陷破窗效应:维基解密再曝CIA惊天内幕【附下载】
http://mp.weixin.qq.com/s?__biz=MzI4MjA1MzkyNA==&mid=2655295027&idx=1&sn=82d6f63084d9409c588a27b447d62012&scene=0#wechat_redirect
[恶意分析]  Top Exploit Kit Activity Roundup - Winter 2017 活跃漏洞利用包
https://www.zscaler.com/blogs/research/top-exploit-kit-activity-roundup-winter-2017
[移动安全]  APP安全在线检测系统汇总
http://www.jianshu.com/p/946bdea18f49
[取证分析]  Spammergate: The Fall of an Empire 14亿?
https://mackeeper.com/blog/post/339-spammergate-the-fall-of-an-empire
[恶意分析]  Crypt0l0cker (TorrentLocker): Old Dog, New Tricks
http://blog.talosintelligence.com/2017/03/crypt0l0cker-torrentlocker-old-dog-new.html
[Web安全]  How I found a $5,000 Google Maps XSS (by fiddling with Protobuf) [fq]
https://medium.com/@marin_m/how-i-found-a-5-000-google-maps-xss-by-fiddling-with-protobuf-963ee0d9caff#.qd4siqiac
[移动安全]  阿里聚安全 2016 年报
https://zhuanlan.zhihu.com/p/25666246?group_id=823212209231519744
[移动安全]  2016年安天移动安全年报:威胁的全面迁徙
http://blog.avlsec.com/2017/03/4474/2016-security-report/
[恶意分析]  Kerberoast攻击的另一种姿势
http://www.4hou.com/technology/3640.html
[运维安全]  保护内网安全之提高Windows AD安全性(三)
http://www.4hou.com/technology/3456.html
[Web安全]  7 ways to Exploit RFI Vulnerability
http://www.hackingarticles.in/7-ways-exploit-rfi-vulnerability/
[恶意分析]  .NET逆向工程 (一)
http://www.4hou.com/technology/3641.html
[Web安全]  intrigue-core:发现新的攻击面
http://www.mottoin.com/98263.html
[恶意分析]  针对Neutrino僵尸程序新增加的保护层进行分析
http://www.4hou.com/technology/3740.html
[取证分析]  The WikiLeaks CIA Dump Shows Hacking Secrets of Spies
https://www.wired.com/2017/03/cia-can-hack-phone-pc-tv-says-wikileaks/
[Web安全]  EXIF分析与利用(上)
http://www.mottoin.com/97860.html
[Web安全]  无线IP摄像机WIFICAM的OEM版本漏洞影响1250多个型号
http://www.mottoin.com/98152.html
[Web安全]  Development of an anomaly based web application firewall
https://github.com/matthiasmaes/AnomalyWebApplicationFirewall
-----微信ID:SecWiki-----
SecWiki,12年来一直专注安全技术资讯分析!
SecWiki:https://www.sec-wiki.com

本期原文地址: SecWiki周刊(第158期)