SecWiki周刊(第159期)
2017/03/13-2017/03/19
安全资讯
Where Have All The Exploit Kits Gone?
https://threatpost.com/where-have-all-the-exploit-kits-gone/124241/
https://threatpost.com/where-have-all-the-exploit-kits-gone/124241/
OnionScan报告:暗网网站数量减少20%(受自由主机II被黑影响)
http://bobao.360.cn/news/detail/4057.html
http://bobao.360.cn/news/detail/4057.html
New MajikPOS Malware targets users in across North America and Canada
http://securityaffairs.co/wordpress/57176/malware/majikpos-malware.html
http://securityaffairs.co/wordpress/57176/malware/majikpos-malware.html
安全技术
免杀艺术 1: 史上最全的免杀方法汇总
http://www.4hou.com/technology/3853.html
http://www.4hou.com/technology/3853.html
新型Web攻击技术:RPO攻击初探
http://mp.weixin.qq.com/s/P-ncFmNZfBteJBQr8INzsw
http://mp.weixin.qq.com/s/P-ncFmNZfBteJBQr8INzsw
How to bypass the patch to keep spoofing the address bar with the Malware Warnin
https://www.brokenbrowser.com/bypass-the-patch-to-keep-spoofing-the-address-bar-with-the-malware-warning/
https://www.brokenbrowser.com/bypass-the-patch-to-keep-spoofing-the-address-bar-with-the-malware-warning/
PetrWrap: the new Petya-based ransomware used in targeted attacks
https://securelist.com/blog/research/77762/petrwrap-the-new-petya-based-ransomware-used-in-targeted-attacks/
https://securelist.com/blog/research/77762/petrwrap-the-new-petya-based-ransomware-used-in-targeted-attacks/
信息泄露,那些央视没报的“内鬼”
http://www.4hou.com/info/news/3808.html
http://www.4hou.com/info/news/3808.html
从ISA游戏浅谈渗透测试基础小技巧
http://www.jianshu.com/p/a060ddcf798b
http://www.jianshu.com/p/a060ddcf798b
Powerfuzzer – Automated Customizable Web Fuzzer
http://www.darknet.org.uk/2017/03/powerfuzzer-automated-customizable-web-fuzzer/
http://www.darknet.org.uk/2017/03/powerfuzzer-automated-customizable-web-fuzzer/
Windows x86 - Hide Console Window Shellcode
https://www.exploit-db.com/exploits/41581/
https://www.exploit-db.com/exploits/41581/
PowerShell Obfuscator
https://github.com/danielbohannon/Invoke-Obfuscation
https://github.com/danielbohannon/Invoke-Obfuscation
HackRF 入门 -- GPS欺骗、GSM嗅探
http://s1nh.org/post/hackrf-quick-start/
http://s1nh.org/post/hackrf-quick-start/
利用服务器漏洞挖矿黑产案例分析
http://www.freebuf.com/articles/system/129459.html
http://www.freebuf.com/articles/system/129459.html
hackmd: 团队多人同时写作平台(Markdown)
https://github.com/hackmdio/hackmd
https://github.com/hackmdio/hackmd
1000php: 1000个PHP代码审计案例(2016.7以前乌云公开漏洞)
https://github.com/Xyntax/1000php
https://github.com/Xyntax/1000php
CanSecWest 2017 PPT
https://www.slideshare.net/CanSecWest
https://www.slideshare.net/CanSecWest
WebLogic SSRF + Redis内网入侵
http://ecma.io/?p=607
http://ecma.io/?p=607
网络空间搜索引擎全方位评测
http://www.freebuf.com/sectool/129211.html
http://www.freebuf.com/sectool/129211.html
reGeorg+Proxifier使用
https://xianzhi.aliyun.com/forum/read/843.html
https://xianzhi.aliyun.com/forum/read/843.html
yuange1975 DVE杂谈
http://weibo.com/ttarticle/p/show?id=2309404085114761024814
http://weibo.com/ttarticle/p/show?id=2309404085114761024814
angr-doc-zh_CN: Angr-doc的中文翻译 (开源符号执行框架)
https://github.com/a7vinx/angr-doc-zh_CN
https://github.com/a7vinx/angr-doc-zh_CN
T00ls.Net 沙龙第一期 2017上 PPT合集
https://github.com/t00lsnet/Salon1
https://github.com/t00lsnet/Salon1
s2-045真正一键getshell菜刀马-突破任何限制
http://pirogue.org/2017/03/09/s2-045%E7%9C%9F%E6%AD%A3%E4%B8%80%E9%94%AEgetshell%E8%8F%9C%E5%88%80%E9%A9%AC-%E7%AA%81%E7%A0%B4%E4%BB%BB%E4%BD%95%E9%99%90%E5%88%B6/
http://pirogue.org/2017/03/09/s2-045%E7%9C%9F%E6%AD%A3%E4%B8%80%E9%94%AEgetshell%E8%8F%9C%E5%88%80%E9%A9%AC-%E7%AA%81%E7%A0%B4%E4%BB%BB%E4%BD%95%E9%99%90%E5%88%B6/
CTF资源库(包含工具和相关链接)
https://www.ctftools.com/down/
https://www.ctftools.com/down/
Dvxte:涵盖多个漏洞演练程序的Docker容器
http://www.mottoin.com/98368.html
http://www.mottoin.com/98368.html
Docker Remote API 未授权访问漏洞
https://lightless.me/archives/docker-remote-api-vulnerability.html
https://lightless.me/archives/docker-remote-api-vulnerability.html
An exploit for Apache Struts CVE-2017-5638
https://github.com/mazen160/struts-pwn
https://github.com/mazen160/struts-pwn
一个简单的分布式WEB扫描器的设计与实践
http://avfisher.win/archives/676
http://avfisher.win/archives/676
opensns最新版前台getshell
https://xianzhi.aliyun.com/forum/read/814.html
https://xianzhi.aliyun.com/forum/read/814.html
osquery for Security — Part 2 [挂 SS]
https://medium.com/@clong/osquery-for-security-part-2-2e03de4d3721#.ubq0ezhxe
https://medium.com/@clong/osquery-for-security-part-2-2e03de4d3721#.ubq0ezhxe
MS16-032: MS16-032(CVE-2016-0099)提权工具
https://github.com/zcgonvh/MS16-032
https://github.com/zcgonvh/MS16-032
Ransomware Overview 最全的勒索软件统计分析
http://www.nyxbone.com/malware/RansomwareOverview.html
http://www.nyxbone.com/malware/RansomwareOverview.html
在Linux上使用AFL对Stagefright进行模糊测试
http://ele7enxxh.com/Use-AFL-For-Stagefright-Fuzzing-On-Linux.html
http://ele7enxxh.com/Use-AFL-For-Stagefright-Fuzzing-On-Linux.html
Penetration_Testing_Guidance
https://www.pcisecuritystandards.org/documents/Penetration_Testing_Guidance_March_2015.pdf
https://www.pcisecuritystandards.org/documents/Penetration_Testing_Guidance_March_2015.pdf
BruteXSS is a tool written in python simply to find XSS vulnerabilities in web a
https://github.com/rajeshmajumdar/BruteXSS
https://github.com/rajeshmajumdar/BruteXSS
部分CIA的漏洞利用工具干货请查收
https://mp.weixin.qq.com/s?__biz=MzI4MjA1MzkyNA==&mid=2655295037&idx=1&sn=a237e5d69d3d642c699f76ea5d31c3e7&scene=0#wechat_redirect
https://mp.weixin.qq.com/s?__biz=MzI4MjA1MzkyNA==&mid=2655295037&idx=1&sn=a237e5d69d3d642c699f76ea5d31c3e7&scene=0#wechat_redirect
企业安全建设之主机级资产管理与分析
http://www.freebuf.com/articles/security-management/127851.html
http://www.freebuf.com/articles/security-management/127851.html
GitHub Enterprise Remote Code Execution 漏洞细节分析
http://exablue.de/blog/2017-03-15-github-enterprise-remote-code-execution.html
http://exablue.de/blog/2017-03-15-github-enterprise-remote-code-execution.html
How I found a $5,000 Google Maps XSS (by fiddling with Protobuf)
https://medium.com/@marin_m/how-i-found-a-5-000-google-maps-xss-by-fiddling-with-protobuf-963ee0d9caff#.use7nnfwq
https://medium.com/@marin_m/how-i-found-a-5-000-google-maps-xss-by-fiddling-with-protobuf-963ee0d9caff#.use7nnfwq
Roundcube 邮件正文存储型XSS(CVE-2017-6820)
http://paper.seebug.org/249/
http://paper.seebug.org/249/
Struts2 S2-045漏洞态势分析报告
http://plcscan.org/blog/2017/03/struts2-s2-045-risk-awareness-report-from-beaconlab/
http://plcscan.org/blog/2017/03/struts2-s2-045-risk-awareness-report-from-beaconlab/
利用Powershell和ceye.io实现Windows账户密码回传
http://www.freebuf.com/articles/system/129068.html
http://www.freebuf.com/articles/system/129068.html
NJCTF2017-WriteUp-Nu1L
https://www.xctf.org.cn/information/a8ba35ec960b26f17c467a28e89a4a3fae7e48ec/
https://www.xctf.org.cn/information/a8ba35ec960b26f17c467a28e89a4a3fae7e48ec/
TaoSecurity: The Origin of Threat Hunting
https://taosecurity.blogspot.com/2017/03/the-origin-of-threat-hunting.html
https://taosecurity.blogspot.com/2017/03/the-origin-of-threat-hunting.html
WAF Bypasses for apache struts Exploit
http://garage4hackers.com/showthread.php?t=7006&p=14924#post14924
http://garage4hackers.com/showthread.php?t=7006&p=14924#post14924
ICS/SCADA虚拟化的安全性影响:调查和未来趋势
https://mp.weixin.qq.com/s?__biz=MzA5OTMwMzY1NQ==&mid=2647833924&idx=1&sn=87b320f25fc4473143805966588e0cee&scene=0#wechat_redirect
https://mp.weixin.qq.com/s?__biz=MzA5OTMwMzY1NQ==&mid=2647833924&idx=1&sn=87b320f25fc4473143805966588e0cee&scene=0#wechat_redirect
漫谈Pyspider网络爬虫的实践
https://www.figotan.org/2016/08/10/pyspider-as-a-web-crawler-system/
https://www.figotan.org/2016/08/10/pyspider-as-a-web-crawler-system/
The road to your codebase is paved with forged assertions
http://www.economyofmechanism.com/github-saml
http://www.economyofmechanism.com/github-saml
Automatic remote/local file inclusion vulnerablity analysis and exploit tool
https://github.com/Hack-Hut/CrabStick
https://github.com/Hack-Hut/CrabStick
二进制漏洞利用中的ROP技术研究与实例分析
https://xianzhi.aliyun.com/forum/read/840.html
https://xianzhi.aliyun.com/forum/read/840.html
利用Struts 02-045漏洞快速渗透韩国某服务器
http://simeon.blog.51cto.com/18680/1905542
http://simeon.blog.51cto.com/18680/1905542
MySQL利用UDF执行命令遇到的坑
http://ecma.io/?p=615
http://ecma.io/?p=615
SecWiki周刊(第158期)
https://www.sec-wiki.com/weekly/158
https://www.sec-wiki.com/weekly/158
Remote Code Execution (RCE) Attacks on Apache Struts
https://www.imperva.com/blog/2017/01/remote-code-execution-rce-attacks-apache-struts/
https://www.imperva.com/blog/2017/01/remote-code-execution-rce-attacks-apache-struts/
The Best Hacking Tools
https://n0where.net/best-hacking-tools/
https://n0where.net/best-hacking-tools/
Linux非交互式提权
http://ecma.io/?p=611
http://ecma.io/?p=611
People Counting and occupancy Monitoring using WiFi Probe Requests and Unmanned
http://digitalcommons.fiu.edu/cgi/viewcontent.cgi?article=3649&context=etd
http://digitalcommons.fiu.edu/cgi/viewcontent.cgi?article=3649&context=etd
Recovering BitLocker Keys on Windows 8.1 and 10
https://tribalchicken.io/recovering-bitlocker-keys-on-windows-8-1-and-10/
https://tribalchicken.io/recovering-bitlocker-keys-on-windows-8-1-and-10/
Blind-XXE: A basis for a Blind-Based XXE Exploitation Framework
https://github.com/ptonewreckin/Blind-XXE
https://github.com/ptonewreckin/Blind-XXE
osquery for Security — Part 1 [挂 SS]
https://medium.com/@clong/osquery-for-security-b66fffdf2daf#.p0dpz5zag
https://medium.com/@clong/osquery-for-security-b66fffdf2daf#.p0dpz5zag
Targeting Android for OTA Exploitation
https://www.contextis.com//resources/blog/targeting-android-ota-exploitation/
https://www.contextis.com//resources/blog/targeting-android-ota-exploitation/
Hadoop集群容易被攻击的几个场景
http://www.4hou.com/technology/3787.html
http://www.4hou.com/technology/3787.html
Linux系统下格式化字符串利用研究
http://0x48.pw/2017/03/13/0x2c/
http://0x48.pw/2017/03/13/0x2c/
三星S6bootloader的逆向工程分析
http://www.4hou.com/technology/3786.html
http://www.4hou.com/technology/3786.html
The Linux Kernel Module Programming Guide
http://www.tldp.org/LDP/lkmpg/2.6/html/index.html
http://www.tldp.org/LDP/lkmpg/2.6/html/index.html
0-day or Feature? Privilege Escalation / Session Hijacking All Windows versions
http://www.korznikov.com/2017/03/0-day-or-feature-privilege-escalation.html
http://www.korznikov.com/2017/03/0-day-or-feature-privilege-escalation.html
Stored XSS in WordPress Core
https://blog.sucuri.net/2017/03/stored-xss-in-wordpress-core.html
https://blog.sucuri.net/2017/03/stored-xss-in-wordpress-core.html
An Introduction to Penetration Testing Node.js Applications
http://resources.infosecinstitute.com/penetration-testing-node-js-applications-part-1/
http://resources.infosecinstitute.com/penetration-testing-node-js-applications-part-1/
浅谈android hook技术
https://xianzhi.aliyun.com/forum/read/833.html
https://xianzhi.aliyun.com/forum/read/833.html
杂谈如何绕过WAF(Web应用防火墙)
https://xianzhi.aliyun.com/forum/read/819.html
https://xianzhi.aliyun.com/forum/read/819.html
Using the ELK Stack and Python in Penetration Testing Workflow
https://qbox.io/blog/elk-penetration-testing-workflow-elasticsearch-python
https://qbox.io/blog/elk-penetration-testing-workflow-elasticsearch-python
Securing the Internet of Things - Developer's Guidance
https://www.peerlyst.com/posts/securing-the-internet-of-things-developer-s-guidance-michael-ball
https://www.peerlyst.com/posts/securing-the-internet-of-things-developer-s-guidance-michael-ball
-----微信ID:SecWiki-----
SecWiki,13年来一直专注安全技术资讯分析!
SecWiki:https://www.sec-wiki.com本期原文地址: SecWiki周刊(第159期)
