SecWiki周刊(第164期)
2017/04/17-2017/04/23
安全资讯
[Web安全]  任意伪造域名-你能分辨出钓鱼网站的域名吗
http://m.bobao.360.cn/learning/appdetail/3736.html
[恶意分析]  App Store 刷榜黑幕大揭秘
https://mp.weixin.qq.com/s/vQv_a4eCP_-NHJPlevhKaw
安全技术
[漏洞分析]  学习使用Clang Libfuzzer Fuzz C/Cpp代码
https://github.com/Dor1s/libfuzzer-workshop/tree/master/lessons
[Web安全]  Apache Log4j反序列化漏洞(CVE-2017-5645)
http://thief.one/2017/04/19/2/
[Web安全]  Esteemaudit漏洞复现过程
http://www.freebuf.com/articles/system/132171.html
[Web安全]  CVE-2017-0199漏洞复现过程
http://mp.weixin.qq.com/s/NQxeuoULv7Htrzc5nYuglw
[漏洞分析]  NSA Explodingcan 漏洞分析与调试
http://mp.weixin.qq.com/s/onK68ANqHHtEMLITOfacmg
[工具]  NSA/fuzzbunch
https://github.com/fuzzbunch/fuzzbunch
[漏洞分析]  Edge – SOP bypass courtesy of the reading mode
https://www.brokenbrowser.com/sop-bypass-abusing-read-protocol/
[漏洞分析]  NSA Eternalblue SMB 漏洞分析
http://blogs.360.cn/360safe/2017/04/17/nsa-eternalblue-smb/
[其它]  木马实现技术概述
http://im1gd.me/2017/03/30/%E6%9C%A8%E9%A9%AC%E5%AE%9E%E7%8E%B0%E6%8A%80%E6%9C%AF%E6%A6%82%E8%BF%B0/
[Web安全]  浅谈漏洞挖掘及代码审计(一)
https://mp.weixin.qq.com/s?__biz=MzI4NjEyMDk0MA==&mid=2649846516&idx=1&sn=5b6ad8c01668ae9003f373e4eafe5d4f&chksm=f3e41c77c49395614c45be09b79316c5bdea4f19261d9179e9a021e7b8eb83e247896a56a3f8&mpshare=1&scene=1&srcid=0421OGxIsWyMHknwlle2T7Mg&key=b7f28e3
[恶意分析]  EternalPulsar实践
https://medium.com/@xNymia/eternalpulsar-a-practical-example-of-a-made-up-name-629737170a9e
[运维安全]  Linux、Windows提权命令速记
http://im1gd.me/2017/03/30/linux/
[恶意分析]  利用机器学习实时对抗Java恶意软件
https://blogs.technet.microsoft.com/mmpc/2017/04/20/combating-a-wave-of-java-malware-with-machine-learning-in-real-time/
[Web安全]  子域名挖掘修改版
http://im1gd.me/2016/12/20/subdomain/
[漏洞分析]  Eternalromance (永恒浪漫) 漏洞分析
http://blogs.360.cn/360safe/2017/04/19/eternalromance-analyze/
[数据挖掘]  打造免费企业安全:便宜没好货吗?(一)
https://eth.space/qi-ye-an-quan-bian-yi-mei-hao-huo-ma-yi/
[Web安全]  Web Service 渗透测试从入门到精通
http://bobao.360.cn/learning/detail/3741.html
[Web安全]  sicklepoc:Web扫描器开源
http://www.codersec.net/2017/04/sicklepoc%E5%BC%80%E6%BA%90/
[Web安全]  leakPasswd: Python 密码泄露查询模块
https://github.com/lauixData/leakPasswd
[编程技术]  weibo_terminater: 微博终结者爬虫
https://github.com/jinfagang/weibo_terminater
[编程技术]  基于Python与Face++实现人脸识别
http://www.freebuf.com/articles/terminal/131755.html
[其它]  D2T4 - Emmanuel Gadaix - A Surprise Encounter With a Telco APT
https://conference.hitb.org/hitbsecconf2017ams/materials/D2T4%20-%20Emmanuel%20Gadaix%20-%20A%20Surprise%20Encounter%20With%20a%20Telco%20APT.pdf
[编程技术]  python-uncompyle6: Python 反编译工具
https://github.com/rocky/python-uncompyle6
[编程技术]  Boostnote:开源的程序员专属笔记应用工具
https://boostnote.io/#download
[Web安全]  MySQL注入攻击与防御
http://blog.sycsec.com/?p=1005
[恶意分析]  Malcom Malware Communication Analyzer y Bro IDS. Parte I
https://seguridadyredes.wordpress.com/2014/01/27/visualizacion-y-analisis-de-trafico-de-red-con-malcom-malware-communication-analyzer-y-bro-ids-parte-i/
[Web安全]  每周技术分享第三期--科普WAF
https://mp.weixin.qq.com/s?__biz=MjM5NDM1OTM0Mg==&mid=2651050493&idx=1&sn=1d81ff6aff52fa93f329522021bf93e0&scene=0#wechat_redirect
[编程技术]  Black Hat Python: Infinite possibilities with the Scapy Module
http://bt3gl.github.io/black-hat-python-infinite-possibilities-with-the-scapy-module.html
[编程技术]  VulnTrack
https://www.soldierx.com/sxlabs/VulnTrack
[工具]  Windows绝赞应用
https://emlvirus.gitbooks.io/windows-apps-that-amaze-us/
[视频]  8dot8 on Vimeo
https://vimeo.com/secconfchile
[漏洞分析]  A quick analysis of the latest Shadow Brokers dump
https://labs.nettitude.com/blog/a-quick-analysis-of-the-latest-shadow-brokers-dump/
[设备安全]  Run virtual routers with docker
https://github.com/plajjan/vrnetlab
[漏洞分析]  深入分析NSA用了5年的IIS漏洞
http://xlab.tencent.com/cn/2017/04/18/nsa-iis-vulnerability-analysis/
[书籍]  安全相关免费电子书集合
https://github.com/Hack-with-Github/Free-Security-eBooks-from-PacktPub
[漏洞分析]  awesome-cve-poc:A curated list of CVE PoCs
https://github.com/qazbnm456/awesome-cve-poc
[漏洞分析]  The Shadow over Android Heap exploitation assistance for Android’s libc allocato
https://census-labs.com/media/shadow-infiltrate-2017.pdf
[漏洞分析]  Exploit toolkit CVE-2017-0199 - v2.0
https://github.com/bhdresh/CVE-2017-0199
[Web安全]  Cheetah:一款基于字典的webshell密码爆破工具
https://github.com/sunnyelf/cheetah/blob/master/README_zh.md
[移动安全]  Android malware anti-emulation techniques
https://blogs.sophos.com/2017/04/13/android-malware-anti-emulation-techniques/
[恶意分析]  深度!近期所谓“优酷数据泄露事件”的客观事实还原
http://www.4hou.com/info/observation/4408.html
[漏洞分析]  通过云Fuzz挖掘TCPDump的漏洞
https://www.softscheck.com/en/identifying-security-vulnerabilities-with-cloud-fuzzing/
[编程技术]  GitLab 的员工手册-远程办公协作
https://about.gitlab.com/handbook/
[文档]  Benchmarks: 常用服务器、数据库、中间件安全配置基线
https://github.com/re4lity/Benchmarks
[其它]  [0day] Text/Plain Considered Harmful
https://jankopecky.net/index.php/2017/04/18/0day-textplain-considered-harmful/
[数据挖掘]  Studies in AI & Pixels & Waves - #5
http://bt3gl.github.io/studies-in-ai-pixels-waves-5.html
[杂志]  【重磅推荐】安全客2017季刊第一期新鲜出炉!
http://bobao.360.cn/news/detail/4101.html
[Web安全]  Metasploit Framework docker 版本
https://github.com/phocean/dockerfile-msf
[编程技术]  python奇技淫巧
http://thief.one/2017/04/19/1/
[漏洞分析]  Exploit Monday: Updating Device Guard Code Integrity Policies
http://www.exploit-monday.com/2016/12/updating-device-guard-code-integrity.html?m=1
[漏洞分析]  Design flaws in Lastpass 2FA implementation
http://www.martinvigo.com/design-flaws-lastpass-2fa-implementation/
[运维安全]  doublepulsar-c2-traffic-decryptor: 网络层检测DOUBLEPULSAR攻击
https://github.com/countercept/doublepulsar-c2-traffic-decryptor
[数据挖掘]  THUOCL:清华大学开放中文词库
http://thuocl.thunlp.org/
[恶意分析]  Automating APT Scanning with Loki Scanner and Splunk
http://www.redblue.team/2017/04/automating-apt-scanning-with-loki.html
[运维安全]  使用业务和技术有关的上下文对网络威胁情报(CTI)进行排序
https://mp.weixin.qq.com/s?__biz=MzI4NzU2NjU4NQ==&mid=2247484419&idx=1&sn=a2f2980c5c1d8e028f8fe32d89ee0c82&scene=0#wechat_redirect
[编程技术]  PowerShell Gallery | PowerShellCookbook 1.3.6
https://www.powershellgallery.com/packages/PowerShellCookbook/1.3.6
[恶意分析]  Magnitude EK delivers Cerber | Zerophage Malware
https://zerophagemalware.com/2017/04/21/magnitude-ek-delivers-cerber/
[数据挖掘]  Studies in AI & Pixels & Waves - #7
http://bt3gl.github.io/studies-in-ai-pixels-waves-7.html
[数据挖掘]  Twitter账户活动情况分析工具 – Simple Twitter Profile Analyzer
http://www.freebuf.com/sectool/131658.html
[数据挖掘]  Studies in AI & Pixels & Waves - #11
http://bt3gl.github.io/studies-in-ai-pixels-waves-11.html
[Web安全]  SSL&TLS安全测试
https://www.aptive.co.uk/blog/tls-ssl-security-testing/
[数据挖掘]  Studies in AI & Pixels & Waves - #8
http://bt3gl.github.io/studies-in-ai-pixels-waves-8.html
[Web安全]  Tamper Chrome
https://github.com/google/tamperchrome
[运维安全]  浅谈linux安全加固
http://mp.weixin.qq.com/s/y8np-sFzik15x09536QA5w
[文档]  2016年网络安全威胁的回顾与展望
http://www.antiy.com/response/2016_Antiy_Annual_Security_Report/2016_Antiy_Annual_Security_Report.pdf
[漏洞分析]  通过APC实现Dll注入——绕过Sysmon监控
http://www.4hou.com/technology/4393.html
[设备安全]  2016-2017年第一季度工业控制网络安全态势白皮书
http://www.freebuf.com/articles/paper/131812.html
[设备安全]  ARM Releases Machine Readable Architecture Specification
https://alastairreid.github.io/alastairreid.github.io/ARM-v8a-xml-release/
[Web安全]  Into the symmetry: Meh : CSRF in Facebook Delegated Account Recovery
http://blog.intothesymmetry.com/2017/04/meh-csrf-in-facbook-delegated-account.html
[工具]  jSQL Injection: herramienta automatizada en Java para realizar ataques SQL
http://blog.elhacker.net/2017/04/jsql-injection-herramienta-automatizada-java-ataques-inyeccion-sql.html
[其它]  SEC Consult: Abusing NVIDIA's node.js to bypass application whitelisting
http://blog.sec-consult.com/2017/04/application-whitelisting-application.html
[数据挖掘]  Studies in AI & Pixels & Waves - #10
http://bt3gl.github.io/studies-in-ai-pixels-waves-10.html
[数据挖掘]  Studies in AI & Pixels & Waves - #6
http://bt3gl.github.io/studies-in-ai-pixels-waves-6.html
[恶意分析]  长城宽带内网严重隐患:边界模糊不清
http://www.4hou.com/technology/4411.html
[漏洞分析]  IEETWCollector Arbitrary Directory/File Deletion Pr
https://www.exploit-db.com/exploits/41901/
[Web安全]  PHP HOOK的若干方法
http://blog.csdn.net/u011721501/article/details/70174924
[无线安全]  全面监听:以斯塔西的名义
https://mp.weixin.qq.com/s?__biz=MzIzMzE2OTQyNA==&mid=2648946510&idx=1&sn=7320198c7519aeb2f15a1f0e13b3c4eb&scene=0#wechat_redirect
[移动安全]  android 安全编码指南
http://www.jssec.org/dl/android_securecoding_en.pdf
[杂志]  SecWiki周刊(第163期)
https://www.sec-wiki.com/weekly/163
[Web安全]  EternalPulsar — A practical example of a made up name
https://hackernoon.com/eternalpulsar-a-practical-example-of-a-made-up-name-629737170a9e
[编程技术]  A Closer Look at Chrome's Security: Understanding V8
http://bt3gl.github.io/a-closer-look-at-chromes-security-understanding-v8.html
[工具]  Android漏洞测试套件
https://github.com/AndroidVTS/android-vts
[编程技术]  百度网盘自动添加资源项目(更新GUI版本)
https://github.com/tengzhangchao/BaiDuPan
[恶意分析]  Chrome and Firefox Phishing Attack Uses Domains Identical to Known Safe Sites
https://www.wordfence.com/blog/2017/04/chrome-firefox-unicode-phishing/
[漏洞分析]  Memory corruption in Array concat
https://bugs.chromium.org/p/project-zero/issues/detail?id=1095
[移动安全]  All videos of Android Security Symposium 2017
https://www.youtube.com/playlist?list=PL61IkVbNYniXoAXEFtftfElcSDNZoCLpe
[设备安全]  Introducing CFI in HardenedBSD | SOLDIERX.COM
https://www.soldierx.com/news/Introducing-CFI-HardenedBSD
[运维安全]  Hadoop Security for beginners
http://community.cloudera.com/t5/Security-Apache-Sentry/Hadoop-Security-for-beginners/td-p/48576
[Web安全]  encoding-web-shells-in-png-idat-chunks
https://www.idontplaydarts.com/2012/06/encoding-web-shells-in-png-idat-chunks/
[设备安全]  Smart TV Hack via the Broadcast Signal
https://www.schneier.com/blog/archives/2017/04/smart_tv_hack_v.html
[恶意分析]  DNS Intrusion Detection in Office 365
https://blogs.technet.microsoft.com/office365security/dns-intrusion-detection-in-office-365/
[其它]  list-of-waf-security-bypass-research
https://www.peerlyst.com/posts/list-of-waf-security-bypass-research-karl-m-1
[数据挖掘]  Studies in AI & Pixels & Waves - #9
http://bt3gl.github.io/studies-in-ai-pixels-waves-9.html
[数据挖掘]  Studies in AI & Pixels & Waves - #1
http://bt3gl.github.io/studies-in-ai-pixels-waves-1.html
[恶意分析]  EITEST CAMPAIGN RIG EK / HOEFLERTEXT CHROME POPUP
http://malware-traffic-analysis.net/2017/04/20/index.html
[Web安全]  Bypassing Browser Memory Protections
https://www.blackhat.com/presentations/bh-usa-08/Sotirov_Dowd/bh08-sotirov-dowd.pdf
[数据挖掘]  Studies in AI & Pixels & Waves - #3
http://bt3gl.github.io/studies-in-ai-pixels-waves-3.html
[设备安全]  Introducing SafeStack in HardenedBSD
https://www.soldierx.com/news/Introducing-SafeStack-HardenedBSD
[运维安全]  Ad-LDAP-Enum
http://www.kitploit.com/2017/04/ad-ldap-enum-active-directory-ldap.html
[数据挖掘]  Studies in AI & Pixels & Waves - #2
http://bt3gl.github.io/studies-in-ai-pixels-waves-2.html
[数据挖掘]  Studies in AI & Pixels & Waves - #4
http://bt3gl.github.io/studies-in-ai-pixels-waves-4.html
-----微信ID:SecWiki-----
SecWiki,13年来一直专注安全技术资讯分析!
SecWiki:https://www.sec-wiki.com

本期原文地址: SecWiki周刊(第164期)