SecWiki周刊（第166期)

SecWiki周刊（第166期）

2017/05/01-2017/05/07

安全资讯

[新闻] 网信办就《网络产品和服务安全审查办法》征求意见
http://news.china.com.cn/txt/2017-02/04/content_40221621.htm

[观点] 网络空间安全体系与关键技术（上）
https://mp.weixin.qq.com/s?__biz=MzA3NDQyNzYyNw==&mid=2650620097&idx=4&sn=3723de4670fd975e765dc9d6b418682c&scene=0#wechat_redirect

[观点] 网络空间安全体系与关键技术（下）
https://mp.weixin.qq.com/s?__biz=MzA3NDQyNzYyNw==&mid=2650620097&idx=5&sn=56bcd4318f0dcb7ab4b3504e1984a01d&scene=0#wechat_redirect

[运维安全] IBM如何看待SOC和态势感知
http://www.aqniu.com/learn/24734.html

[Web安全] Web安全工程师微专业二期（2017.5.18之前）
http://mooc.study.163.com/smartSpec/detail/1001227001.htm?utm_source=9305777&utm_medium=cps&utm_campaign=affiliate

[新闻] 中国量子计算机诞生，创世界纪录
http://news.163.com/17/0503/09/CJGILK43000187VI.html

[观点] 中央网信办的全称是什么？今天发的文件对后续网络安全工作的意义
http://mp.weixin.qq.com/s/M-L7jod4Xr81cey6TNFzUA

安全技术

[Web安全] MS17-010 漏洞(SMB)扫描工具-单文件
https://github.com/RiskSense-Ops/MS17-010/blob/master/scanners/smb_ms17_010.py

[漏洞分析] 公开的未修复漏洞列表
https://github.com/ludios/unfixed-security-bugs

[会议] obfuscating-the-empire
https://www.slideshare.net/RyanCobb16/obfuscating-the-empire

[移动安全] 针对WiFi的攻防总结PPT(含原理)
https://bbs.ichunqiu.com/forum.php?mod=viewthread&tid=1785&highlight=%E6%94%BB%E9%98%B2?from=51

[Web安全] 手把手教你如何使用Docker进行Web渗透测试
http://www.freebuf.com/articles/web/133318.html

[Web安全] 【技术分享】WebSocket漏洞与防护详解
http://bobao.360.cn/learning/detail/3795.html

[运维安全] Docker基础总结
http://thief.one/2017/05/04/1/

[工具] 修改Hosts即刻访问Google，Facebook，Twitter，YouTube,Torproject
https://hack80.wordpress.com/2017/05/05/hosts-5-5/

[工具] 密码学（Crypto）一些在线解密网站
http://wiki.bodkin.ren/CTF/Crypto/DecryptWebList.md

[运维安全] 配置YubiKey通过Challenge Response 模式登录Linux
http://www.cnblogs.com/xiaoxiaoleo/p/6806525.html

[漏洞分析] Automatic Exploit Generation：漏洞利用自动化
https://zhuanlan.zhihu.com/p/26690230

[编程技术] 根据公司名抓取相关员工的Linkedin数据
http://blog.csdn.net/bone_ace/article/details/71055153

[Web安全] sensitivefilescan: 目录遍历与敏感文件扫描工具
https://github.com/aipengjie/sensitivefilescan

[编程技术] 图形解锁验证码破解（附Python代码）
http://blog.csdn.net/bone_ace/article/details/71056741

[Web安全] WordPress Core 4.6 - Unauthenticated Remote Code Execution (RCE) PoC Exploit
https://exploitbox.io/vuln/WordPress-Exploit-4-6-RCE-CODE-EXEC-CVE-2016-10033.html

[Web安全] fastjson 远程反序列化poc的构造和分析
http://xxlegend.com/2017/04/29/title-%20fastjson%20%E8%BF%9C%E7%A8%8B%E5%8F%8D%E5%BA%8F%E5%88%97%E5%8C%96poc%E7%9A%84%E6%9E%84%E9%80%A0%E5%92%8C%E5%88%86%E6%9E%90/

[其它] PWN2OWN 2017 Linux 内核提权漏洞分析
https://zhuanlan.zhihu.com/p/26674557

[Web安全] Wordpress 4.6远程代码执行漏洞（CVE-2016-10033）复现环境搭建指南
http://www.freebuf.com/vuls/133860.html

[恶意分析] NSA DanderSpiritz测试指南——木马生成与测试
https://3gstudent.github.io/3gstudent.github.io/NSA-DanderSpiritz%E6%B5%8B%E8%AF%95%E6%8C%87%E5%8D%97-%E6%9C%A8%E9%A9%AC%E7%94%9F%E6%88%90%E4%B8%8E%E6%B5%8B%E8%AF%95/

[Web安全] 漏洞预警-WordPress 4.6 远程代码执行(附PoC和演示视频)
http://blog.shellpub.com/2017/05/03/wordpress_core_remote_code_excute.html

[数据挖掘] wooyunallbugs: wooyun_all_bugs 历史存档数据和图片
https://github.com/m0l1ce/wooyunallbugs

[无线安全] 如何利用Fluxion诱惑目标用户获取WPA密码
http://www.freebuf.com/articles/wireless/133315.html

[Web安全] WordPress Core <= 4.7.4 Potential Unauthorized Password Reset (0day)
https://exploitbox.io/vuln/WordPress-Exploit-4-7-Unauth-Password-Reset-0day-CVE-2017-8295.html

[无线安全] 蓝牙App漏洞系列分析之一CVE-2017-0601
https://xianzhi.aliyun.com/forum/read/1570.html

[杂志] 第一期白帽时鉴期刊 - 密码: mfpt
https://pan.baidu.com/s/1kVI93BT

[比赛] liberty writeup defcon 2017
https://github.com/deroko/liberty

[漏洞分析] Fastjson Unserialize Vulnerability Write Up
https://ricterz.me/posts/Fastjson%20Unserialize%20Vulnerability%20Write%20Up

[Web安全] SSF: Secure Socket Funneling (SSF) is a network tool and toolkit
https://securesocketfunneling.github.io/ssf/#home

[工具] NSA后门程序DoublePulsar事件后续，清理工具下载点这里
http://www.freebuf.com/articles/system/133302.html

[Web安全] 代理转发工具汇总分析
https://www.t00ls.net/articles-35614.html

[文档] Threat Hunting and IR Summit SANS组织的威胁追踪会议PPT
https://digital-forensics.sans.org/community/summits

[比赛] UIUCTF 2017 - ZippyPics
https://jbzteam.github.io/web/UIUC2017-ZippyPics

[Web安全] XSS Bypass Cookbook ver 3.0 附带 PDF 下载
http://www.math1as.com/index.php/archives/426/

[移动安全] TrustZone安全技术研究
http://paper.seebug.org/296/

[论文] 计算机系统安全学术圈分析-数据为近十几年的顶会论文
http://www.csyssec.org/20161230/csysseccircus/

[设备安全] Intel's remote AMT vulnerablity
http://mjg59.dreamwidth.org/48429.html

[Web安全] Pwning PHP mail() function For Fun And RCE
https://exploitbox.io/paper/Pwning-PHP-Mail-Function-For-Fun-And-RCE.html

[设备安全] 从hash传递攻击谈相关Windows安全机制
http://bobao.360.cn/learning/detail/3793.html

[Web安全] Smart7ec:基于Linux c开发的插件式扫描器(Python/lua)
https://github.com/hxp2k6/smart7ec-scan-console

[工具] Shodan新工具发布：木马恶意软件C&C服务器搜索引擎
http://www.freebuf.com/sectool/133663.html

[文档] The slides of BFH2017 漏洞分析与利用培训课程 PPT
https://exploit.courses/files/bfh2017/content.html

[数据挖掘] 数据驱动安全架构升级---“花瓶”模型迎来V5.0(二)
http://zhaisj.blog.51cto.com/219066/1921936

[设备安全] Architecting a Modern Defense using Device Guard
https://drive.google.com/file/d/0B-K55rLoulAfOGVteEllR0xnRnc/view

[杂志] 【白帽时鉴期刊第一期】在线阅读及PDF下载 – 即刻安全
http://www.secist.com/archives/3293.html

[漏洞分析] 【漏洞分析】PHPCMS V9.6.1 任意文件读取漏洞分析（含PoC，已有补丁）
http://bobao.360.cn/learning/detail/3805.html

[运维安全] 搭建自己的 Docker Mirror
http://blog.evalbug.com/2016/08/28/docker_mirror/

[工具] vulners.com [漏洞、exploit等]
https://vulners.com

[运维安全] 有效的Threat Hunting之一-Who, What, Where, When, Why and How
https://www.sec-un.org/%e6%9c%89%e6%95%88%e7%9a%84threat-hunting%e4%b9%8b%e4%b8%80-who-what-where-when-why-and-how/

[Web安全] Android软件逆向核心技术
http://www.ichunqiu.com/course/57341

[数据挖掘] 数据驱动安全架构升级---“花瓶”模型迎来V5.0(一)
http://zhaisj.blog.51cto.com/219066/1921892

[Web安全] 新式攻击使用W3C环境光线传感器来窃取浏览器的敏感信息（含演示视频）
http://www.freebuf.com/articles/web/133004.html

[运维安全] Active Directory攻防实验室环境搭建教程（一）
http://www.4hou.com/technology/4451.html

[运维安全] 威胁追踪（hunting）之二：生成假设
https://www.sec-un.org/%e5%a8%81%e8%83%81%e8%bf%bd%e8%b8%aa%ef%bc%88hunting%ef%bc%89%e4%b9%8b%e4%ba%8c%ef%bc%9a%e7%94%9f%e6%88%90%e5%81%87%e8%ae%be/

[工具] 【渗透神器系列】nmap
http://thief.one/2017/05/02/1/

[运维安全] 威胁追踪（hunting）之三：从SANS的会议看HuntingMicrosoftGoogle厂商
https://www.sec-un.org/%e5%a8%81%e8%83%81%e8%bf%bd%e8%b8%aa%ef%bc%88hunting%ef%bc%89%e4%b9%8b%e4%b8%89%ef%bc%9a%e4%bb%8esans%e7%9a%84%e4%bc%9a%e8%ae%ae%e7%9c%8bhuntingmicrosoftgoogle%e5%8e%82%e5%95%86/

[恶意分析] Stealthy RAT Targeting North Korea Since 2014
https://threatpost.com/stealthy-rat-targeting-north-korea-since-2014/125450/

[恶意分析] flare-floss: FireEye Labs Obfuscated String Solver 混淆字符串提取工具
https://github.com/fireeye/flare-floss

[Web安全] bug bounty - 绕过限制劫持Skpe账号
http://blog.csdn.net/u011721501/article/details/71107858

[恶意分析] Malware Hunter — Shodan's new tool to find Malware C&C Servers
http://thehackernews.com/2017/05/shodan-malware-hunter.html

[Web安全] [黑客故事] 盘点史上最严重的的十大黑客袭击事件
https://bbs.ichunqiu.com/forum.php?mod=viewthread&tid=18986&extra=page%3D1%26filter%3Dtypeid%26typeid%3D153

[工具] 80 Linux Monitoring Tools
https://www.serverdensity.com/monitor/linux/how-to/

[杂志] SecWiki周刊（第165期)
https://www.sec-wiki.com/weekly/165

[观点] Who is Publishing NSA and CIA Secrets, and Why?
https://www.schneier.com/blog/archives/2017/05/who_is_publishi.html

-----微信ID：SecWiki-----
SecWiki，12年来一直专注安全技术资讯分析！
SecWiki：https://www.sec-wiki.com

本期原文地址: SecWiki周刊(第166期)

SecWiki周刊（第166期）

最新公告

友情链接

SecWiki公众号

安全学术圈