SecWiki周刊(第173期)
2017/06/19-2017/06/25
安全资讯
[移动安全]  控制域名忘记续费,三星数百万台手机陷入“任人宰割”境地
http://www.4hou.com/info/news/5548.html
[爆库]  The RNC Files: Inside the Largest US Voter Data Leak
https://www.upguard.com/breaches/the-rnc-files
[恶意分析]  维基解密揭露针对网闸设备和封闭网络的CIA工具
https://mp.weixin.qq.com/s?__biz=MzI2NzM3MTQ1Mw==&mid=2247484066&idx=1&sn=a621127befdc3b9192e7066b63279531&scene=0#wechat_redirect
[人物]  毕裕:从电脑少年到威胁猎人 他要将账号安全做到极致
https://mp.weixin.qq.com/s?__biz=MzIzMTAzNzUxMQ==&mid=2652880455&idx=1&sn=14cde1dff8bbe7141c9d1bfe9d6015ef&scene=0#wechat_redirect
[新闻]  首届中国数据安全峰会上阿里和华为都讲了啥
http://www.aqniu.com/industry/26134.html
[新闻]  中国网络安全企业50强(2017年上半年)
https://www.easyaq.com/news/897276489.shtml
[新闻]  32TB of Windows 10 internal builds, core source code leak online
http://www.theregister.co.uk/2017/06/23/windows_10_leak/
[观点]  《网络安全法》概要及企业应对介绍中文版
https://mp.weixin.qq.com/s?__biz=MzIyODcxODI5MA==&mid=2247484302&idx=1&sn=dcb296a41955ea7e1cd38d55d949af10&scene=0#wechat_redirect
[人物]  腾讯云鼎实验室掌门人killer专访:安全路上,杀手没有假期
http://www.freebuf.com/articles/people/137348.html
[新闻]  维基解密爆料美国中情局文件事件综述
https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664108726&idx=1&sn=168cd3bae9760c5ac5cc7ed34373d5c0&scene=0#wechat_redirect
安全技术
[Web安全]  druid/wallfilter:基于SQL语义分析来实现防御SQL注入攻击
https://github.com/alibaba/druid/wiki/%E9%85%8D%E7%BD%AE-wallfilter
[工具]  强大的内网域渗透提权分析工具——BloodHound
http://www.4hou.com/penetration/5554.html
[漏洞分析]  Windows Server中的 WINS 服务器远程内存损坏漏洞分析
http://www.4hou.com/vulnerable/5635.html
[数据挖掘]  scikit-learn随机森林调参小结
http://www.cnblogs.com/pinard/p/6160412.html
[恶意分析]  基于USB armory 制作一个USB恶意软件分析器
http://www.4hou.com/technology/5525.html
[Web安全]  CloudFail: 查找CloudFlare CDN 背后的真实 IP 地址
https://github.com/m0rtem/CloudFail
[Web安全]  Rasp 技术介绍与实现
http://paper.seebug.org/330/
[无线安全]  waidps: Wireless Auditing, Intrusion Detection & Prevention System
https://github.com/SYWorks/waidps
[数据挖掘]  Kaggle初探--房价预测案例之数据分析
http://www.jianshu.com/p/62716b33e7be
[比赛]  2017 GCTF(全球华人网络安全技能大赛)线上赛writeup
http://www.freebuf.com/articles/others-articles/137491.html
[比赛]  CTF比赛中SQL注入的一些经验总结
http://www.freebuf.com/articles/web/137094.html
[Web安全]  域渗透提权分析工具 BloodHound 1.3 中的ACL攻击路径介绍
http://www.4hou.com/penetration/5752.html
[无线安全]  不止Kali 和 Aircrack-ng | 无线渗透工具合集
http://www.4hou.com/tools/5584.html
[Web安全]  Tomcat 源代码调试笔记 - 看不见的 Shell
https://mp.weixin.qq.com/s?__biz=MzI5Nzc0OTkxOQ==&mid=2247483666&idx=1&sn=6421b39037735953fa3148bdbf5bf912&chksm=ecb11de2dbc694f4e00a55667fdc81387d53494788f43ec90327fa64f8c02fa6805fc0577671&mpshare=1&scene=1&srcid=0623Z7avuWtePZvyDd2GWbOi&key=f0ee669
[运维安全]  甲方安全建设步骤
http://pirogue.org/2017/06/17/%E7%94%B2%E6%96%B9%E5%AE%89%E5%85%A8%E5%BB%BA%E8%AE%BE%E6%AD%A5%E9%AA%A4/
[编程技术]  轻松组建分布式 pyspider 集群
https://imlonghao.com/10.html
[Web安全]  子域名发掘神器:AQUATONE
http://www.freebuf.com/sectool/137806.html
[恶意分析]  从无效的DNS流量中检测基于DGA的恶意程序
http://paper.kakapo.ml/?p=135
[取证分析]  电子数据取证技能树 (V1)
https://mp.weixin.qq.com/s?__biz=MzUyNTA2MTQ5Mw==&mid=2247483707&idx=1&sn=584d666fb85762354378d0919dad5ed5&scene=0#wechat_redirect
[恶意分析]  FIN7 APT组织攻击木马分析报告
http://www.freebuf.com/articles/network/137612.html
[Web安全]  设计安全:漏洞扫描在Web应用安全的作用
https://mp.weixin.qq.com/s?__biz=MzI4NzU2NjU4NQ==&mid=2247484831&idx=1&sn=d037b43cfbd614df1019e7bb2a388348&chksm=ebcafa09dcbd731ff7cd4a01c474017a8aa6f4be88d5aa7df4b03c85823936627c78c7cd30bc&mpshare=1&scene=1&srcid=0620T2t4AdI8fWieqAJ8Xwhj&key=7dad740
[其它]  vlany:Linux LD_PRELOAD rootkit (x86 and x86_64 architectures)
https://github.com/mempodippy/vlany
[运维安全]  没有钱的安全部之资产安全
http://www.jianshu.com/p/572431447613?from=timeline
[设备安全]  路由器固件安全分析技术(一)
https://www.vulbox.com/knowledge/detail/?id=35
[Web安全]  Java反序列化漏洞分析|漏洞研究
https://xianzhi.aliyun.com/forum/read/1757.html
[Web安全]  班主任之眼!——看穿验证码少女の薄纱
https://mp.weixin.qq.com/s?__biz=MzA5ODUxOTA5Mg==&mid=2652553452&idx=1&sn=64488941360b6ecf39bd87692a2fbfc3&chksm=8b7e31b7bc09b8a1cfa12b807cd30f21f86f261587fab6ae9e6e96e4d9565cc8caf4de21a8de&mpshare=1&scene=1&srcid=0618wdfKfLDuFKYK6o4IQqPN&key=110a1ce
[Web安全]  菜鸟学代码审计-PIMS三个漏洞+里程密最新版V2.3 SQL注入漏洞
https://xianzhi.aliyun.com/forum/read/1761.html
[移动安全]  2017年度移动APP 安全漏洞与数据泄露现状报告
http://image.3001.net/uploads/pdf/2017%E5%B9%B4%E5%BA%A6%E7%A7%BB%E5%8A%A8App%E5%AE%89%E5%85%A8%E6%BC%8F%E6%B4%9E%E4%B8%8E%E6%95%B0%E6%8D%AE%E6%B3%84%E9%9C%B2%E7%8E%B0%E7%8A%B6%E6%8A%A5%E5%91%8A%20BY%20FreeBuf.pdf
[工具]  Kali Linux中优秀Wifi渗透工具TOP 10
http://www.freebuf.com/sectool/137163.html
[漏洞分析]  Share with care: Exploiting a Firefox UAF with shared array buffers
https://phoenhex.re/2017-06-21/firefox-structuredclone-refleak
[恶意分析]  Wannacry深度解析:第一阶段tasksche
http://www.freebuf.com/vuls/135822.html
[漏洞分析]  利用USB Flash Drive 黑掉马自达汽车
https://www.bleepingcomputer.com/news/security/you-can-hack-some-mazda-cars-with-a-usb-flash-drive/
[其它]  我当初是怎么管理技术团队的
http://www.cnblogs.com/zhengyun_ustc/p/7047366.html
[Web安全]  Web 前端安全:从MVVM 框架说起
https://speakerdeck.com/oritz/mvvm-framework-security
[运维安全]  NTP/SNMP amplification attacks Carnal0wnage
http://carnal0wnage.attackresearch.com/2017/06/ntpsnmp-amplification-attacks.html
[Web安全]  跨站的艺术-XSS入门与介绍
http://www.fooying.com/the-art-of-xss-1-introduction/
[漏洞分析]  The OpenVPN post-audit bug bonanza
https://guidovranken.wordpress.com/2017/06/21/the-openvpn-post-audit-bug-bonanza/
[无线安全]  逆向分析华为E5573 4G Modem
http://www.4hou.com/technology/5744.html
[运维安全]  怎样构建基于SDN网络的自动化运维系统
https://mp.weixin.qq.com/s?__biz=MzA4Nzg5Nzc5OA==&mid=2651667064&idx=1&sn=8b872635c9da1577802269d926e33bcb&scene=0#wechat_redirect
[Web安全]  使用Python检测并绕过Web应用程序防火墙
http://www.4hou.com/penetration/5698.html
[Web安全]  VIPROY - VoIP Pen-Test Kit for Metasploit Framework
https://github.com/fozavci/viproy-voipkit
[其它]  The Stack Clash
https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt
[漏洞分析]  【技术分享】针对巴基斯坦的某APT活动事件分析
http://bobao.360.cn/learning/detail/4020.html
[数据挖掘]  Findsploit: Find exploits in local and online databases
https://github.com/1N3/Findsploit
[编程技术]  NSA OSS Technologies 美国国家安全局开源技术
https://nationalsecurityagency.github.io/
[设备安全]  针对工业控制系统的新型攻击武器 Industroyer 深度剖析
http://paper.seebug.org/328/
[数据挖掘]  一文读懂特征工程
https://mp.weixin.qq.com/s/CkDzLZCXOF6zzrn6_dd6Jw
[设备安全]  SCADA Penetration Testing: Do I need to be prepared
http://research.aurainfosec.io/scada-penetration-testing/
[恶意分析]  malwaresearch: A command line tool to find malwares
https://github.com/MalwareReverseBrasil/malwaresearch
[移动安全]  trollface: AirDrop trollfaces to everyone.
https://github.com/neonichu/trolldrop
[Web安全]  Django两则CVE-2017-7233和CVE-2017-7234url跳转漏洞分析
https://xianzhi.aliyun.com/forum/read/1746.html
[数据挖掘]  angel: 高性能分布式机器学习平台
https://github.com/Tencent/angel
[观点]  Gartner公布2017年顶级安全技术
https://mp.weixin.qq.com/s?__biz=MzIwOTA1MDAyNA==&mid=2649841199&idx=4&sn=0dcad94c5f9930866bff7bae6cc3ff68&scene=0#wechat_redirect
[设备安全]  An easy way to pwn most of the vivotek network cameras
https://blog.cal1.cn/post/An%20easy%20way%20to%20pwn%20most%20of%20the%20vivotek%20network%20cameras
[Web安全]  浏览器指纹和追踪
https://0x0d.im/archives/broswer-fingerprint-and-tracking.html
[编程技术]  The PHP module rootkit [CODE]
https://github.com/Paradoxis/PHP-Rootkit
[Web安全]  Pcap_tools: 基于网络流量包的漏洞自动化分析
https://github.com/pythonran/Pcap_tools
[设备安全]  A PoC that the USB port is an attack surface for a Mazda car's
https://github.com/shipcod3/mazda_getInfo
[文档]  2017年上半年网络诈骗趋势研究报告
http://zt.360.cn/1101061855.php?dtid=1101062366&did=490534325
[Web安全]  Authentication bypass on Airbnb via OAuth tokens theft
https://www.arneswinnen.net/2017/06/authentication-bypass-on-airbnb-via-oauth-tokens-theft/
[Web安全]  我是如何拿下破冰项目的|技术讨论
https://xianzhi.aliyun.com/forum/read/1769.html
[数据挖掘]  RussiaDNSLeak: Summary and archives of leaked Russian TLD DNS data
https://github.com/mandatoryprogrammer/RussiaDNSLeak
[其它]  snodew:PHP root (suid) reverse shell
https://github.com/mempodippy/snodew
[观点]  走近黑客雇佣市场:刀尖上“跳舞”,悬崖边狂欢
http://www.freebuf.com/news/137646.html
[运维安全]  Deployment checklist for securely deploying Docker
https://github.com/GDSSecurity/Docker-Secure-Deployment-Guidelines
[恶意分析]  有效的基于区域的网络威胁信息共享
https://mp.weixin.qq.com/s?__biz=MzI4NzU2NjU4NQ==&mid=2247484946&idx=1&sn=6b902472c87438b47c5227c0d6d5de59&scene=0#wechat_redirect
[编程技术]  网络安全框架:联邦机构实施指南
https://mp.weixin.qq.com/s?__biz=MzI4NzU2NjU4NQ==&mid=2247484929&idx=1&sn=f94a98bacfa8cbca30765fc581112d9c&scene=0#wechat_redirect
[Web安全]  SecWiki周刊(第172期)
https://www.sec-wiki.com/weekly/172
[编程技术]  Your interpreter isn’t safe anymore — The PHP module rootkit
https://blog.paradoxis.nl/your-interpreter-isnt-safe-anymore-the-php-module-rootkit-c7ca6a1a9af5
[运维安全]  20170616-信用评分模型
https://mp.weixin.qq.com/s?__biz=MzI4OTQ3MTI2NA==&mid=2247483810&idx=1&sn=7bc6d03ac221d74b850418747a8c8bdf&scene=0#wechat_redirect
[编程技术]  聊聊容器网络那些事儿
https://mp.weixin.qq.com/s?__biz=MzA5OTAyNzQ2OA==&mid=2649691135&idx=1&sn=bb0b74bdc5d0904eb23772d83a5f09a5&scene=0#wechat_redirect
[设备安全]  Rethinking a Secure Internet of Things
http://iot.stanford.edu/doc/SITP-summary-2016-project.pdf
[Web安全]  大数据、机器学习推动下的验证码技术发展:网易易盾验证码评测与解读
http://www.freebuf.com/articles/network/133358.html
[Web安全]  A Pentester’s Guide to Group Scoping
http://www.harmj0y.net/blog/activedirectory/a-pentesters-guide-to-group-scoping/
-----微信ID:SecWiki-----
SecWiki,12年来一直专注安全技术资讯分析!
SecWiki:https://www.sec-wiki.com

本期原文地址: SecWiki周刊(第173期)