SecWiki周刊(第181期)
2017/08/14-2017/08/20
安全资讯
DOS攻击兵器库[Updated for 2017]
https://www.520waf.com/2017/08/dos-attacks-free-dos-attacking-tools/
https://www.520waf.com/2017/08/dos-attacks-free-dos-attacking-tools/
在线DDoS平台剧增,中国已经黑客化?
http://www.4hou.com/info/industry/7300.html
http://www.4hou.com/info/industry/7300.html
从XshellGhost事件谈供应链污染
http://www.arkteam.net/?p=2621
http://www.arkteam.net/?p=2621
HBO hack: a comprensive timeline
https://www.owlcyber.com/blog/2017/hbo-hack-a-comprensive-timeline
https://www.owlcyber.com/blog/2017/hbo-hack-a-comprensive-timeline
Rapid7 warns of Remote Desktop Protocol (RDP) exposure for millions of endpoints
http://securityaffairs.co/wordpress/62004/hacking/rdp-exposure-report.html
http://securityaffairs.co/wordpress/62004/hacking/rdp-exposure-report.html
美国法官裁决 LinkedIn 不能禁止创业公司访问公开账号数据
http://www.solidot.org/story?sid=53466
http://www.solidot.org/story?sid=53466
关于印发《一流网络安全学院建设示范项目管理办法》的通知
http://www.cac.gov.cn/2017-08/14/c_1121477715.htm
http://www.cac.gov.cn/2017-08/14/c_1121477715.htm
特朗普宣布升级美军网络司令部计划,加强国家网络安全防御体系
http://hackernews.cc/archives/13678
http://hackernews.cc/archives/13678
美国防部的“Voltron”计划:利用AI挖掘军事软件漏洞
https://mp.weixin.qq.com/s?__biz=MzI4MjA1MzkyNA==&mid=2655295637&idx=2&sn=8883a809a7045c8da24f324288b90136&scene=0#wechat_redirect
https://mp.weixin.qq.com/s?__biz=MzI4MjA1MzkyNA==&mid=2655295637&idx=2&sn=8883a809a7045c8da24f324288b90136&scene=0#wechat_redirect
安全预警:Xshell 5官方版本被植入后门,更新即中招
http://www.4hou.com/info/news/7244.html
http://www.4hou.com/info/news/7244.html
从朝鲜攻击事件看间谍活动主谋间的关系
http://www.4hou.com/info/news/7119.html
http://www.4hou.com/info/news/7119.html
安全技术
人工智能真的会成为安全行业的未来吗?CSS 2017大会有感
http://www.freebuf.com/news/144470.html
http://www.freebuf.com/news/144470.html
如何在Google Cloud上安装Kali Linux
http://www.osshell.com/?p=99
http://www.osshell.com/?p=99
利用 ew 轻松穿透目标多级内网
https://klionsec.github.io/2017/08/05/ew-tunnel/
https://klionsec.github.io/2017/08/05/ew-tunnel/
弹性安全网络 -- 构建下一代安全的互联网
https://mp.weixin.qq.com/s?__biz=MjM5NzA4ODc0MQ==&mid=2648628796&idx=1&sn=00a9a13e931024d5ebe62ba81e234a58&scene=0#wechat_redirect
https://mp.weixin.qq.com/s?__biz=MjM5NzA4ODc0MQ==&mid=2648628796&idx=1&sn=00a9a13e931024d5ebe62ba81e234a58&scene=0#wechat_redirect
Office CVE-2017-8570远程代码执行漏洞复现
http://www.freebuf.com/vuls/144054.html
http://www.freebuf.com/vuls/144054.html
DockerFinder-Multi-attribute search of Docker images
http://black.di.unipi.it/dockerfinder
http://black.di.unipi.it/dockerfinder
Openrasp: 百度开源自适应安全解决方案
http://rasp.baidu.com/
http://rasp.baidu.com/
Dawn Song AI安全《AI and Security》PPT
https://www.microsoft.com/en-us/research/wp-content/uploads/2017/07/AI_and_Security_Dawn_Song.pdf
https://www.microsoft.com/en-us/research/wp-content/uploads/2017/07/AI_and_Security_Dawn_Song.pdf
从瑞士军刀到变形金刚--XSS攻击面拓展
https://xianzhi.aliyun.com/forum/read/1988.html
https://xianzhi.aliyun.com/forum/read/1988.html
nullsecurity 团队的安全工具(扫描/利用/后门/记录/清除)
https://github.com/nullsecuritynet/tools
https://github.com/nullsecuritynet/tools
Python爬虫项目整理
https://segmentfault.com/p/1210000009117809/read
https://segmentfault.com/p/1210000009117809/read
ZentaoPMS任意文件上传漏洞复现
https://bbs.ichunqiu.com/thread-26016-1-1.html?from=sec
https://bbs.ichunqiu.com/thread-26016-1-1.html?from=sec
[智能硬件安全] 浅谈SS7七号信令劫持
https://bbs.ichunqiu.com/thread-25983-1-1.html?from=sec
https://bbs.ichunqiu.com/thread-25983-1-1.html?from=sec
Android漏洞扫描工具Code Arbiter
https://tech.meituan.com/Android-Code-Arbiter.html
https://tech.meituan.com/Android-Code-Arbiter.html
Fastener: Web版在线Webshell管理工具
https://github.com/BlackHole1/Fastener
https://github.com/BlackHole1/Fastener
Python 编写的 IP/TCP/UDP数据包分析及解析
https://github.com/tanjiti/packet_analysis
https://github.com/tanjiti/packet_analysis
Chrome XSS Auditor – SVG Bypass
https://brutelogic.com.br/blog/chrome-xss-auditor-svg-bypass/
https://brutelogic.com.br/blog/chrome-xss-auditor-svg-bypass/
Pwnhub 第一次线下沙龙竞赛Web题解析
https://www.leavesongs.com/PENETRATION/pwnhub-first-shalon-ctf-web-writeup.html
https://www.leavesongs.com/PENETRATION/pwnhub-first-shalon-ctf-web-writeup.html
windows提权系列上篇
http://mp.weixin.qq.com/s/uOArxXIfcI4fjqnF9BDJGA
http://mp.weixin.qq.com/s/uOArxXIfcI4fjqnF9BDJGA
银行卡quickpass闪付芯片通过EVM/PBOC读取隐私信息
https://bbs.ichunqiu.com/thread-25955-1-1.html?from=sec
https://bbs.ichunqiu.com/thread-25955-1-1.html?from=sec
PassiveScanner: 基于Mitmproxy和Arachni的被动式扫描器
https://github.com/jjf012/PassiveScanner
https://github.com/jjf012/PassiveScanner
Malicious_Domain_Whois: 非法域名挖掘与画像系统
https://github.com/h-j-13/Malicious_Domain_Whois?from=timeline
https://github.com/h-j-13/Malicious_Domain_Whois?from=timeline
WebSocket应用安全问题分析
https://security.tencent.com/index.php/blog/msg/119
https://security.tencent.com/index.php/blog/msg/119
WOOT '17 Workshop Program PPT 下载
https://www.usenix.org/conference/woot17/workshop-program
https://www.usenix.org/conference/woot17/workshop-program
Darknet Markets Category 暗网市场统计列表[在线/下线]
https://darkwebnews.com/category/darknet-markets/
https://darkwebnews.com/category/darknet-markets/
XShell后门DNS Tunnel编码分析
http://bobao.360.cn/learning/detail/4258.html?from=wiki
http://bobao.360.cn/learning/detail/4258.html?from=wiki
Turla APT actor refreshes KopiLuwak JavaScript backdoor for use in G20-themed attack
https://www.proofpoint.com/us/threat-insight/post/turla-apt-actor-refreshes-kopiluwak-javascript-backdoor-use-g20-themed-attack
https://www.proofpoint.com/us/threat-insight/post/turla-apt-actor-refreshes-kopiluwak-javascript-backdoor-use-g20-themed-attack
Xshell高级后门完整分析报告
https://security.tencent.com/index.php/blog/msg/120
https://security.tencent.com/index.php/blog/msg/120
Cyber Grand Challenge: The Analysis CGC 决赛总结视频
https://www.youtube.com/watch?v=SYYZjTx92KU
https://www.youtube.com/watch?v=SYYZjTx92KU
中科院网络空间安全硕士课程列表-[自学路线参考]
http://scs.ucas.ac.cn/index.php/zh-cn/jyjx/jwgl/kcsz/yjs
http://scs.ucas.ac.cn/index.php/zh-cn/jyjx/jwgl/kcsz/yjs
企业安全建设之数据库安全(上)
https://mp.weixin.qq.com/s/EZ71SU21tOa35VQayH8Hfw
https://mp.weixin.qq.com/s/EZ71SU21tOa35VQayH8Hfw
谈谈HTML5本地存储——WebStorage
http://syean.cn/2017/08/15/%E8%B0%88%E8%B0%88HTML5%E6%9C%AC%E5%9C%B0%E5%AD%98%E5%82%A8%E2%80%94%E2%80%94WebStorage/
http://syean.cn/2017/08/15/%E8%B0%88%E8%B0%88HTML5%E6%9C%AC%E5%9C%B0%E5%AD%98%E5%82%A8%E2%80%94%E2%80%94WebStorage/
微信Netting-QRLJacking分析利用-扫我二维码获取你的账号权限
https://bbs.ichunqiu.com/thread-25923-1-1.html?from=sec
https://bbs.ichunqiu.com/thread-25923-1-1.html?from=sec
看我如何收集全网IP的whois信息
http://mp.weixin.qq.com/s/qz0b42DKhgo1sfitcUKhtQ
http://mp.weixin.qq.com/s/qz0b42DKhgo1sfitcUKhtQ
sectoolset -- 搜集的Github关于安全工具集合
https://github.com/bollwarm/sectoolset
https://github.com/bollwarm/sectoolset
windows_pentest_tools: Windows 渗透测试工具集
https://github.com/xiaoxiaoleo/windows_pentest_tools
https://github.com/xiaoxiaoleo/windows_pentest_tools
Forensic analysis of Telegram Messenger for Windows Phone
http://www.sciencedirect.com/science/article/pii/S1742287617301032
http://www.sciencedirect.com/science/article/pii/S1742287617301032
逆向工程恶意软件入门(基础篇)
http://www.4hou.com/reverse/7258.html
http://www.4hou.com/reverse/7258.html
走到哪黑到哪——Android渗透测试三板斧
http://bobao.360.cn/learning/detail/4254.html
http://bobao.360.cn/learning/detail/4254.html
Linux下容易被忽视的那些命令用法
https://segmentfault.com/p/1210000010668099/read
https://segmentfault.com/p/1210000010668099/read
kali Linux 上编译并使用RFID核弹——proxmark3
https://bbs.ichunqiu.com/thread-25896-1-1.html?from=sec
https://bbs.ichunqiu.com/thread-25896-1-1.html?from=sec
Booters with Chinese Characteristics: The Rise of Chinese Online DDoS Platforms
http://blog.talosintelligence.com/2017/08/chinese-online-ddos-platforms.html
http://blog.talosintelligence.com/2017/08/chinese-online-ddos-platforms.html
[智能硬件安全] HackRF 无线电操作教程/3G物联网中某些不可描述功能
https://bbs.ichunqiu.com/thread-25771-1-1.html?from=sec
https://bbs.ichunqiu.com/thread-25771-1-1.html?from=sec
A Quick Look at a New KONNI RAT Variant
https://blog.fortinet.com/2017/08/15/a-quick-look-at-a-new-konni-rat-variant
https://blog.fortinet.com/2017/08/15/a-quick-look-at-a-new-konni-rat-variant
在Ubuntu服务器上使用Chrome Headless
https://jiayi.space/post/zai-ubuntufu-wu-qi-shang-shi-yong-chrome-headless
https://jiayi.space/post/zai-ubuntufu-wu-qi-shang-shi-yong-chrome-headless
Inside the Kronos malware
https://blog.malwarebytes.com/cybercrime/2017/08/inside-kronos-malware/
https://blog.malwarebytes.com/cybercrime/2017/08/inside-kronos-malware/
案例丨某省级政务云大数据安全平台建设思路
http://www.aqniu.com/learn/27387.html
http://www.aqniu.com/learn/27387.html
SecWiki周刊(第180期)
https://www.sec-wiki.com/weekly/180
https://www.sec-wiki.com/weekly/180
用安卓手机获取锁屏下Windows电脑的登陆密码hash
http://5alt.me/2016/10/%E7%94%A8%E5%AE%89%E5%8D%93%E6%89%8B%E6%9C%BA%E8%8E%B7%E5%8F%96%E9%94%81%E5%B1%8F%E4%B8%8Bwindows%E7%94%B5%E8%84%91%E7%9A%84%E7%99%BB%E9%99%86%E5%AF%86%E7%A0%81hash/
http://5alt.me/2016/10/%E7%94%A8%E5%AE%89%E5%8D%93%E6%89%8B%E6%9C%BA%E8%8E%B7%E5%8F%96%E9%94%81%E5%B1%8F%E4%B8%8Bwindows%E7%94%B5%E8%84%91%E7%9A%84%E7%99%BB%E9%99%86%E5%AF%86%E7%A0%81hash/
msdtc后门的实现思路
http://www.4hou.com/system/6890.html
http://www.4hou.com/system/6890.html
DNS代理服务器,支持记录log到数据库中
https://zhuanlan.zhihu.com/p/28526105
https://zhuanlan.zhihu.com/p/28526105
轻松审计代码安全性,Windows 10有妙招
http://www.4hou.com/system/7264.html
http://www.4hou.com/system/7264.html
如何在目标内网中发现更多存活主机
https://klionsec.github.io/2016/06/25/atived-machine-discovnery/
https://klionsec.github.io/2016/06/25/atived-machine-discovnery/
pylogin系列之畅言登录评论接口分析
https://mp.weixin.qq.com/s?__biz=MzI1NTUzMjUzMQ==&mid=2247483727&idx=1&sn=aadacf8866fdb5b6ce3d49649560eb9a&scene=0#wechat_redirect
https://mp.weixin.qq.com/s?__biz=MzI1NTUzMjUzMQ==&mid=2247483727&idx=1&sn=aadacf8866fdb5b6ce3d49649560eb9a&scene=0#wechat_redirect
教你如何使用分组密码对shellcode中的windows api字符串进行加密
http://www.4hou.com/info/news/7070.html
http://www.4hou.com/info/news/7070.html
一文总览数据科学全景:定律、算法、问题类型
https://mp.weixin.qq.com/s?__biz=MzI1MjQ2OTQ3Ng==&mid=2247485560&idx=1&sn=a6c71429c463263170489e895c52223d&scene=0#wechat_redirect
https://mp.weixin.qq.com/s?__biz=MzI1MjQ2OTQ3Ng==&mid=2247485560&idx=1&sn=a6c71429c463263170489e895c52223d&scene=0#wechat_redirect
利用WinDbg和wscript.exe分析JavaScript脚本
http://www.4hou.com/technology/7261.html
http://www.4hou.com/technology/7261.html
tornado: All in one MITM tool
https://github.com/rebellionil/tornado
https://github.com/rebellionil/tornado
Exploring Windows virtual memory management
http://www.triplefault.io/2017/08/exploring-windows-virtual-memory.html
http://www.triplefault.io/2017/08/exploring-windows-virtual-memory.html
-----微信ID:SecWiki-----
SecWiki,12年来一直专注安全技术资讯分析!
SecWiki:https://www.sec-wiki.com本期原文地址: SecWiki周刊(第181期)
