SecWiki周刊(第190期)
2017/10/16-2017/10/22
安全资讯
[新闻]  ATM机即将沦陷,地下黑市正在出售ATM恶意软件
http://www.4hou.com/info/news/8042.html
[无线安全]  WPA2加密协议已被破解!你还敢用WiFi吗?
http://www.4hou.com/info/news/8018.html
[新闻]  十九大报告中有关网安和信息化事业的内容
https://mp.weixin.qq.com/s/DEKQ8zSFNXHrnhkhSmtmYw
[新闻]  上市网络安全公司2017年三季度业绩预告
https://mp.weixin.qq.com/s/pd-9DCm-sCouRftXshY99A
[新闻]  WPA2 协议漏洞让 Wi-Fi 流量能被攻击者监听
http://www.solidot.org/story?sid=54135
[新闻]  UEBA能够检测的七大类安全风险
https://mp.weixin.qq.com/s/okdYuSCbASLrtESh5KNO1A
安全技术
[Web安全]  XSS常见Paylaod分析-1
https://zhuanlan.zhihu.com/p/30346946
[Web安全]  两款防火墙的注入绕过姿势
https://secvul.com/topics/876.html
[Web安全]   Windows命令执行漏洞利用总结
https://evi1cg.me/archives/remote_exec.html
[Web安全]  Broken Link Hijacking - How expired links can be exploited.
https://edoverflow.com/2017/broken-link-hijacking/
[其它]  信息安全领域有哪些非常棒的资源
http://bar.freebuf.com/comment/9775
[比赛]  2017世安杯CTF writeup详解
http://www.freebuf.com/articles/rookie/150129.html
[漏洞分析]  符号执行:利用Angr进行简单CTF逆向分析
http://www.freebuf.com/articles/web/150296.html
[恶意分析]  机器学习&数据分析在Web日志分析中的实践
http://blog.nsfocus.net/ml-data-web-logs-analysis/
[运维安全]  利用Mimikatz和Powersploit导出证书与绕过杀毒软件
https://insinuator.net/2017/10/extract-non-exportable-certificates-and-evade-anti-virus-with-mimikatz-and-powersploit/
[会议]  Qcon2017上海「直击黑产」专题回顾
http://www.freebuf.com/fevents/151169.html
[其它]  信息安全实习和校招的面经、真题和资料
https://github.com/SecYouth/sec-jobs
[漏洞分析]  海洋CMS(SEACMS)v6.55执行任意代码漏洞及其补丁绕过方法
http://blog.jowto.com/?p=278
[无线安全]  SGX侧信道攻击综述
http://www.freebuf.com/articles/system/149551.html
[会议]  FreeTalk深圳站看点回顾(附PPT下载)
http://www.freebuf.com/fevents/150894.html
[Web安全]  XSS测试备忘录
http://momomoxiaoxi.com/2017/10/10/XSS/
[Web安全]  蜜罐与内网安全从0到1(三)
https://sosly.me/index.php/2017/10/15/jymiguan3/
[移动安全]  iOS 应用安全分析工具 Passionfruit
https://zhuanlan.zhihu.com/p/29761306
[漏洞分析]  lucky-js-fuzz: 开源jsfuzzer
https://github.com/blastxiang/lucky-js-fuzz
[数据挖掘]  实时监控1000家中国企业的新闻动态
https://github.com/NolanZhao/news_feed
[Web安全]  PHP+Mysql注入防护与绕过
http://mp.weixin.qq.com/s/qwSS3d9H3_l6LXPheGdAZw
[Web安全]  WebUSB:一个网页是如何从你的手机中盗窃数据的(含PoC)
http://www.freebuf.com/articles/web/150335.html
[杂志]  SecWiki周刊(第189期)
https://www.sec-wiki.com/weekly/189
[运维安全]  一款简单的Github信息泄露爬虫
http://www.freebuf.com/articles/web/150638.html
[Web安全]   Poet:一款功能强大的后渗透工具
http://www.freebuf.com/sectool/150461.html
[漏洞分析]  代码审计之gxlcms
http://foreversong.cn/archives/736
[取证分析]  使用威胁情报追踪攻击者—Part 3 使用威胁情报调查攻击者
https://zhuanlan.zhihu.com/p/30197024?group_id=903658683733594112
[编程技术]  Nmap插件编写之MySQL入库
http://www.freebuf.com/articles/network/150613.html
[工具]  subjack: Hostile Subdomain Takeover tool written in Go
https://github.com/haccer/subjack
[漏洞分析]  IE 11浏览器0day漏洞(CVE-2015-2425)UAF分析
http://www.freebuf.com/vuls/151019.html
[数据挖掘]  Aktaion - 用于研究 Exploit 和钓鱼检测的开源机器学习工具和样本
https://github.com/jzadeh/Aktaion
[比赛]  HACK.LU CTF 2017 Web Write-up
http://momomoxiaoxi.com/2017/10/19/hackluCTF/
[Web安全]  Java反序列化漏洞从理解到实践
http://www.freebuf.com/articles/web/149931.html
[恶意分析]  IoT_reaper : 一个正在快速扩张的新 IoT 僵尸网络
http://blog.netlab.360.com/iot-reaper-a-quick-summary-of-a-rapid-spreading-new-iot-botnet/
[运维安全]  B站日志系统的前世今生
https://mp.weixin.qq.com/s/onrBwQ0vyLJYWD_FRnNjEg
[工具]  Blazy: a modern login brute forcer, CSRF, Clickjacking, Cloudflare and WAF
https://github.com/UltimateHackers/Blazy
[取证分析]  使用威胁情报追踪攻击者-Part 2 高级威胁事件分析与防御矩阵
https://zhuanlan.zhihu.com/p/30160133?group_id=903290560648015872
[工具]  awesome-yara: A curated list of awesome YARA rules, tools, and people
https://github.com/InQuest/awesome-yara
[Web安全]  代码审计|变量覆盖漏洞
https://bbs.ichunqiu.com/thread-28103-1-1.html?from=sec
[文档]  OSINTforPenTests 渗透者的开源情报搜集
https://github.com/g-solaria/OSINTforPenTests/blob/master/OSINTforPenTests.pdf
[运维安全]  基于Openresty实现业务安全防护
http://www.freebuf.com/vuls/150571.html
[运维安全]  互联网企业安全建设之路规划篇
https://xianzhi.aliyun.com/forum/read/2233.html
[工具]  MIDA-Multitool: 脚本集合(系统枚举,漏洞验证,权限提升)
https://github.com/NullArray/MIDA-Multitool
[恶意分析]  Assemblyline-开源的恶意程序分析工具
https://bitbucket.org/cse-assemblyline/assemblyline/src
[设备安全]  实战Teensy烧录渗透测试U盘
http://www.freebuf.com/sectool/150367.html
[其它]  网络空间靶场能力建设·技术沙龙
https://mp.weixin.qq.com/s/YyGiYORwk78SKRk_oLe0Xg
[恶意分析]  用Sysmon进行威胁狩猎:发现具有宏的Word文档
http://www.4hou.com/web/8084.html
[Web安全]  关于 JNDI 注入
https://mp.weixin.qq.com/s/YeskekfkHhHH4kA-02W7Yg
[论文]  RAID 2017 论文列表(Research in Attacks, Intrusions, and Defense)
https://link.springer.com/book/10.1007/978-3-319-66332-6
[漏洞分析]  How i found an SSRF in Yahoo! Guesthouse (Recon Wins)
https://medium.com/@th3g3nt3l/how-i-found-an-ssrf-in-yahoo-guesthouse-recon-wins-8722672e41d4
[恶意分析]  Typical bank trojan reversed (detailed) [PDF]
http://www.blackstormsecurity.com/docs/FOAATTB.pdf
[Web安全]  Wiping Out CSRF – Joe Rozner – Medium
https://medium.com/@jrozner/wiping-out-csrf-ded97ae7e83f
[恶意分析]  BlackOasis APT and new targeted attacks leveraging zero-day exploit
https://securelist.com/blackoasis-apt-and-new-targeted-attacks-leveraging-zero-day-exploit/82732/
[其它]  The Cyber Vault Project | National Security Archive
http://nsarchive.gwu.edu/project/cyber-vault-project
[工具]  nsearch: minimal script to help find script into the nse database
https://github.com/JKO/nsearch
[漏洞分析]  如何利用Chrome扩展执行恶意操作
http://www.4hou.com/web/7996.html
[恶意分析]  Pandora’s Box: Auditing for DDoS Vulnerabilities, Part II
https://blog.radware.com/security/2017/10/auditing-ddos-vulnerabilities-2/
[工具]  open-redirect-scanner: open redirect subdomains scanner
https://github.com/ak1t4/open-redirect-scanner
[漏洞分析]  SAP_vulnerabilities: DoS exploits for SAP products
https://github.com/vah13/SAP_vulnerabilities
[工具]  专治复制粘贴癌症患者的Pastejacking
http://www.4hou.com/web/8005.html
[恶意分析]  BlackOasis APT 和利用 0day 漏洞的新目标攻击
https://paper.seebug.org/418/
[移动安全]  Hacking Bluetooth Smart Locks - workshop
https://smartlockpicking.com/slides/BruCON0x09_2017_Hacking_Bluetooth_Smart_locks.pdf
[恶意分析]  如何用一种最简单的方式分析恶意软件
http://www.4hou.com/web/8053.html
安全专题
20类252个顶级侦探必备查询网址汇总
https://www.sec-wiki.com/topic/79
-----微信ID:SecWiki-----
SecWiki,12年来一直专注安全技术资讯分析!
SecWiki:https://www.sec-wiki.com

本期原文地址: SecWiki周刊(第190期)