SecWiki周刊(第197期)
2017/12/04-2017/12/10
安全资讯
2345联盟通过流氓软件推广挖矿工具, 众多用户电脑沦为“肉鸡”
http://www.freebuf.com/articles/terminal/155895.html
http://www.freebuf.com/articles/terminal/155895.html
手机访客系统团队被抓
http://www.solidot.org/story?sid=54760
http://www.solidot.org/story?sid=54760
关键信息基础设施安全等级保护技术框架研究
https://mp.weixin.qq.com/s/DCxfYFOEE6kOlX9KQJ3ahQ
https://mp.weixin.qq.com/s/DCxfYFOEE6kOlX9KQJ3ahQ
安全技术
Black Hat Europe 2017的PPT
https://www.blackhat.com/eu-17/briefings.html
https://www.blackhat.com/eu-17/briefings.html
安全分析和情报大会PPT
https://threatbook.cn/event/
https://threatbook.cn/event/
浅谈常规渗透瓶颈,实例发散思维突破
http://mp.weixin.qq.com/s/kiOAk2VfgkS51A_gwd23qw
http://mp.weixin.qq.com/s/kiOAk2VfgkS51A_gwd23qw
Android APP安全测试之敏感信息本地存储
http://mp.weixin.qq.com/s/vDIgYIlWnZ5FJUwy9Vs-lg
http://mp.weixin.qq.com/s/vDIgYIlWnZ5FJUwy9Vs-lg
搜集SRC信息中的“技术活儿”
http://mp.weixin.qq.com/s/juGoL1QlirhxwCjDZD3nfg
http://mp.weixin.qq.com/s/juGoL1QlirhxwCjDZD3nfg
ISCC 2017 GRD Web Writeup
http://foreversong.cn/archives/847
http://foreversong.cn/archives/847
SecBee: ZigBee security testing tool
https://github.com/Cognosec/SecBee
https://github.com/Cognosec/SecBee
cmsPoc-A CMS Exploit Framework
https://github.com/CHYbeta/cmsPoc/wiki/Scripts
https://github.com/CHYbeta/cmsPoc/wiki/Scripts
xsec-proxy-scanner: 一款速度超快、小巧的代理扫描器
https://github.com/netxfly/xsec-proxy-scanner
https://github.com/netxfly/xsec-proxy-scanner
基于神经网络的实体识别和关系抽取联合学习
https://mp.weixin.qq.com/s/AhoEzujMVUU-P7j5z_8sVQ
https://mp.weixin.qq.com/s/AhoEzujMVUU-P7j5z_8sVQ
使用sqlmap曲折渗透某服务器
https://bbs.ichunqiu.com/thread-29736-1-1.html?from=sec
https://bbs.ichunqiu.com/thread-29736-1-1.html?from=sec
S2-055漏洞环境搭建与分析 | xxlegend
http://xxlegend.com/2017/12/06/S2-055%E6%BC%8F%E6%B4%9E%E7%8E%AF%E5%A2%83%E6%90%AD%E5%BB%BA%E4%B8%8E%E5%88%86%E6%9E%90/
http://xxlegend.com/2017/12/06/S2-055%E6%BC%8F%E6%B4%9E%E7%8E%AF%E5%A2%83%E6%90%AD%E5%BB%BA%E4%B8%8E%E5%88%86%E6%9E%90/
nmap_vscan: nmap service and application detection (without nmap)
https://github.com/nixawk/nmap_vscan
https://github.com/nixawk/nmap_vscan
weibo-api: 免登陆获取新浪微博数据的Python库
https://github.com/yawuplus/weibo-api
https://github.com/yawuplus/weibo-api
TensorFlow自动识别验证码(一)
http://mp.weixin.qq.com/s/J9vjaoClzBbR4oigusNdpw
http://mp.weixin.qq.com/s/J9vjaoClzBbR4oigusNdpw
S2-045, S2-055 分析报告
https://github.com/SecureSkyTechnology/study-struts2-s2-054_055-jackson-cve-2017-7525_cve-2017-15095
https://github.com/SecureSkyTechnology/study-struts2-s2-054_055-jackson-cve-2017-7525_cve-2017-15095
Linux kernel 4.14 SLAB_FREELIST_HARDENED 简单分析
https://paper.seebug.org/470/
https://paper.seebug.org/470/
PHP Security Advent Calendar 2017 PHP挑战赛
https://www.ripstech.com/php-security-calendar-2017/
https://www.ripstech.com/php-security-calendar-2017/
对《cookie之困》的一些总结与思考
http://www.cnblogs.com/r00tuser/p/7993509.html
http://www.cnblogs.com/r00tuser/p/7993509.html
XLearning:一款支持多种机器学习、深度学习框架调度系统
https://github.com/Qihoo360/XLearning/blob/master/README_CN.md
https://github.com/Qihoo360/XLearning/blob/master/README_CN.md
scrapy+selenium爬取UC头条网站
http://kekefund.com/2017/12/06/scrapy-and-selenium/
http://kekefund.com/2017/12/06/scrapy-and-selenium/
渗透技巧——Windows系统的帐户隐藏
https://3gstudent.github.io/3gstudent.github.io/%E6%B8%97%E9%80%8F%E6%8A%80%E5%B7%A7-Windows%E7%B3%BB%E7%BB%9F%E7%9A%84%E5%B8%90%E6%88%B7%E9%9A%90%E8%97%8F/
https://3gstudent.github.io/3gstudent.github.io/%E6%B8%97%E9%80%8F%E6%8A%80%E5%B7%A7-Windows%E7%B3%BB%E7%BB%9F%E7%9A%84%E5%B8%90%E6%88%B7%E9%9A%90%E8%97%8F/
Android开发工具Apktool漏洞利用分析
https://security.tencent.com/index.php/blog/msg/122
https://security.tencent.com/index.php/blog/msg/122
PHP WebShell变形技术总结
http://www.freebuf.com/articles/web/155891.html#0-tsina-1-30825-397232819ff9a47a7b7e80a40613cfe1
http://www.freebuf.com/articles/web/155891.html#0-tsina-1-30825-397232819ff9a47a7b7e80a40613cfe1
基于AST抽象语法树的PowerShell代码混淆技术
http://www.4hou.com/penetration/9002.html
http://www.4hou.com/penetration/9002.html
花式窃取NetNTLM哈希的方法
https://paper.seebug.org/474/
https://paper.seebug.org/474/
深度剖析:手机指纹的马奇诺防线
https://paper.seebug.org/471/
https://paper.seebug.org/471/
【代码审计】之Cacti
http://mp.weixin.qq.com/s/6g5KBnjwlKJ3C-1cVYMpQg
http://mp.weixin.qq.com/s/6g5KBnjwlKJ3C-1cVYMpQg
CIA Vault7 RDB中的Windows后门利用方法分析
https://3gstudent.github.io/3gstudent.github.io/CIA-Vault7-RDB%E4%B8%AD%E7%9A%84Windows%E5%90%8E%E9%97%A8%E5%88%A9%E7%94%A8%E6%96%B9%E6%B3%95%E5%88%86%E6%9E%90/
https://3gstudent.github.io/3gstudent.github.io/CIA-Vault7-RDB%E4%B8%AD%E7%9A%84Windows%E5%90%8E%E9%97%A8%E5%88%A9%E7%94%A8%E6%96%B9%E6%B3%95%E5%88%86%E6%9E%90/
上网终端漏洞威胁情报报告
http://mp.weixin.qq.com/s/iHH0BR7UQh0ycBJONbgABw
http://mp.weixin.qq.com/s/iHH0BR7UQh0ycBJONbgABw
针对已知数据的信息挖掘
http://blog.nsfocus.net/web-mining/
http://blog.nsfocus.net/web-mining/
Methods to Bypass a Web Application Firewall
https://www.ptsecurity.com/upload/corporate/ww-en/download/PT-devteev-CC-WAF-ENG.pdf
https://www.ptsecurity.com/upload/corporate/ww-en/download/PT-devteev-CC-WAF-ENG.pdf
Detecting Lateral Movement through Tracking Event Logs (Version 2)
https://www.jpcert.or.jp/english/pub/sr/Detecting%20Lateral%20Movement%20through%20Tracking%20Event%20Logs_version2.pdf
https://www.jpcert.or.jp/english/pub/sr/Detecting%20Lateral%20Movement%20through%20Tracking%20Event%20Logs_version2.pdf
[PHP审计实战篇]XDCMS v2.0.8 SQL显错注入
https://bbs.ichunqiu.com/thread-30059-1-1.html?from=sec
https://bbs.ichunqiu.com/thread-30059-1-1.html?from=sec
非即时反馈策略与随机噪音在业务安全中的应用
http://mp.weixin.qq.com/s/gFXbO4CkG4ZWZvNp-xpARQ
http://mp.weixin.qq.com/s/gFXbO4CkG4ZWZvNp-xpARQ
一种全新的APP注册登录验证技术方案?
http://mp.weixin.qq.com/s/KALAL31QoC8s8bANKRgKcQ
http://mp.weixin.qq.com/s/KALAL31QoC8s8bANKRgKcQ
Owasp juice shop (二)
https://bbs.ichunqiu.com/thread-29958-1-1.html?from=sec
https://bbs.ichunqiu.com/thread-29958-1-1.html?from=sec
ics-attack-detection: Detection of Cyber Attacks with Zone Dividing and PCA
https://github.com/manikantareddyd/ics-attack-detection
https://github.com/manikantareddyd/ics-attack-detection
SecWiki周刊(第196期)
https://www.sec-wiki.com/weekly/196
https://www.sec-wiki.com/weekly/196
Delivering Security Insights with Data Analytics and Visualization
https://www.slideshare.net/zrlram/delivering-security-insights-with-data-analytics-and-visualization-83499852
https://www.slideshare.net/zrlram/delivering-security-insights-with-data-analytics-and-visualization-83499852
New Targeted Attack in the Middle East by APT34
https://www.fireeye.com/blog/threat-research/2017/12/targeted-attack-in-middle-east-by-apt34.html
https://www.fireeye.com/blog/threat-research/2017/12/targeted-attack-in-middle-east-by-apt34.html
Wordpress Keylogger事件分析
https://cert.360.cn/warning/detail?id=6c3e744f070dff4b88a5d15c5e46620e
https://cert.360.cn/warning/detail?id=6c3e744f070dff4b88a5d15c5e46620e
MySQL绕过WAF实战技巧
http://www.freebuf.com/articles/web/155570.html
http://www.freebuf.com/articles/web/155570.html
Thinking in Graphs: Exploring with Timesketch
https://medium.com/timesketch/thinking-in-graphs-exploring-with-timesketch-84b79aecd8a6
https://medium.com/timesketch/thinking-in-graphs-exploring-with-timesketch-84b79aecd8a6
Pwnhub会员日一题引发的思考
http://mp.weixin.qq.com/s/_4Du7aqTHNhS4OArfVGqvw
http://mp.weixin.qq.com/s/_4Du7aqTHNhS4OArfVGqvw
Designing Effective Covert Red Team Attack Infrastructure
https://posts.specterops.io/designing-effective-covert-red-team-attack-infrastructure-767d4289af43
https://posts.specterops.io/designing-effective-covert-red-team-attack-infrastructure-767d4289af43
用dnsmasq实现Data Retrive over DNS
https://story.tonylee.name/2016/06/21/yong-dnsmasqshi-xian-data-retrive-over-dns/
https://story.tonylee.name/2016/06/21/yong-dnsmasqshi-xian-data-retrive-over-dns/
利用Empire桥接Metasploit和ShadowBroker发布的FuzzBunch
https://story.tonylee.name/2017/05/05/li-yong-empireqiao-jie-metasploithe-shadowbrokerfa-bu-de-fuzzbunch/
https://story.tonylee.name/2017/05/05/li-yong-empireqiao-jie-metasploithe-shadowbrokerfa-bu-de-fuzzbunch/
-----微信ID:SecWiki-----
SecWiki,12年来一直专注安全技术资讯分析!
SecWiki:https://www.sec-wiki.com本期原文地址: SecWiki周刊(第197期)
