SecWiki周刊(第213期)
2018/03/26-2018/04/01
安全资讯
[人物]  从抄书到开源之巅:章亦春的程序人生
https://mp.weixin.qq.com/s/moyoJd1EnNziRPQgHbNXRw
[新闻]  2018 RSA 相关信息梳理
https://mp.weixin.qq.com/s/cH6_AWMXRNOoAm_lruF7SQ
[新闻]  WebRTC bug 泄漏 VPN 用户的真实 IP
https://www.solidot.org/story?sid=55977&from=timeline
[新闻]  NSF3000万美元推动计算和信息科学领域前沿变革研究
https://mp.weixin.qq.com/s/WQ1JKpiYhe9-jb0RPsScIA
安全技术
[Web安全]  利用最新Apache解析漏洞(CVE-2017-15715)绕过上传黑名单
https://www.leavesongs.com/PENETRATION/apache-cve-2017-15715-vulnerability.html
[Web安全]  SpringBoot应用监控Actuator使用的安全隐患
https://xz.aliyun.com/t/2233
[会议]  Black Hat Asia 2018 slides
https://www.blackhat.com/asia-18/briefings.html
[设备安全]  7块钱的BadUSB
https://mp.weixin.qq.com/s/mIcRNcf5HmZ4axe8N92S7Q
[运维安全]  宜信漏洞管理平台-洞察
https://mp.weixin.qq.com/s/24V5nJ47ZyAAYTU78mjgvg
[Web安全]  Exploiting Browser Extensions & Context Menus
https://harleo.me/blog/exploiting-browser-extensions-context-menus
[Web安全]  Cowrie Honeypot Analysis
https://hackertarget.com/cowrie-honeypot-analysis-24hrs/
[比赛]  强网杯出题思路-solid_core-HijackPrctl
https://bbs.pediy.com/thread-225488.htm
[恶意分析]  摩诃草APT组织针对我国敏感机构最新的网络攻击活动分析
https://mp.weixin.qq.com/s/hJvDqIuBZgd2_xua4suy0w
[移动安全]  Android Studio 3.0.1 编写 Xposed 插件入门记录
https://zhuanlan.zhihu.com/p/35003478
[恶意分析]  8291端口告警事件简报
http://blog.netlab.360.com/quick-summary-port-8291-scan-cn/
[移动安全]  Adhrit:open source Android APK reversing and analysis tool
https://github.com/abhi-r3v0/Adhrit/
[恶意分析]  Powershell+dnscat2实现DNS隐蔽隧道反弹Shell,和检测方法
https://mp.weixin.qq.com/s/5mDhzuGC2WEc8bdIjRg94w
[运维安全]  DBScanner: 自动扫描内网常数据库脚本未授权访问及常规弱口令检测
https://github.com/se55i0n/DBScanner
[Web安全]  GitStack <= 2.3.10 远程命令执行漏洞分析-CVE-2018-5955
https://xz.aliyun.com/t/2235
[数据挖掘]   通俗、有逻辑的写一篇说下Xgboost的原理
https://blog.csdn.net/github_38414650/article/details/76061893
[比赛]  强网杯“彩蛋”—Shiro 1.2.4(SHIRO-550)漏洞之发散性思考
https://blog.zsxsoft.com/post/35
[运维安全]  The phenomenon of smart contract honeypots
https://medium.com/@gerhard.wagner/the-phenomena-of-smart-contract-honeypots-755c1f943f7b
[数据挖掘]  基于概念知识图谱的短文本理解
https://mp.weixin.qq.com/s/avf72hYVq4WBJ63G6wlORA
[比赛]  第二届强网杯Web Writeup
https://www.anquanke.com/post/id/103213
[漏洞分析]  Exploiting Jolokia Agent with Java EE Servers
https://mp.weixin.qq.com/s/blpFK0oigTGtI_eVJxEL0w
[Web安全]  MIPCMS V3.1.0 远程写入配置文件Getshell过程分析(附批量getshell脚本)
https://bbs.ichunqiu.com/thread-36511-1-1.html?from=sec
[文档]  following the trace of WMI Backdoors & other nastiness
https://www.eideon.com/2018-03-02-THL03-WMIBackdoors/
[比赛]  QWB-2018 Web partial solutions
https://mp.weixin.qq.com/s/xEBr7JxbSTt11oiBsgc3uw
[观点]  第二届强网杯中应用的一种反作弊新思路
http://www.freebuf.com/column/166714.html
[运维安全]  饿了么在ELasticsearch自动化运维平台和监控平台的应用实践
https://elasticsearch.cn/slides/109?
[设备安全]  Threat Landscape for Industrial Automation Systems in H2 2017
https://ics-cert.kaspersky.com/reports/2018/03/26/threat-landscape-for-industrial-automation-systems-in-h2-2017/
[漏洞分析]  逆向分析以太坊智能合约
https://www.anquanke.com/post/id/101979
[文档]  Binary學習終極指南
https://diabolo94.github.io/2017/12/10/utimatebinary/
[Web安全]  密码破解全能工具:Hashcat密码破解攻略
http://www.freebuf.com/sectool/164507.html
[漏洞分析]  Breaking the unbreakable voting machine! Bluefrost Ekoparty Stack Overflow Chall
https://medium.com/@alex91ar/breaking-the-unbreakable-voting-machine-bluefrost-ekoparty-stack-overflow-challenge-1d6f4a255efe
[编程技术]  PHP-FPM源码分析
https://github.com/owenliang/php-fpm-code-analysis
[Web安全]  Python is the best language-Writeup
https://xianzhi.aliyun.com/forum/topic/2219
[Web安全]  #BugBounty — Rewarded by securing vulnerabilities in Bookmyshow (India’s largest
https://medium.com/@logicbomb_1/bugbounty-rewarded-by-securing-vulnerabilities-in-bookmyshow-indias-largest-online-movie-bb81dba9b82
[Web安全]  Amazon's AWS Misconfiguration: Arbitrary Files Upload in Amazon Go
https://rhinosecuritylabs.com/aws/amazon-aws-misconfiguration-amazon-go/
[取证分析]  Exploring the opportunities and limitations of Threat Intelligence Platforms
https://www.enisa.europa.eu/publications/exploring-the-opportunities-and-limitations-of-current-threat-intelligence-platforms
[Web安全]  Jolokia JNDI Injection&XXE Vulnerability分析复现
http://www.polaris-lab.com/index.php/archives/493/
[移动安全]  Prevent bypassing of SSL certificate pinning in iOS applications
https://www.guardsquare.com/en/blog/iOS-SSL-certificate-pinning-bypassing
[Web安全]  #BugBounty — API keys leakage, Source code disclosure in India’s largest e-comme
https://medium.com/bugbountywriteup/bugbounty-api-keys-leakage-source-code-disclosure-in-indias-largest-e-commerce-health-care-c75967392c7e
[漏洞分析]  你必须了解的漏洞利用缓解及对抗技术
https://zhuanlan.zhihu.com/p/24489276
[Web安全]  ezXSS:一款功能强大的XSS盲测工具
http://www.freebuf.com/sectool/165289.html
[设备安全]  BLE安全入门及实战
https://sec.xiaomi.com/article?id=14
[设备安全]  IoTInfographic
https://github.com/Xipiter/IoTInfographic
[漏洞分析]  Attack seam framework
https://xz.aliyun.com/t/2230
[Web安全]  攻防组网之----MikroTik软路由的配置和FUZZ
https://bbs.ichunqiu.com/thread-36817-1-1.html?from=sec
[移动安全]  Android 4.4 - Android 7.1 APP Vulnerability Benchmarks
https://bitbucket.org/secure-it-i/android-app-vulnerability-benchmarks/src/master/
[杂志]  SecWiki周刊(第212期)
https://www.sec-wiki.com/weekly/212
[漏洞分析]  容器镜像安全概述
http://blog.nsfocus.net/docker-mirror-security/
[运维安全]  Quickpost: Using Suricata on Windows
https://blog.didierstevens.com/2018/03/27/quickpost-using-suricata-on-windows/
[Web安全]  Tools to gather subdomains from Bug Bounty programs
https://github.com/bonkc/BugBountySubdomains
[Web安全]  老司机带你过常规WAF
https://www.anquanke.com/post/id/102852
[运维安全]  浅谈Linux系统MongoDB安全配置
https://mp.weixin.qq.com/s/j5NFI8oX-BC5waxLOl58aQ
[工具]  CryptoPot:Simple cryptocurrency mining honeypot
https://github.com/omergunal/CryptoPot
[Web安全]  Joomla内核SQL注入漏洞(CVE-2018-8045)分析
http://blog.nsfocus.net/cve-2018-804-analysis/
[Web安全]  Awesome XSS stuff
https://github.com/UltimateHackers/AwesomeXSS
[工具]  ScrapedIn:A tool to scrape LinkedIn without API restrictions for data reconnaiss
https://github.com/dchrastil/ScrapedIn
[恶意分析]  腾讯2017年度传销态势感知白皮书
https://slab.qq.com/news/authority/1745.html
[Web安全]  利用插件对Chrome进行UXSS
https://mp.weixin.qq.com/s/2uYgr1hNbP_lUBYVREM6vg
[Web安全]  客户端 session 导致的安全问题
https://www.leavesongs.com/PENETRATION/client-session-security.html
[恶意分析]  Who and What Is Coinhive?
https://krebsonsecurity.com/2018/03/who-and-what-is-coinhive/
[取证分析]  Signature Based Detection of User Events for PostMortem Forensic Analysis
https://arxiv.org/ftp/arxiv/papers/1302/1302.2395.pdf
[漏洞分析]  Open XML标签解析类漏洞分析思路
https://www.anquanke.com/post/id/103080
[Web安全]  Exploiting Facebook data for stealing your friends’ digital identities
https://medium.com/bugbountywriteup/exploiting-facebook-data-for-stealing-your-friends-digital-identities-68511ec2d21d
[Web安全]  Multi-stage Powershell script (Brownies)
https://dissectmalware.wordpress.com/2018/03/28/multi-stage-powershell-script/
[工具]  Go-deliver is a payload delivery tool coded in Go.
https://github.com/0x09AL/go-deliver
[Web安全]  利用恶意页面攻击本地Xdebug
https://xlab.tencent.com/cn/2018/03/30/pwn-local-xdebug/
[工具]  Exploring Cobalt Strike's ExternalC2 framework
https://blog.xpnsec.com/exploring-cobalt-strikes-externalc2-framework/
[工具]  How BloodHound's Session Collection Works
https://www.youtube.com/watch?v=q86VgM2Tafc
安全专题
APP安全在线检测系统
https://www.sec-wiki.com/topic/82
-----微信ID:SecWiki-----
SecWiki,12年来一直专注安全技术资讯分析!
SecWiki:https://www.sec-wiki.com

本期原文地址: SecWiki周刊(第213期)