SecWiki周刊(第217期)
2018/04/23-2018/04/29
安全资讯
[新闻]  
外卖送餐信息被指在网上售卖  点击率 775 
http://www.bjnews.com.cn/inside/2018/04/23/484211.html
[新闻]  
公安部关于印发《网络安全等级保护测评机构管理办法》的通知  点击率 683 
https://mp.weixin.qq.com/s/HVPSSB_QtWle7GjJhJT_Ww
[新闻]  
黑客组织 Orangeworm 针对全球医疗保健行业发起间谍活动  点击率 480 
https://mp.weixin.qq.com/s/DhQAdkeXRW-22UPgB5iR6A
[会议]  
XKungfoo 2018精彩回顾-Day1  点击率 471 
http://www.4hou.com/xactivity/11228.html
[恶意分析]  
恶意软件分析之—勒索即服务(Raas)  点击率 471 
http://www.4hou.com/typ/11186.html
[会议]  
XKungfoo 2018精彩回顾-Day2  点击率 447 
http://www.4hou.com/xactivity/11242.html
[取证分析]  
ThaiCERT Seizes Hidden Cobra Server Linked to GhostSecret, Sony Attacks   点击率 370 
https://threatpost.com/thaicert-seizes-hidden-cobra-server-linked-to-ghostsecret-sony-attacks/131498/
安全技术
[会议]  
2018首席安全官(CSO)国际高峰论坛(干货PPT下载)  点击率 661 
https://www.anquanke.com/post/id/106707
[Web安全]  
听说你内网渗透遇到困难?—MSF的NAT映射技巧  点击率 521 
https://bbs.ichunqiu.com/thread-39238-1-1.html?from=sec
[漏洞分析]  
ssrf漏洞学习与利用  点击率 462 
http://www.zerokeeper.com/web-security/ssrf-vulnerability-learning-and-utilization.html
[恶意分析]  
记某司Linux服务器入侵事件  点击率 424 
https://secvul.com/topics/1142.html
[漏洞分析]  
一行代码蒸发了¥6,447,277,680 人民币!  点击率 381 
https://zhuanlan.zhihu.com/p/35989258
[编程技术]  
巡风风险扫描系统的一些演变  点击率 373 
http://www.freebuf.com/sectool/168977.html
[比赛]  
渗透测试实战-BlackMarket靶机入侵  点击率 371 
https://www.anquanke.com/post/id/106855
[取证分析]  
构建高质量攻击指标的几条建议  点击率 361 
https://mp.weixin.qq.com/s/ZRiSi3bb-SkMc_54mWPgmw
[漏洞分析]  
Electron远程命令执行漏洞(CVE-2018-1000006)  点击率 358 
http://www.zerokeeper.com/vul-analysis/electron-remote-command-execution-vulnerability-cve20181000006.html
[Web安全]  
Hash Finder 在线查询工具(支持多种类型)  点击率 345 
http://finder.insidepro.team/
[Web安全]  
代码审计之任意文件读取漏洞实例  点击率 334 
https://mp.weixin.qq.com/s/JG1PuHXvtt9sXM1r26uQ9g
[Web安全]  
记Discuz!的一个绕过技巧  点击率 316 
https://secvul.com/topics/1165.html
[漏洞分析]  
Fireline: 360发布的一款免费静态代码分析工具  点击率 309 
http://magic.360.cn/zh/article_zh.html
[运维安全]  
Windows security audit events  点击率 302 
https://www.microsoft.com/en-us/download/details.aspx?id=50034
[运维安全]  
金融企业网络安全应急响应之基础篇  点击率 292 
https://mp.weixin.qq.com/s/Ug2vImj8wB1_kbXLGUmouQ
[Web安全]  
利用文件包含漏洞和图片一句话getshell  点击率 281 
https://xz.aliyun.com/t/2311
[漏洞分析]  
Go语言任意代码执行漏洞 CVE-2018-6574  点击率 275 
http://blog.nsfocus.net/cve-2018-6574/
[工具]  
windows10_ntfs_crash_dos:PoC for a NTFS crash that I discovered, in various Wind  点击率 274 
https://github.com/mtivadar/windows10_ntfs_crash_dos
[Web安全]  
cheetah-gui:基于字典的webshell密码爆破工具  点击率 273 
https://github.com/sunnyelf/cheetah-gui/blob/master/README_zh.md
[比赛]  
429线下赛write-up  点击率 271 
http://momomoxiaoxi.com/2018/04/27/4292018/
[漏洞分析]  
Drupal CVE-2018-7600 漏洞利用和攻击  点击率 267 
https://xz.aliyun.com/t/2312
[恶意分析]  
APT团伙(APT-C-01)新利用漏洞样本分析及关联挖掘  点击率 266 
https://mp.weixin.qq.com/s/Rj0diLq9w6qiyQSA-CJHGQ
[Web安全]  
PentesterLab新手教程(一):代码注入  点击率 266 
http://www.freebuf.com/sectool/168653.html
[运维安全]  
金融企业网络安全应急响应之技术篇  点击率 262 
https://mp.weixin.qq.com/s/W3_klh02SsMrRyH3UcYGNw
[Web安全]  
一次特殊场景下的鸡肋XSS  点击率 260 
https://secvul.com/topics/1159.html
[运维安全]  
DB_BaseLine: 数据库基线检查工具  点击率 257 
https://github.com/wstart/DB_BaseLine
[恶意分析]  
从 CVE-2016-0165 说起:分析、利用和检测(上)  点击率 256 
https://xiaodaozhi.com/exploit/32.html
[工具]  
HackBox is the combination of awesome techniques.  点击率 255 
https://github.com/samhaxr/hackbox
[Web安全]  
TrunPortForward: Web管理的、多节点、多端口、高度自定义定向转发工具  点击率 255 
https://github.com/cytvictor/TrunPortForward
[Web安全]  
DomLink:一款自动化的域发现工具  点击率 253 
http://www.freebuf.com/sectool/169734.html
[漏洞分析]  
A bunch of Red Pills: VMware Escapes  点击率 250 
https://keenlab.tencent.com/en/2018/04/23/A-bunch-of-Red-Pills-VMware-Escapes/
[设备安全]  
智能汽车安全研究报告  点击率 249 
https://www.computest.nl/wp-content/uploads/2018/04/connected-car-rapport.pdf
[Web安全]  
PentesterLab新手教程(二):XML注入  点击率 242 
http://www.freebuf.com/sectool/169122.html
[取证分析]  
STIX 2.0 示例剖析  点击率 240 
https://mp.weixin.qq.com/s/B88yOz9UWRm5WhWY6zAyUA
[运维安全]  
360:基于 AI 的网络运维  点击率 240 
https://mp.weixin.qq.com/s/1toUOKq_80pyM8AmCNb8Ww
[漏洞分析]  
Small mistakes lead to big problems  点击率 239 
http://k3research.outerhaven.de/posts/small-mistakes-lead-to-big-problems.html
[漏洞分析]  
Google Inbox spoofing vulnerability  点击率 236 
https://eligrey.com/blog/google-inbox-spoofing-vulnerability/
[Web安全]  
YY直播洗号产业链如何运作?戳进来看看!  点击率 233 
https://bbs.ichunqiu.com/thread-39419-1-1.html?from=sec
[漏洞分析]  
Infer:Facebook开源的一个静态分析工具  点击率 230 
https://infer.liaohuqiu.net/
[Web安全]  
基于Service Worker 的XSS攻击面拓展  点击率 224 
https://lorexxar.cn/2018/04/20/SW-xss/
[漏洞分析]  
谈escapeshellarg绕过与参数注入漏洞   点击率 223 
https://www.leavesongs.com/PENETRATION/escapeshellarg-and-parameter-injection.html
[Web安全]  
读取型CSRF-需要交互的内容劫持  点击率 221 
https://bbs.ichunqiu.com/thread-36314-1-1.html
[杂志]  
SecWiki周刊(第216期)  点击率 218 
https://www.sec-wiki.com/weekly/216
[恶意分析]  
Energetic Bear/Crouching Yeti: attacks on servers  点击率 210 
https://securelist.com/energetic-bear-crouching-yeti/85345/
[Web安全]  
关于Powershell对抗安全软件  点击率 207 
https://micropoor.blogspot.jp/2018/04/powershell.html
[恶意分析]  
CVE-2017–11882 RTF  点击率 204 
https://medium.com/@__fastcall/cve-2017-11882-rtf-44d671dc0fce
[Web安全]  
Subdomain enumeration  点击率 200 
http://10degres.net/subdomain-enumeration/
[工具]  
TDL:Driver loader for bypassing Windows x64 Driver Signature Enforcement  点击率 200 
https://github.com/hfiref0x/TDL
[恶意分析]  
GravityRAT - The Two-Year Evolution Of An APT Targeting India  点击率 199 
https://blog.talosintelligence.com/2018/04/gravityrat-two-year-evolution-of-apt.html
[比赛]  
DDCTF 2018 逆向 baby_mips Writeup   点击率 199 
https://blog.formsec.cn/2018/04/29/DDCTF-2018-%e9%80%86%e5%90%91-baby-mips-Writeup/
[移动安全]  
Bypassing Android Anti-Emulation, Part (I)  点击率 195 
http://www.juanurs.com/Bypassing-Android-Anti-Emulation-Part-I/
[Web安全]  
Stored XSS in Yahoo!  点击率 193 
https://steemit.com/bugbounty/@theshahzada/stored-xss-in-yahoo
[Web安全]  
Exploiting misconfigured CORS Null Origin  点击率 189 
https://www.soffensive.com/2018/04/exploiting-misconfigured-cors-null.html
[数据挖掘]  
机器学习之垃圾信息过滤  点击率 182 
http://www.freebuf.com/articles/network/168850.html
[恶意分析]  
Debugging Windows Services For Malware Analysis / Reverse Engineering  点击率 180 
https://secrary.com/Random/WindowsServiceDebugging/
[Web安全]  
JWT common pitfalls, attacks, and mitigations  点击率 179 
https://auth0.com/blog/a-look-at-the-latest-draft-for-jwt-bcp/
[运维安全]  
用Apache mod_rewrite来保护你的Empire C2  点击率 179 
https://www.anquanke.com/post/id/104784
[数据挖掘]  
第二届阿里云安全算法挑战赛 MJ_3DSUN 队解题方法  点击率 178 
https://github.com/frank6696/tianchi-aliyun-security-competition
[Web安全]  
毕业设计之php RASP(三) 收尾  点击率 178 
http://www.cnblogs.com/iamstudy/articles/php_code_rasp_3.html
[恶意分析]  
Summary of APT33 MD5  点击率 177 
https://pastebin.com/uGUF4SHJ
[漏洞分析]  
为何 shadowsocks 要弃用一次性验证 (OTA)  点击率 175 
https://blessing.studio/why-do-shadowsocks-deprecate-ota/
[移动安全]  
Bypassing Android Anti-Emulation, Part (III)  点击率 173 
http://www.juanurs.com/Bypassing-Android-Anti-Emulation-Part-III/
[恶意分析]  
Uncovering Unknown Threats With Human-Readable Machine Learning  点击率 172 
https://blog.trendmicro.com/trendlabs-security-intelligence/uncovering-unknown-threats-with-human-readable-machine-learning/
[运维安全]  
Endpoint Isolation with the Windows Firewall  点击率 171 
https://medium.com/@cryps1s/endpoint-isolation-with-the-windows-firewall-462a795f4cfb
[Web安全]  
Linkedin Autofill Vulnerability  点击率 168 
https://amisafe.secops.in/linkedin-autofill-vulnerability/
[取证分析]  
揭秘第三方跟踪器是如何利用Facebook登录页面跟踪用户的  点击率 167 
http://www.4hou.com/technology/11208.html
[编程技术]  
picojs:A face detection library in 200 lines of JavaScript  点击率 166 
https://github.com/tehnokv/picojs
[漏洞分析]  
ShofEL2, a Tegra X1 and Nintendo Switch exploit  点击率 166 
https://fail0verflow.com/blog/2018/shofel2/
[取证分析]  
使用Apache mod_rewrite实现http流量分发  点击率 164 
https://mp.weixin.qq.com/s/SIFrdP-w3kvIhQGaAjhV-Q
[比赛]  
Reverse Engineering challenges  点击率 163 
about:blank
[漏洞分析]  
Jira-Scan: CVE-2017-9506 POC  点击率 162 
https://github.com/random-robbie/Jira-Scan
[恶意分析]  
TPLINK TLWR740N ROUTER REMOTE CODE EXECUTION  点击率 162 
https://www.fidusinfosec.com/a-curious-case-of-code-reuse-tplink-cve-2017-13772-v2
[运维安全]  
欧洲最严合规GDPR影响众多企业  点击率 157 
https://mp.weixin.qq.com/s/nEMHu33qfO8GvDqStpVVuQ
[比赛]  
格式化字符串hijack retaddr及三个白帽-pwnme_k0 writeup  点击率 156 
https://www.anquanke.com/post/id/105989
[设备安全]  
First glance on OS VRP by Huawei   点击率 156 
https://embedi.com/blog/first-glance-on-os-vrp-by-huawei/
[恶意分析]  
从 CVE-2016-0165 说起:分析、利用和检测(下)  点击率 154 
https://xiaodaozhi.com/exploit/56.html
[移动安全]  
Bypassing Android Anti-Emulation, Part (II)  点击率 154 
http://www.juanurs.com/Bypassing-Android-Anti-Emulation-Part-II/
[Web安全]  
DOM Based Cross-Site Scripting in Google VRView library  点击率 153 
http://blog.mindedsecurity.com/2018/04/dom-based-cross-site-scripting-in.html
[文档]  
establishing-a-baseline-for-remote-desktop-protocol  点击率 151 
https://www.fireeye.com/blog/threat-research/2018/04/establishing-a-baseline-for-remote-desktop-protocol.html
[恶意分析]  
毕业设计之php RASP(二) 威胁判断  点击率 149 
http://www.cnblogs.com/iamstudy/articles/php_code_rasp_2.html
[恶意分析]  
Loading Kernel Shellcode  点击率 147 
https://www.fireeye.com/blog/threat-research/2018/04/loading-kernel-shellcode.html
[移动安全]  
Frida-Python-Binding:Easy to use Frida python binding script  点击率 143 
https://github.com/Mind0xP/Frida-Python-Binding
[恶意分析]  
Interactive bindshell over HTTP   点击率 133 
http://blog.secu.dk/blog/Tunnels_in_a_hard_filtered_network/
[移动安全]  
Android Applications Reversing 101   点击率 133 
https://www.evilsocket.net/2017/04/27/Android-Applications-Reversing-101/
[运维安全]  
Red-Teaming-Toolkit: A collection of open source and commercial tools  点击率 130 
https://github.com/infosecn1nja/Red-Teaming-Toolkit
[其它]  
金融企业IT内控合规管理建设与实践  点击率 125 
https://mp.weixin.qq.com/s/vxvZAfXRqYDVmdqEXJfUUA
[取证分析]  
Gitmails: An information gathering tool to colect git commit emails  点击率 122 
https://github.com/giovanifss/Gitmails
[漏洞分析]  
HooToo TripMate Routers are Cute But Insecure  点击率 119 
http://blog.ioactive.com/2018/04/hootoo-tripmate-routers-are-cute-but.html
[恶意分析]  
从 CVE-2016-0165 说起:分析、利用和检测(中)  点击率 113 
https://xiaodaozhi.com/exploit/42.html
[取证分析]  
Integrating PRE-ATT&CK Techniques Into ATT&CK   点击率 107 
https://www.mitre.org/capabilities/cybersecurity/overview/cybersecurity-blog/integrating-pre-attck-techniques-into-attck
-----微信ID:SecWiki-----
SecWiki,5年来一直专注安全技术资讯分析!
SecWiki:https://www.sec-wiki.com

本期原文地址: SecWiki周刊(第217期)