SecWiki周刊(第219期)
2018/05/07-2018/05/13
安全资讯
[人物]  黑客蒸米:一个大V的生活意见
https://mp.weixin.qq.com/s/AwhvVEAMtWUl65_8bN54iQ
[新闻]  2017年网络安全公司营业收入排行
https://mp.weixin.qq.com/s/OaMoKelLkkElNUcxJyL2-Q
[新闻]  从到乌克兰电网到德国钢厂:攻击工控系统五大真实案例
http://www.aqniu.com/news-views/33857.html
安全技术
[Web安全]  一起玩蛇-Nodejs代码审计中的器
https://mp.weixin.qq.com/s/97whUiR5v0URQ7QT0CQ6bg
[文档]  xKungfoo 2018 信息安全交流大会 PPT下载
http://www.4hou.com/info/news/11370.html
[Web安全]  RCE with spring-security-oauth2 分析-CVE-2018-1260
https://xz.aliyun.com/t/2330
[Web安全]  CVE-2018-1260|Spring-security-oauth2远程命令执行
https://mp.weixin.qq.com/s/g2d34avm-H_nhBqQFUF7hw
[工具]  改机工具在黑灰产中的应用
https://mp.weixin.qq.com/s/53VwKco-DcHIcBb62dk50A
[恶意分析]  The-Axer:一款自动化地用 msfvenom 生成 payload 的工具
https://github.com/ceh-tn/The-Axer
[恶意分析]  VirusShare Malware Collection: A-Z 恶意样本数据集
https://archive.org/details/virusshare_malware_collection_aaa
[恶意分析]  JavaScript 恶意代码样本收集仓库
https://github.com/HynekPetrak/javascript-malware-collection
[取证分析]  Logpara: 一个对常见的Web日志进行解析处理的粗糙DEMO
https://github.com/0xa-saline/Logpara
[恶意分析]  DarkHotel APT团伙新近活动的样本分析
https://mp.weixin.qq.com/s/LC_udciIifrJBt-abuEUaA
[运维安全]  docker-security: docker 安全基线规范
https://github.com/Kutim/docker-security
[恶意分析]  RansomwareDetector 勒索软件检测工具
https://github.com/remyLucas/RansomwareDetector
[运维安全]  初探新版 Elasticsearch 中的强悍插件 X-pack
https://mp.weixin.qq.com/s/2SFJUFgb_e3cKP6eOKS4jw
[Web安全]  struts2 命令/代码执行漏洞分析系列 S2-003和S3-005
https://xz.aliyun.com/t/2323
[恶意分析]  Malware Analysis Tools
http://malwareanalysis.tools/
[Web安全]  渗透测试实战-BSides靶机入侵
https://www.anquanke.com/post/id/113020
[恶意分析]  Study: Attack on KrebsOnSecurity Cost IoT Device Owners $323K
https://krebsonsecurity.com/2018/05/study-attack-on-krebsonsecurity-cost-iot-device-owners-323k/
[Web安全]  $4500 Bounty — How I got lucky
https://medium.com/bugbountywriteup/4500-bounty-how-i-got-lucky-99d8bc933f75
[恶意分析]  一个Linux平台的门罗币挖矿木马的查杀与分析
http://www.freebuf.com/articles/system/170211.html
[运维安全]  GoKu-API-Gateway:悟空API网关开源版
https://github.com/eolinker/GoKu-API-Gateway
[比赛]  Defcon China 靶场题 - 内网渗透Writeup
http://www.cnblogs.com/iamstudy/articles/2018_defcon_china_pentest_writeup.html
[Web安全]  Bug-Project-Framework: 漏洞利用框架模块分享仓库
https://github.com/Fplyth0ner-Combie/Bug-Project-Framework
[恶意分析]  GPON 漏洞的在野利用(一)—muhstik 僵尸网络
http://blog.netlab.360.com/gpon-exploit-in-the-wild-i-muhstik-botnet-among-others/
[其它]  Blue Team fundamentals Part Two: Windows Processes.
https://securitybytes.io/blue-team-fundamentals-part-two-windows-processes-759fe15965e2
[Web安全]  PHP 一句话木马检测绕过研究
https://mp.weixin.qq.com/s/LytVSOt81UpRyetMh6twnw
[Web安全]  PeDoll开源及使用教程
https://bbs.ichunqiu.com/thread-39930-1-1.html?from=sec
[Web安全]  Unsafe Unzip with spring-integration-zip 分析-CVE-2018-1261
https://xz.aliyun.com/t/2334
[漏洞分析]  图文教程:无限刷BEC币与漏洞分析(多图预警)
https://mp.weixin.qq.com/s/CLq9jkHon8QJgO_rnBA9Yw
[Web安全]  Google YOLO
https://blog.innerht.ml/google-yolo/
[运维安全]  2017中国企业邮箱安全性研究报告
https://mp.weixin.qq.com/s/1My9bwN2BLbCwcqEIP-xeA
[取证分析]  使用hashcat破解加密office文件
https://evi1cg.me/archives/hashcat_crack_office.html
[漏洞分析]  CVE-2017-14322 登录认证绕过分析
https://mp.weixin.qq.com/s/GWdKiwWf8Eiy5ee8B-D5Dw
[工具]  ShellPop:generate easy and sofisticated reverse or bind shell commands
https://github.com/0x00-0x00/ShellPop
[Web安全]  如何滥用DCOM实现横向渗透
https://www.anquanke.com/post/id/107097
[漏洞分析]  禁用import的情况下绕过python沙箱
https://www.anquanke.com/post/id/107000
[工具]  Python exploit for Remote Code Executuion on GPON home routers (CVE-2018-10562).
https://github.com/f3d0x0/GPON
[其它]  区块链安全分析报告
https://bcsec.org/
[Web安全]  Bypass ngx_lua_waf SQL注入防御(多姿势)
https://mp.weixin.qq.com/s/tOf66FGINaO9oVv2pDcxcQ
[Web安全]  Burp Suite API学习思路
https://bbs.ichunqiu.com/thread-40003-1-1.html?from=sec
[其它]  Off the Chain: Observing Bitcoin Nodes on the Public Internet
https://www.rapid7.com/globalassets/_pdfs/research/rapid7-block-chain-research-report.pdf
[杂志]  SecWiki周刊(第218期)
https://www.sec-wiki.com/weekly/218
[Web安全]  手机验证码常见漏洞总结
https://mp.weixin.qq.com/s/jtJl2GFacMyRCQsBUiTVSA
[Web安全]  suPHP安全那点事儿
https://mp.weixin.qq.com/s/mTHmagQaRttUrYLVtCzVTA
[恶意分析]  Hiding Metasploit Shellcode to Evade Windows Defender
https://blog.rapid7.com/2018/05/03/hiding-metasploit-shellcode-to-evade-windows-defender/?from=timeline
[运维安全]  JPCERT/CC漏洞协调与披露指南(中文版)
http://www.shuziguanxing.com/guide.pdf
[运维安全]  Yearning: 基于Inception的可视化Web端SQL审核平台
https://github.com/cookieY/Yearning
[取证分析]  linux_information: 自动化收集linux信息
https://github.com/l3m0n/linux_information
[恶意分析]  Analyzing Large Capture Files Part 1 – Colorizing Conversations in Wireshark
http://chrissanders.org/2018/05/large-captures1-colorizing-wireshark/
[取证分析]  python-iocextract: Advanced Indicator of Compromise (IOC) extractor
https://github.com/InQuest/python-iocextract
[取证分析]  情报分析之图片挖掘
https://mp.weixin.qq.com/s/ZG5d_Hs7W3mQ0xgGI4YgDA
[Web安全]  如何用Powershell PE注入弹你一脸计算器
https://bbs.ichunqiu.com/thread-39788-1-1.html?from=sec
[恶意分析]  GPON Home Gateway 远程命令执行漏洞被利用情况
https://paper.seebug.org/595/
-----微信ID:SecWiki-----
SecWiki,12年来一直专注安全技术资讯分析!
SecWiki:https://www.sec-wiki.com

本期原文地址: SecWiki周刊(第219期)