SecWiki周刊(第234期)
2018/08/20-2018/08/26
安全资讯
[取证分析]  Chinese Cyberespionage Originating From Tsinghua University Infrastructure
https://www.recordedfuture.com/chinese-cyberespionage-operations/
[新闻]  第四届GoSSIP安全暑期学校小记
https://zhuanlan.zhihu.com/p/42121989
[新闻]  千名西澳大利亚公务员用 password123 作为密码
https://www.solidot.org/story?sid=57701
[新闻]  2018年上半年短视频行业黑灰产研究报告
https://www.aqniu.com/tools-tech/37590.html
[人物]  黑客情报官-薛锋
https://mp.weixin.qq.com/s/iYdOJYCky3_8OGUNysgE3Q
[法规]  最全面的大数据安全领域标准法规
https://mp.weixin.qq.com/s/Lpr8BJ-tUsjfJ0xuYOL_gw
[人物]  安恒张百川:藏剑入怀的网路游侠
https://mp.weixin.qq.com/s/yNwRk7W30refX234DKmI6Q
[新闻]  阿里成立数据安全研究院 对抗黑灰产
https://tech.sina.com.cn/i/2018-08-21/doc-ihhzsnea2555066.shtml
安全技术
[Web安全]  Struts2最新RCE漏洞S2-057(CVE-2018-11776)
https://nosec.org/home/detail/1755.html
[Web安全]  ueGetshell.py: ueditor .net getshell漏洞检测工具
https://github.com/theLSA/ueditor-getshell
[运维安全]  OpenSSH用户枚举漏洞:一探究竟
https://xz.aliyun.com/t/2623
[Web安全]  Pocsuite与Osprey(鱼鹰)框架解析
https://x.hacking8.com/?post=265
[漏洞分析]  UEditor编辑器两个版本任意文件上传漏洞分析
http://www.freebuf.com/vuls/181814.html
[漏洞分析]  2018 网鼎杯 教育组 Pwn Babyheap 题解
https://xz.aliyun.com/t/2609
[Web安全]  burpsuite 2.0 beta 发布
https://portswigger.net/blog/burp-suite-2-0-beta-now-available
[Web安全]  漏洞聚焦:CVE-2016-5072
https://xz.aliyun.com/t/2638
[运维安全]  沙箱逃逸 - Microsoft Office在MacOS上的应用
https://xz.aliyun.com/t/2600
[比赛]  2018网鼎杯-第二场-writeup
https://xz.aliyun.com/t/2614
[漏洞分析]  ColdFusion再爆远程代码执行漏洞 CVE-2018-4939
https://xz.aliyun.com/t/2604
[取证分析]  T-Pot 蜜罐的介绍及使用
https://imlonghao.com/53.html
[Web安全]   Remote Code Execution Vulnerability in Apache Struts (CVE-2018-11776)
https://semmle.com/news/apache-struts-CVE-2018-11776
[比赛]  Web选手的AWD后渗透指南
http://momomoxiaoxi.com/ctf/2018/08/21/AWDbackdoor/
[Web安全]  看我如何在30分钟内获得homebrew仓库的访问权限
https://xz.aliyun.com/t/2628
[Web安全]  Struts 2漏洞(CVE-2018-11776/S2-057)及可能攻击向量
https://www.anquanke.com/post/id/157397
[漏洞分析]  通过Unquoted service Path进行Windows提权
https://xz.aliyun.com/t/2606
[Web安全]  Web CTF CheatSheet
https://github.com/w181496/Web-CTF-Cheatsheet
[移动安全]  Every iOS security guide
https://github.com/0xmachos/iOS-Security-Guides
[Web安全]  Cobaltstrike和Armitage联动
http://www.freebuf.com/sectool/180395.html
[Web安全]  Metinfo新版本6.1.0存在多个漏洞
https://nosec.org/home/detail/1740.html
[运维安全]  董祎铖:建立企业安全应急响应“急救箱”
http://www.freebuf.com/articles/es/181260.html
[取证分析]  服务器入侵溯源小技巧整理
https://mp.weixin.qq.com/s/A1tPlv8YpSr6w-zvUxxxxg
[数据挖掘]  机器学习在Windows RDP版本和后门检测上的应用
https://www.anquanke.com/post/id/157175
[Web安全]  wam: Web App Monitor 应用更新细节监控
https://github.com/knownsec/wam?from=timeline
[Web安全]  CVE-2018-11776: How to find 5 RCEs in Apache Struts with Semmle QL
https://lgtm.com/blog/apache_struts_CVE-2018-11776
[Web安全]  GraphQL安全指北
https://www.anquanke.com/post/id/156930
[其它]  GodGame漏洞原理以及黑客攻击手法分析
https://nosec.org/home/detail/1759.html
[漏洞分析]  UEditor .net版本 getshell
https://www.jianshu.com/p/6dae608b617c
[漏洞分析]  近年APT组织常用的攻击漏洞
http://www.freebuf.com/vuls/175280.html
[文档]  2018网络安全生态峰会区块链安全分论坛PPT
https://bcsec.org/index/detail/id/251/tag/2
[Web安全]  记一次博客被日的分析过程
https://bbs.ichunqiu.com/thread-44743-1-1.html?from=sec
[漏洞分析]  反序列化工具链的自动发掘
http://www.arkteam.net/?p=4031
[恶意分析]  流量劫持与盗号
https://weibo.com/ttarticle/p/show?id=2309404276135318958600
[Web安全]  于bugku中游荡意外得到关于CBC翻转攻击思路
https://bbs.ichunqiu.com/thread-44579-1-1.html?from=sec
[漏洞分析]  深入了解Json Web Token之实战篇
http://www.freebuf.com/articles/web/181261.html
[恶意分析]  EvilOSX:一款功能强大的macOS远程管理工具(RAT)
http://www.freebuf.com/sectool/180668.html
[Web安全]  {黑掉这个盒子} \\ FluxCapacitor Write-Up
https://bbs.ichunqiu.com/thread-44534-1-1.html?from=sec
[漏洞分析]  Windows下反反调试技术汇总
http://www.freebuf.com/articles/others-articles/181085.html
[比赛]  2018WhiteHat-web-复盘
https://xz.aliyun.com/t/2599
[取证分析]  威胁情报闭环—如何得到有用的情报然后追踪攻击者
https://zhuanlan.zhihu.com/p/42903832
[Web安全]  DOM XSS的三种常见案例介绍
http://www.4hou.com/technology/13217.html
[恶意分析]  匿名网络概述(Darknet)
https://www.findhao.net/easycoding/1803
[编程技术]  API自动化测试
http://kekefund.com/2018/07/15/api-test/
[数据挖掘]  一文带你读懂特征工程
https://mp.weixin.qq.com/s/PRkSXjBdknX3yeBIzBAgOQ
[运维安全]  企业数据安全建设的经历与实践
https://mp.weixin.qq.com/s/ItvWWhC0iYOpG6nQ3WPfvg
[漏洞分析]  Remote Code Execution on a Facebook server
https://blog.scrt.ch/2018/08/24/remote-code-execution-on-a-facebook-server/
[设备安全]   13万Mikrotik设备被植入CoinHive挖矿代码
https://nosec.org/home/detail/1748.html
[杂志]  SecWiki周刊(第233期)
https://www.sec-wiki.com/weekly/233
[Web安全]  [SecTrans-2]Stored XSS on Facebook
https://mp.weixin.qq.com/s/XHPnys5Iyyi9tm02fVrOTQ
[无线安全]  LimeSDR 上手指南
https://future-sec.com/Limesdr-introduce.html
[其它]  arbitrary-unsigned-code-execution-vector-in-microsoft-workflow-compiler-exe
https://posts.specterops.io/arbitrary-unsigned-code-execution-vector-in-microsoft-workflow-compiler-exe-3d9294bc5efb
[恶意分析]  利用ML&AI判定未知恶意程序
http://www.4hou.com/technology/13181.html
[论文]  InForSec区块链安全研讨会成功召开
https://mp.weixin.qq.com/s/t_HjrMeiVpfGS4m49HOllQ
[文档]  rapid7 threat report 2018-q2
https://www.rapid7.com/globalassets/_pdfs/research/rapid7-threat-report-2018-q2.pdf
[观点]  零信任安全的4W1H
https://mp.weixin.qq.com/s/yBzdo9qHacTajQFNpmjvpQ
[数据挖掘]  机器学习的数学基础
https://mp.weixin.qq.com/s/Cm-DNNLMqgcp_DJqUeM-Tw
[Web安全]  浅析xml之xinclude & xslt
https://www.anquanke.com/post/id/156227
[其它]  reversing-and-patching-net-binaries-with-embedded-references
https://insinuator.net/2018/04/reversing-and-patching-net-binaries-with-embedded-references/
-----微信ID:SecWiki-----
SecWiki,12年来一直专注安全技术资讯分析!
SecWiki:https://www.sec-wiki.com

本期原文地址: SecWiki周刊(第234期)