SecWiki周刊(第237期)
2018/09/10-2018/09/16
安全资讯
卡巴斯基:2017 H2~2018 H1僵尸网络下载文件的统计分析
https://mp.weixin.qq.com/s/Wr8C4QMsdEJkzsK3j79ZGw
https://mp.weixin.qq.com/s/Wr8C4QMsdEJkzsK3j79ZGw
卡巴斯基-2017年企业信息系统安全评估报告
https://mp.weixin.qq.com/s/RgfhogkYtWO225MI7zSzlQ
https://mp.weixin.qq.com/s/RgfhogkYtWO225MI7zSzlQ
聂君:十几年金融企业安全建设之路
https://mp.weixin.qq.com/s/blDNt4hvOKZJOJOskQwZKQ
https://mp.weixin.qq.com/s/blDNt4hvOKZJOJOskQwZKQ
成都市关于加快推进网络信息安全产业体系建设发展的意见
http://gk.chengdu.gov.cn/govInfoPub/detail.action?id=101480&tn=6
http://gk.chengdu.gov.cn/govInfoPub/detail.action?id=101480&tn=6
安全技术
Android平台间谍软件BusyGasper分析
https://mp.weixin.qq.com/s/gkELP2C_Uftyca4hT5rEow
https://mp.weixin.qq.com/s/gkELP2C_Uftyca4hT5rEow
IoT时代LLVM编译器防护的艺术
https://www.kiwisec.com/news/detail/5b987d94db30c341099f2600.html
https://www.kiwisec.com/news/detail/5b987d94db30c341099f2600.html
TP-Link wr886nv7-V1.1.0 路由器分析 - VxWorks cmd命令行获取及使用方法
https://mp.weixin.qq.com/s/6q3zAaS4jV_Mw3qvgtngBw
https://mp.weixin.qq.com/s/6q3zAaS4jV_Mw3qvgtngBw
利用动态二进制加密实现新型一句话木马之Java篇
https://xz.aliyun.com/t/2744
https://xz.aliyun.com/t/2744
osquery-attck: Mapping the MITRE ATT&CK Matrix with Osquery
https://github.com/teoseller/osquery-attck
https://github.com/teoseller/osquery-attck
菜刀HTTP流量中转代理过WAF
https://xz.aliyun.com/t/2739
https://xz.aliyun.com/t/2739
Sploitus-Exploits & Tools Search Engine
https://sploitus.com/
https://sploitus.com/
sqlmap 内核分析 II: 核心原理-页面相似度算法实践
https://zhuanlan.zhihu.com/p/44157153
https://zhuanlan.zhihu.com/p/44157153
ThinkPHP v5.1.22版本SQL注入漏洞分析
https://nosec.org/home/detail/1821.html
https://nosec.org/home/detail/1821.html
威胁猎杀实战(一):平台
https://www.secpulse.com/archives/75387.html
https://www.secpulse.com/archives/75387.html
Pacu:一款全面的AWS渗透测试框架
http://www.freebuf.com/sectool/182928.html
http://www.freebuf.com/sectool/182928.html
关于ECShop前台注入和getshell漏洞的一些思考
https://xz.aliyun.com/t/2725
https://xz.aliyun.com/t/2725
TTLScan: 一款插件化的漏洞扫描器框架
https://github.com/tiaotiaolong/TTLScan
https://github.com/tiaotiaolong/TTLScan
Magecart 组织是如何入侵英国航空公司
https://nosec.org/home/detail/1820.html
https://nosec.org/home/detail/1820.html
WhatWaf: Detect and bypass web application firewalls and protection systems
https://github.com/Ekultek/WhatWaf
https://github.com/Ekultek/WhatWaf
趋势macOS全家桶隐私窃取分析
https://www.anquanke.com/post/id/159696
https://www.anquanke.com/post/id/159696
metasploit-adduser-analysis
https://www.doyler.net/security-not-included/metasploit-adduser-analysis
https://www.doyler.net/security-not-included/metasploit-adduser-analysis
使用Golang打造一款自己的手工盲注辅助工具
http://www.freebuf.com/sectool/183646.html
http://www.freebuf.com/sectool/183646.html
一文了解Kaggle的开源数据集
https://mp.weixin.qq.com/s/5hf7z-VSgK3PszK0TSFOIQ
https://mp.weixin.qq.com/s/5hf7z-VSgK3PszK0TSFOIQ
破解手机QQ聊天记录内容八个问题
https://mp.weixin.qq.com/s/XPeM95rpzPbVqRnDG01PiQ
https://mp.weixin.qq.com/s/XPeM95rpzPbVqRnDG01PiQ
blockwell.ai 虚假转账 事件分析
https://lorexxar.cn/2018/09/14/blockwell/
https://lorexxar.cn/2018/09/14/blockwell/
代码审计之某汽车网源码
https://xz.aliyun.com/t/2730
https://xz.aliyun.com/t/2730
Jackson反序列化漏洞简介(四): 防御和检测方式
http://www.leadroyal.cn/?p=633
http://www.leadroyal.cn/?p=633
SANS Blue Team Wiki
https://wiki.sans.blue/#!index.md
https://wiki.sans.blue/#!index.md
Fbot, A Satori Related Botnet Using Block-chain DNS System
https://blog.netlab.360.com/threat-alert-a-new-worm-fbot-cleaning-adbminer-is-using-a-blockchain-based-dns-en/
https://blog.netlab.360.com/threat-alert-a-new-worm-fbot-cleaning-adbminer-is-using-a-blockchain-based-dns-en/
SecWiki周刊(第236期)
https://www.sec-wiki.com/weekly/236
https://www.sec-wiki.com/weekly/236
reversing-malware-in-a-custom-format-hidden-bee-elements
https://blog.malwarebytes.com/threat-analysis/2018/08/reversing-malware-in-a-custom-format-hidden-bee-elements/
https://blog.malwarebytes.com/threat-analysis/2018/08/reversing-malware-in-a-custom-format-hidden-bee-elements/
Webshell 监控检测策略初探
https://mp.weixin.qq.com/s/7TuUqdleZc5xbZG5Xh3f3Q
https://mp.weixin.qq.com/s/7TuUqdleZc5xbZG5Xh3f3Q
Jackson反序列化漏洞简介(三): JsonTypeInfo的用途
http://www.leadroyal.cn/?p=630
http://www.leadroyal.cn/?p=630
我是这样黑进你Node.js生产服务器的
https://zhuanlan.zhihu.com/p/43514079
https://zhuanlan.zhihu.com/p/43514079
ctf-walkthrough-hacken-cup-2018
https://medium.com/@ehsahil/ctf-walkthrough-hacken-cup-2018-1b48b0fd96c
https://medium.com/@ehsahil/ctf-walkthrough-hacken-cup-2018-1b48b0fd96c
2018-noxCTF-Web 解析
https://www.anquanke.com/post/id/159378
https://www.anquanke.com/post/id/159378
APT10 Targeting Japanese Corporations Using Updated TTPs
https://www.fireeye.com/blog/threat-research/2018/09/apt10-targeting-japanese-corporations-using-updated-ttps.html
https://www.fireeye.com/blog/threat-research/2018/09/apt10-targeting-japanese-corporations-using-updated-ttps.html
基于时延的盲道研究:受限环境下的内容回传信道
http://www.freebuf.com/vuls/183636.html
http://www.freebuf.com/vuls/183636.html
智能合约安全性问题CheckList
http://www.freebuf.com/vuls/183357.html
http://www.freebuf.com/vuls/183357.html
使用深度学习的方法对恶意web内容进行快速检测
https://mp.weixin.qq.com/s/EmEofhgwr2ze93W7Q8yB7Q
https://mp.weixin.qq.com/s/EmEofhgwr2ze93W7Q8yB7Q
针对工控恶意代码TRISIS的技术分析
http://www.antiy.com/response/20180911.html
http://www.antiy.com/response/20180911.html
RAID 2018 论文录用列表
https://mp.weixin.qq.com/s/h6IOChIPMAolTqTNFjA0aQ
https://mp.weixin.qq.com/s/h6IOChIPMAolTqTNFjA0aQ
比CMD更强大的命令行:WMIC后渗透利用(系统命令)
http://www.freebuf.com/articles/system/182531.html
http://www.freebuf.com/articles/system/182531.html
Silence:针对银行的APT攻击
https://xz.aliyun.com/t/2722
https://xz.aliyun.com/t/2722
数字货币交易所 安全白皮书
http://www.helmbc.io/html/white/whitebook.pdf
http://www.helmbc.io/html/white/whitebook.pdf
msft-word-bug-bypass-security
https://homjxi0e.wordpress.com/2018/08/30/msft-word-bug-bypass-security/
https://homjxi0e.wordpress.com/2018/08/30/msft-word-bug-bypass-security/
中文点选验证码之自动识别
http://www.freebuf.com/articles/web/182975.html
http://www.freebuf.com/articles/web/182975.html
-----微信ID:SecWiki-----
SecWiki,12年来一直专注安全技术资讯分析!
SecWiki:https://www.sec-wiki.com本期原文地址: SecWiki周刊(第237期)
