SecWiki周刊（第253期)

SecWiki周刊（第253期）

2018/12/31-2019/01/06

安全资讯

[新闻] 2018年网络安全大事记
https://mp.weixin.qq.com/s/YvlUX8Zjp9gfAtJ6YY27BA

[法规] 公安机关办理刑事案件电子数据取证规则
http://www.mps.gov.cn/n2254314/n2254409/n4904353/c6337154/content.html

[新闻] 2018安防监控、雪亮工程项目盘点
https://mp.weixin.qq.com/s/Sz8HguJ0X13nw4ajAhxOhg

安全技术

[其它] NSA/CSS Technical Cyber Threat Framework v2.2
https://www.nsa.gov/Portals/70/documents/what-we-do/cybersecurity/professional-resources/ctr-nsa-css-technical-cyber-threat-framework.pdf

[Web安全] 关于Shiro反序列化漏洞的延伸—升级shiro也能被shell
https://mp.weixin.qq.com/s/NRx-rDBEFEbZYrfnRw2iDw

[漏洞分析] Guardzilla IoT Video Camera Hard-Coded Credentials (CVE-2018-5560)
https://www.0dayallday.org/guardzilla-video-camera-hard-coded-aws-credentials/

[恶意分析] dreadl0ck/netcap: A framework for secure and scalable network traffic analysis
https://github.com/dreadl0ck/netcap

[Web安全] JGillam/burp-paramalyzer: Paramalyzer
https://github.com/JGillam/burp-paramalyzer

[运维安全] ANSSI-FR/audit-radius: A RADIUS authentication server audit tool
https://github.com/ANSSI-FR/audit-radius

[其它] WeiboImageReverse: Chrome 插件，反查微博图片po主
https://github.com/fei-ke/WeiboImageReverse

[编程技术] Cryptography in Python Burp Extensions
https://parsiya.net/blog/2018-12-24-cryptography-in-python-burp-extensions/

[漏洞分析] 利用EXCEL进行XXE攻击
https://xz.aliyun.com/t/3741

[运维安全] github_dis: 一款精简版github信息泄露搜集工具
https://github.com/dongfangyuxiao/github_dis/

[漏洞分析] SpEL injection(译)
https://cryin.github.io/blog/SpEL%20injection/

[Web安全] SDL最初实践-安全培训
https://mp.weixin.qq.com/s/s2D513XseLpIyE2i0UOC8Q

[移动安全] Android SMS Stealer – Max Kersten
https://maxkersten.nl/binary-analysis-course/malware-analysis/android-sms-stealer/

[漏洞分析] 子域名接管：二阶漏洞利用
http://www.4hou.com/web/15504.html

[视频] 网易公开课：犯罪侦查科技
https://open.163.com/movie/2017/11/1/F/MD2P1B6R2_MD2P8LF1F.html

[恶意分析] 2018年全球十大APT攻击事件盘点
https://mp.weixin.qq.com/s/ja8eunPUaTqLj_smdABLTQ

[漏洞分析] Struts2-005远程代码执行漏洞分析
https://www.freebuf.com/vuls/193078.html

[漏洞分析] 项目推荐：awesome-browser-exploit
https://paper.seebug.org/780/

[Web安全] XML外部实体注入（XXE）漏洞学习资源及相关开源项目
https://nosec.org/home/detail/2139.html

[Web安全] SDL最初实践-开篇
https://mp.weixin.qq.com/s/tPzrWzZjRcfNZaHIa7JTWA

[恶意分析] 全球高级持续性威胁（APT）2018年总结报告
https://mp.weixin.qq.com/s/sSuTHTLfqAGfaBbopU8yEQ

[运维安全] 浅析商业银行数据安全保护体系建设思路
http://blog.nsfocus.net/brief-analysis-on-the-construction-of-data-security-protection-system-in-commercial-banks/

[数据挖掘] 网络空间测绘在网络国防中的重大意义和作用
https://mp.weixin.qq.com/s/TBmigl6-TTJNDzYCqlFc4w

[取证分析] Harpoon: an OSINT / Threat Intelligence tool
https://www.randhome.io/blog/2018/02/23/harpoon-an-osint-threat-intelligence-tool/

[运维安全] 中通内部安全通讯实践
https://xz.aliyun.com/t/3759

[设备安全] Expliot - Internet of Things Exploitation framework
https://gitlab.com/expliot_framework/expliot

[数据挖掘] 不解密识别恶意流量
http://www.4hou.com/web/14120.html

[漏洞分析] Etouch2.0 分析代码审计流程 (二) 前台SQL注入
https://www.anquanke.com/post/id/169152

[恶意分析] 2018年高级持续性威胁（APT）研究报告
https://mp.weixin.qq.com/s/F5hBw_pVithLlY6ixE0q-g

[Web安全] 后渗透之meterpreter使用攻略
https://pplsec.github.io/2018/08/06/%E5%90%8E%E6%B8%97%E9%80%8F%E4%B9%8Bmeterpreter%E4%BD%BF%E7%94%A8%E6%94%BB%E7%95%A5/

[论文] Cloud Strife: Mitigating the Security Risks of Domain-Validated Certificates
https://securitygossip.com/blog/2019/01/02/cloud-strife-mitigating-the-security-risks-of-domain-validated-certificates/

[Web安全] WAF绕过技术系列文章（二）
https://nosec.org/home/detail/2137.html

[恶意分析] Talos 2018年恶意软件追踪调查总结
http://www.4hou.com/info/observation/15463.html

[恶意分析] atmoner/nodeCrypto: Ransomware written in NodeJs
https://github.com/atmoner/nodeCrypto

[取证分析] OSINT Resources for 2019
https://xz.aliyun.com/t/3742

[比赛] 35c3CTF collection writeup
https://xz.aliyun.com/t/3747

[工具] patoolkit: a collection of traffic analysis plugins focused on security
https://github.com/pentesteracademy/patoolkit

[比赛] CTF取证方法总结
http://www.4hou.com/web/15206.html

[设备安全] 2018 年 IoT 那些事儿
https://paper.seebug.org/782/

[取证分析] 首个已知 UEFI Rootkit 与 Sednit APT 有关联
https://www.solidot.org/story?sid=59167

[Web安全] Reflected XSS on ws-na.amazon-adsystem.com(Amazon) – newp_th – Medium
https://medium.com/@newp_th/reflected-xss-on-ws-na-amazon-adsystem-com-amazon-f1e55f1d24cf

[漏洞分析] 区块链安全—经典溢出漏洞cve分析
https://xz.aliyun.com/t/3743

[数据挖掘] 基于QQ空间的说说数据的分析
https://www.jianshu.com/p/a5e1ca0c5204

[杂志] SecWiki周刊（第252期)
https://www.sec-wiki.com/weekly/252

[取证分析] osquery架构一览
https://blog.spoock.com/2018/12/29/osquery-under-the-hood/

[恶意分析] Targeted cyberattacks logbook: APT Overview
https://apt.securelist.com/#!/threats/

[观点] 从传统安全转行风控领域的心路历程，兼谈黑产和风控行业趋势
https://mp.weixin.qq.com/s/GWOjp1E2B4J0efUjFBnp8Q

[数据挖掘] 从Lucene到Elasticsearch:全文检索实战
http://www.bugs.cc/2018/12/30/reading-notes-from-lucene-to-elasticsearch-full-text-search/

[Web安全] PHP mt_rand安全杂谈及应用场景详解
https://www.freebuf.com/vuls/192012.html

[观点] 构建网络攻击响应框架的政治考量
https://mp.weixin.qq.com/s/iOq84kVblAW5a2mK2GDJwA

[漏洞分析] 菜鸟学代码审计：Xnuca2018-hardphp详细分析
https://www.freebuf.com/articles/rookie/193118.html

[观点] 信息新时代的软件新技术
https://mp.weixin.qq.com/s/cz-zjZw3rmFQ1o0w2ciHBQ

-----微信ID：SecWiki-----
SecWiki，12年来一直专注安全技术资讯分析！
SecWiki：https://www.sec-wiki.com

本期原文地址: SecWiki周刊(第253期)

SecWiki周刊（第253期）

最新公告

友情链接

SecWiki公众号

安全学术圈