SecWiki周刊(第262期)
2019/03/04-2019/03/10
安全资讯
[人物]  张颖:左手SIEM右手服装设计的美女博士
https://mp.weixin.qq.com/s/qSVjRnMu_Monu_6E2_gsmQ
[新闻]  2019年全球网络安全热词排行榜
https://mp.weixin.qq.com/s/agrm_Xgi1GJP3vmCiL4aVg
[新闻]  一图看懂网络安全执法检查
https://mp.weixin.qq.com/s/gAS2cFaWMUdY0s6sT6ZtHw
[新闻]  公安部“净网2018”专项行动取得显著成效
https://www.toutiao.com/i6665463916635619843
安全技术
[漏洞分析]  Linux SNMP NAT 模块越界内存读写漏洞(CVE-2019-9162)
https://www.exploit-db.com/exploits/46477?utm_source=dlvr.it&utm_medium=twitter
[工具]  jsproxy: 一个基于浏览器端 JS 实现的在线代理
https://github.com/EtherDream/jsproxy
[工具]  CVE-2018-8639-exp
https://github.com/ze0r/CVE-2018-8639-exp/
[运维安全]  using-docker-kubernetes-for-automating-appsec-and-osint-workflows
https://github.com/appsecco/using-docker-kubernetes-for-automating-appsec-and-osint-workflows
[运维安全]  k8s-security-dashboard: A security monitoring solution for Kubernetes
https://github.com/k8scop/k8s-security-dashboard
[其它]  WordPress <= 5.0 (CVE-2019-8942 & CVE-2019-8943) 远程代码执行漏洞 Exploit
https://gist.github.com/allyshka/f159c0b43f1374f87f2c3817d6401fd6
[恶意分析]  Quick Analysis of a Trickbot Sample with NSA's Ghidra SRE Framework
http://www.peppermalware.com/2019/03/quick-analysis-of-trickbot-sample-with.html
[编程技术]  FOFA爬虫大法——API的简单利用
https://nosec.org/home/detail/2302.html
[漏洞分析]  SMoTherSpectre PoC
https://github.com/HexHive/SMoTherSpectre
[漏洞分析]  Finding and exploiting CVE-2018–7445
https://medium.com/@maxi./finding-and-exploiting-cve-2018-7445-f3103f163cc1
[Web安全]  Cobalt Strike 证书修改
https://mp.weixin.qq.com/s/59Bj4qk-ClV2eqLu8SKniQ
[漏洞分析]  从补丁 DIFF 到 EXP:CVE-2019-0623 漏洞分析与利用
https://paper.seebug.org/832/
[移动安全]  3 XSS in ProtonMail for iOS – Vladimir Metnew – Medium
https://medium.com/@vladimirmetnew/3-xss-in-protonmail-for-ios-95f8e4b17054
[Web安全]  红队后渗透测试中的文件传输技巧
https://paper.seebug.org/834/?from=timeline
[工具]  Online Courses – Ghidra
http://ghidra.re/online-courses/
[工具]  chomp-scan: 用于简化Bug Bounty/Penetration Test探测阶段的工具脚本
https://github.com/SolomonSklash/chomp-scan
[恶意分析]  软件供应链安全威胁:从“奥创纪元”到“无限战争”
https://www.anquanke.com/post/id/172832
[取证分析]  威胁建模模型ATT&CK
http://blog.nsfocus.net/threat-modeling-model-attck/
[数据挖掘]  AI繁荣下的隐忧—Google Tensorflow安全风险剖析
https://mp.weixin.qq.com/s/rjcOK3A83oKHkpNgbm9Lbg
[运维安全]  kubernetes集群渗透测试
https://www.freebuf.com/news/196993.html
[Web安全]  Cookies 安全白皮书
https://www.netsparker.com/security-cookies-whitepaper/
[工具]  JsDbg: Debugging extensions for Microsoft Edge and Chromium-based browsers
https://github.com/MicrosoftEdge/JsDbg
[Web安全]  .NET高级代码审计(第一课)XmlSerializer反序列化漏洞
https://www.anquanke.com/post/id/172316
[恶意分析]  分析用Golang编写的新恶意软件
https://www.freebuf.com/articles/network/196498.html
[恶意分析]  GoBrut: A new GoLang Botnet
https://blog.yoroi.company/research/gobrut-a-new-golang-botnet/
[移动安全]  Setting up Frida Without Jailbreak on the Latest iOS 12.1.4 Device
https://blog.securityinnovation.com/frida
[恶意分析]  SectorD02 PowerShell Backdoor Analysis
https://threatrecon.nshc.net/2019/03/07/sectord02-powershell-backdoor-analysis/
[文档]  极验2018交互安全行业研究报告
https://www.freebuf.com/articles/paper/196652.html
[漏洞分析]  Automation in Exploit Generation with Exploit Templates
https://sean.heelan.io/2019/03/05/automation-in-exploit-generation-with-exploit-templates/
[恶意分析]  使用贝叶斯网络来识别0day攻击路径
http://www.arkteam.net/?p=4253
[比赛]  CTF顶级工具与资源
https://www.aqniu.com/learn/44310.html
[其它]  houjingyi233/CPU-vulnerabiility-collections
https://github.com/houjingyi233/CPU-vulnerabiility-collections
[取证分析]  Google Launches Backstory —Google的情报工具Backstory
https://thehackernews.com/2019/03/backstory-cybersecurity-software.html
[取证分析]  从零编写一个自己的蜜罐系统
https://www.freebuf.com/articles/es/196525.html
[数据挖掘]  基于机器学习的攻击检测(二)下-lstm实现
https://zhuanlan.zhihu.com/p/58732540
[工具]  LuWu: 红队基础设施自动化部署工具
https://github.com/360-A-Team/LuWu
[Web安全]  PHP7和PHP5在安全上的区别
https://www.freebuf.com/articles/web/197013.html
[数据挖掘]  基于机器学习的webshell检测(一)
https://zhuanlan.zhihu.com/p/58676764
[漏洞分析]  写在98篇漏洞分析之后
https://whereisk0shl.top/post/2019-03-09
[数据挖掘]  基于深度学习的webshell检测(二)
https://zhuanlan.zhihu.com/p/58683374
[取证分析]  电子取证最全清单
https://mp.weixin.qq.com/s/ES83wSU-WBrUONGjCN6jYw
[论文]  LEMNA:针对安全应用的深度学习黑盒解释模型
http://www.arkteam.net/?p=4264
[设备安全]  绿盟科技 2018物联网安全年报
http://blog.nsfocus.net/annual-report-internet-security-2018/
[Web安全]  探索CobaltStrike的External C2框架
https://xz.aliyun.com/t/4220
[Web安全]  SVG XLink SSRF fingerprinting libraries version – Arbaz Hussain – Medium
https://medium.com/@arbazhussain/svg-xlink-ssrf-fingerprinting-libraries-version-450ebecc2f3c
[Web安全]  dvantech WebAccess 访问控制权限配置不严导致的本地提权漏洞披露
https://www.thezdi.com/blog/2019/3/6/webaccess-uncontrol
[数据挖掘]  Data-Knowledge-Action: 企业安全数据分析入门
https://www.cdxy.me/?p=803
[数据挖掘]  中文公开聊天语料库
https://github.com/codemayq/chaotbot_corpus_Chinese
[Web安全]  渗透之权限维持杂谈
https://www.anquanke.com/post/id/171891
[其它]  Windows 漏洞利用辅助工具
https://github.com/bitsadmin/wesng
[工具]  stevenaldinger/decker: Declarative penetration testing orchestration framework
https://github.com/stevenaldinger/decker
[Web安全]  Great Scott! Timing Attack Demo for the Everyday Webdev
https://www.simplethread.com/great-scott-timing-attack-demo/
[Web安全]  Auditing GitHub Repo Wikis for Fun and Profit
https://www.smeegesec.com/2019/03/auditing-github-repo-wikis-for-fun-and.html
[设备安全]  从 Trezor 硬件加密钱包中提取钱包恢复种子的研究
http://colinoflynn.com/2019/03/glitching-trezor-using-emfi-through-the-enclosure/
[Web安全]  从php内核角度分析php弱类型
https://www.anquanke.com/post/id/171966
[设备安全]  一个威胁数万用户GPON家用路由器 的RCE
https://xz.aliyun.com/t/4242
[论文]  Abusing Web Browsers for Persistent and Stealthy Computation
https://mp.weixin.qq.com/s/bvQo-VHWdOEisR2adxx6yA
[观点]  技术层面看RSA的创新沙盒
https://mp.weixin.qq.com/s/1-yCu8dvp5GzOfK1i4LIhg
[工具]  SirepRAT: Remote Command Execution as SYSTEM on Windows IoT Core
https://github.com/SafeBreach-Labs/SirepRAT
[Web安全]  Facebook Messenger server random memory exposure through corrupted GIF image
https://www.vulnano.com/2019/03/facebook-messenger-server-random-memory.html
[恶意分析]  MacOS Malware Pedia
https://research.checkpoint.com/macos-malware-pedia/
[工具]  Automate discovering and dropping payloads on LAN Raspberry Pi's via ssh
https://github.com/BusesCanFly/rpi-hunter
[Web安全]  步步为营之游走于内网
https://mp.weixin.qq.com/s/xGYfxdp_TQmXiuWvC1sN-g
[工具]  femida: Automated blind-xss search for Burp Suite
https://github.com/wish-i-was/femida
[其它]  Python 开发的 metasploit payload 免杀工具
https://www.kitploit.com/2019/03/phantom-evasion-python-av-evasion-tool.html
[观点]  美国政略统筹下的网军军事战略
https://mp.weixin.qq.com/s/GMvs_YE5W_m532touUOgfg
[漏洞分析]  Ubuntu Linux中的特权提升漏洞Dirty Sock分析(含PoC)
https://www.freebuf.com/articles/system/195903.html
[Web安全]  代码审计实战思路之浅析PHPCMS
https://www.freebuf.com/articles/web/195737.html
[漏洞分析]  Part 1: Introduction to Exploit Development
https://www.fuzzysecurity.com/tutorials/expDev/1.html
[Web安全]  以太坊链审计报告之Clef审计报告
https://www.freebuf.com/articles/blockchain-articles/196822.html
[设备安全]  Don't worry about being locked with Loccess
https://www.eyeohtee.cheap/dont-worry-about-being-locked-with-loccess/
[数据挖掘]  基于机器学习的攻击检测(二)上-理解lstm
https://zhuanlan.zhihu.com/p/58725390
[数据挖掘]  采用NLP机器学习来进行自动化合规风险治理
http://blog.nsfocus.net/automated-compliance-risk-management-nlp-machine-learning/
[其它]  $100,000/year if you can solve this reverse engineering test
https://www.linkedin.com/pulse/100000year-you-can-solve-reverse-engineering-test-john-coates/
[编程技术]  Linux 内核漏洞利用开发实验项目
https://github.com/a13xp0p0v/kernel-hack-drill
[数据挖掘]  机器学习算法分析引擎助力安全威胁推理分析
http://blog.nsfocus.net/machine-learning-algorithms-analysis-engine-security-threat-reasoning/
[恶意分析]  Detecting Powershell Empire shenanigans with Sysinternals
https://holdmybeersecurity.com/2019/02/27/sysinternals-for-windows-incident-response/
[数据挖掘]  基于机器学习的攻击检测(一)
https://zhuanlan.zhihu.com/p/58689080
[文档]  SecWiki周刊(第261期)
https://www.sec-wiki.com/weekly/261
-----微信ID:SecWiki-----
SecWiki,12年来一直专注安全技术资讯分析!
SecWiki:https://www.sec-wiki.com

本期原文地址: SecWiki周刊(第262期)