SecWiki周刊(第263期)
2019/03/11-2019/03/17
安全资讯
中央网信办关于开展App安全认证工作的公告
http://gkml.samr.gov.cn/nsjg/rzjgs/201903/t20190315_292035.html?from=timeline&isappinstalled=0
http://gkml.samr.gov.cn/nsjg/rzjgs/201903/t20190315_292035.html?from=timeline&isappinstalled=0
肖力:从RSA2019看安全技术发展的十个机遇
https://mp.weixin.qq.com/s/2JsDvnAGz4d1w1dg0qvChA
https://mp.weixin.qq.com/s/2JsDvnAGz4d1w1dg0qvChA
安全技术
Apache Solr RCE POC(CVE-2019-0192)
https://github.com/mpgn/CVE-2019-0192/
https://github.com/mpgn/CVE-2019-0192/
威胁建模模型ATT&CK
https://www.aqniu.com/vendor/44748.html
https://www.aqniu.com/vendor/44748.html
暗网黑产交易中dark jargons(黑话)的检测与理解
https://mp.weixin.qq.com/s/WD6A7Y9-4bPSysEm9QeXjg
https://mp.weixin.qq.com/s/WD6A7Y9-4bPSysEm9QeXjg
Nessus_to_report: Nessus中文报告自动化脚本
https://github.com/Bypass007/Nessus_to_report
https://github.com/Bypass007/Nessus_to_report
董祎铖:态势感知从入坑到重生
https://mp.weixin.qq.com/s/vxQpnWKBYxzM4aZ3kFw4UA
https://mp.weixin.qq.com/s/vxQpnWKBYxzM4aZ3kFw4UA
红蓝对抗-大型互联网企业安全蓝军建设
https://kingx.me/Thinking-about-Red-Teaming.html
https://kingx.me/Thinking-about-Red-Teaming.html
WinRAR远程代码执行漏洞结合Metasploit+Ngrok实现远程上线
https://www.freebuf.com/articles/network/197025.html
https://www.freebuf.com/articles/network/197025.html
Goscan:一款功能强大的交互式网络扫描工具
https://www.freebuf.com/sectool/196849.html
https://www.freebuf.com/sectool/196849.html
Attack Spring Boot Actuator via jolokia Part 1
https://lucifaer.com/2019/03/11/Attack%20Spring%20Boot%20Actuator%20via%20jolokia%20Part%201/
https://lucifaer.com/2019/03/11/Attack%20Spring%20Boot%20Actuator%20via%20jolokia%20Part%201/
StackStorm - From Originull to RCE - CVE-2019-9580
https://quitten.github.io/StackStorm/
https://quitten.github.io/StackStorm/
使用Keras和Tensorflow检测恶意URL请求
https://mp.weixin.qq.com/s/DCtKYK3Xw_pbdNCUF593Lg
https://mp.weixin.qq.com/s/DCtKYK3Xw_pbdNCUF593Lg
NAVEX->Precise and Scalable Exploit Generation for Dynamic Web Applications
http://zeroyu.xyz/2019/03/11/NAVEX-Precise-and-Scalable-Exploit-Generation-for-Dynamic-Web-Applications/
http://zeroyu.xyz/2019/03/11/NAVEX-Precise-and-Scalable-Exploit-Generation-for-Dynamic-Web-Applications/
优秀 Windows 内核漏洞利用方向资源收集
https://github.com/ExpLife0011/awesome-windows-kernel-security-development/blob/master/README.md
https://github.com/ExpLife0011/awesome-windows-kernel-security-development/blob/master/README.md
Metinfo利用sql注入快速getshell
https://nosec.org/home/detail/2324.html
https://nosec.org/home/detail/2324.html
MSRC 成员对 Microsoft bug bounty 的介绍、如何 ' 润色 ' 报告及获得更高的奖金
https://github.com/JarekMSFT/Presentations/blob/master/Getting%20to%2010K_Nullcon2019.pdf
https://github.com/JarekMSFT/Presentations/blob/master/Getting%20to%2010K_Nullcon2019.pdf
用大数据扒一扒蔡徐坤的真假流量粉
https://mp.weixin.qq.com/s/j1kgf2RR7jssbWa7uWC-uA
https://mp.weixin.qq.com/s/j1kgf2RR7jssbWa7uWC-uA
通过 libFuzzer 对 Janus 进行 fuzzing
https://webrtchacks.com/fuzzing-janus/
https://webrtchacks.com/fuzzing-janus/
Stepper: A natural evolution of Burp Suite's Repeater tool
https://github.com/CoreyD97/Stepper
https://github.com/CoreyD97/Stepper
中通内网安全之外发流量管理
https://mp.weixin.qq.com/s/inANTt-97Rjfr6Rf5lJ07A
https://mp.weixin.qq.com/s/inANTt-97Rjfr6Rf5lJ07A
旧树开新花—再谈GitHub监控
https://security.tencent.com/index.php/blog/msg/132
https://security.tencent.com/index.php/blog/msg/132
.NET高级代码审计(第二课) Json.Net反序列化漏洞
https://www.anquanke.com/post/id/172920
https://www.anquanke.com/post/id/172920
firecracker:Secure and fast microVMs for serverless computing
https://github.com/firecracker-microvm/firecracker
https://github.com/firecracker-microvm/firecracker
对小米Mi Band 2的破解
https://www.4hou.com/reverse/16759.html
https://www.4hou.com/reverse/16759.html
clustering-and-associating-attacker-activity-at-scale
https://www.fireeye.com/blog/threat-research/2019/03/clustering-and-associating-attacker-activity-at-scale.html
https://www.fireeye.com/blog/threat-research/2019/03/clustering-and-associating-attacker-activity-at-scale.html
绕过 WAF 的 XSS 检测机制研究
https://github.com/s0md3v/MyPapers/tree/master/Bypassing-XSS-detection-mechanisms
https://github.com/s0md3v/MyPapers/tree/master/Bypassing-XSS-detection-mechanisms
Kubernetes安全入门
https://xz.aliyun.com/t/4276
https://xz.aliyun.com/t/4276
如何利用汽车警报器去攻击300多万辆汽车
https://nosec.org/home/detail/2329.html
https://nosec.org/home/detail/2329.html
some-crypto-challenges-author-writeup-from-bsidessf-ctf
https://blog.skullsecurity.org/2019/some-crypto-challenges-author-writeup-from-bsidessf-ctf
https://blog.skullsecurity.org/2019/some-crypto-challenges-author-writeup-from-bsidessf-ctf
采用NLP机器学习来进行自动化合规风险治理
https://www.aqniu.com/vendor/44785.html
https://www.aqniu.com/vendor/44785.html
orangeworm-group-kwampirs-analysis-update
https://www.securityartwork.es/2019/03/13/orangeworm-group-kwampirs-analysis-update/
https://www.securityartwork.es/2019/03/13/orangeworm-group-kwampirs-analysis-update/
Android逆向之旅—最右App的签名算法解析(ARM指令学习喜欢篇)
http://www.520monkey.com/archives/1319
http://www.520monkey.com/archives/1319
SecWiki周刊(第262期)
https://www.sec-wiki.com/weekly/262
https://www.sec-wiki.com/weekly/262
劫持 Chrome 会话以绕过多因素认证
https://ijustwannared.team/2019/03/11/browser-pivot-for-chrome/
https://ijustwannared.team/2019/03/11/browser-pivot-for-chrome/
XSS in Limited Input Formats
https://brutelogic.com.br/blog/xss-limited-input-formats/
https://brutelogic.com.br/blog/xss-limited-input-formats/
利用WebSocket跨站劫持(CSWH)漏洞接管帐户
https://nosec.org/home/detail/2335.html
https://nosec.org/home/detail/2335.html
windows-object-case-sensitivity
https://tyranidslair.blogspot.com/2019/03/windows-object-case-sensitivity.html
https://tyranidslair.blogspot.com/2019/03/windows-object-case-sensitivity.html
如何进行对 Xiaomi MiBand 2 的攻击
https://hakin9.org/how-i-hacked-my-xiaomi-miband-2-fitness-tracker%e2%80%8a-%e2%80%8aa-step-by-step-linux-guide-by-andrey-nikishaev/
https://hakin9.org/how-i-hacked-my-xiaomi-miband-2-fitness-tracker%e2%80%8a-%e2%80%8aa-step-by-step-linux-guide-by-andrey-nikishaev/
堡垒机的自动化功能实践-2
https://mp.weixin.qq.com/s/sAQV0NEdIf05ofIxcIp-zg
https://mp.weixin.qq.com/s/sAQV0NEdIf05ofIxcIp-zg
堡垒机的自动化功能实践-3
https://mp.weixin.qq.com/s/kRiIZSsKo0Hjtxu-6B6M8w
https://mp.weixin.qq.com/s/kRiIZSsKo0Hjtxu-6B6M8w
Writing a Password Protected Reverse Shell (Linux/x64)
https://medium.com/@0x0FFB347/writing-a-password-protected-reverse-shell-linux-x64-5f4d3a28d91a
https://medium.com/@0x0FFB347/writing-a-password-protected-reverse-shell-linux-x64-5f4d3a28d91a
堡垒机的自动化功能实践-4
https://mp.weixin.qq.com/s/zRPENsWRrL3s9fdUQUC1Dw
https://mp.weixin.qq.com/s/zRPENsWRrL3s9fdUQUC1Dw
Sysmon configuration and scripts
https://github.com/0xpwntester/Sysmon
https://github.com/0xpwntester/Sysmon
软件供应链安全威胁:从“奥创纪元”到“无限战争”
https://www.freebuf.com/articles/network/197574.html
https://www.freebuf.com/articles/network/197574.html
Escalating SSRF to RCE
https://generaleg0x01.com/2019/03/10/escalating-ssrf-to-rce/
https://generaleg0x01.com/2019/03/10/escalating-ssrf-to-rce/
CarHackingTools: Install and Configure Common Car Hacking Tools.
https://github.com/jgamblin/CarHackingTools
https://github.com/jgamblin/CarHackingTools
Inserting arbitrary files into Google Earth Projects Archives
https://github.com/si9int/OFFSEC-Archive/blob/master/web/Inserting%20arbitrary%20files%20into%20Google%20Earth%20Projects%20Archives.pdf
https://github.com/si9int/OFFSEC-Archive/blob/master/web/Inserting%20arbitrary%20files%20into%20Google%20Earth%20Projects%20Archives.pdf
堡垒机的自动化功能实践-1
https://mp.weixin.qq.com/s/N8rtlk4Ai-Kb9QXW4Q77Lg
https://mp.weixin.qq.com/s/N8rtlk4Ai-Kb9QXW4Q77Lg
Ramblings about MITRE ATT&CK, CarbonBlack Response, and Powershell
https://cflaws.blog/2019/03/10/ramblings-about-mitre-attck-carbonblack-response-and-powershell/
https://cflaws.blog/2019/03/10/ramblings-about-mitre-attck-carbonblack-response-and-powershell/
-----微信ID:SecWiki-----
SecWiki,12年来一直专注安全技术资讯分析!
SecWiki:https://www.sec-wiki.com本期原文地址: SecWiki周刊(第263期)
