SecWiki周刊(第271期)
2019/05/06-2019/05/12
安全资讯
[事件]  三星泄露SmartThings应用程序源代码和密钥
https://nosec.org/home/detail/2565.html
[人物]  饿了么王彬:安全即是公平 实现要靠运营
https://mp.weixin.qq.com/s/3UYObnoZV_g-AZFdSoxJLg
[新闻]  情报指挥中心加入公安部直属机关序列
https://mp.weixin.qq.com/s/ULHbGTI1YosdZG23aAE4Qw
[新闻]  布拉格5G安全大会 “布拉格提案”
https://mp.weixin.qq.com/s/sktQAoNeE-3na9lBPm9nzg
[新闻]  FBI查获DeepDotWeb并逮捕其管理员
https://nosec.org/home/detail/2564.html
[新闻]  汉堡王的儿童网上商店泄露数万条顾客信息
https://nosec.org/home/detail/2566.html
[新闻]  赛门铁克公司加入美国防部的网络威胁情报共享项目
https://mp.weixin.qq.com/s/tHjveTuc1bi0TxmJKwMoGw
安全技术
[移动安全]  EL3 Tour: Get the Ultimate Privilege of Android Phone
https://speakerdeck.com/hhj4ck/el3-tour-get-the-ultimate-privilege-of-android-phone
[书籍]  免费的计算机编程类中文书籍
https://github.com/justjavac/free-programming-books-zh_CN
[运维安全]  SonarQube+DependencyCheck实现第三方依赖安全扫描
https://bloodzer0.github.io/ossa/other-security-branch/devsecops/sdc/
[移动安全]  Android安全的思维导图
https://bbs.pediy.com/thread-251061.htm
[数据挖掘]  金融风控反欺诈之图算法
https://www.infoq.cn/article/C99whYfeGILp1W*M75cl
[移动安全]  HTTPDecrypt: 利用HTTP协议 远程加解密数据包,实现Burp一条龙服务
https://github.com/lyxhh/lxhToolHTTPDecrypt
[比赛]  2019 虎鲸杯电子取证大赛赛后复盘总结
https://www.anquanke.com/post/id/177714
[其它]  聊聊服务稳定性保障这些事
https://www.infoq.cn/article/69TYjy_v9u4FxXNUk2gK
[运维安全]  SSH 登陆问题及排查思路
https://www.infoq.cn/article/pqU7iMf8cHpz-RNLOslJ
[移动安全]  Android Application Diffing: CVE-2019-10875 Inspection
https://blog.quarkslab.com/android-application-diffing-cve-2019-10875-inspection.html
[漏洞分析]  D-Link camera vulnerability allows attackers to tap into the video stream
https://www.welivesecurity.com/2019/05/02/d-link-camera-vulnerability-video-stream/
[恶意分析]  使用Suricata和ELK进行流量检测
https://zhuanlan.zhihu.com/p/64742715
[Web安全]  我的CSP绕过思路及总结
https://xz.aliyun.com/t/5084
[漏洞分析]  Exploiting Logic Bugs in JavaScript JIT Engines
http://phrack.org/papers/jit_exploitation.html
[运维安全]  itops: 基于Python + Django的AD\Exchange管理系统
https://github.com/openitsystem/itops?from=timeline
[Web安全]  如何入侵基于RMI的JMX服务
https://nosec.org/home/detail/2544.html
[数据挖掘]  基于统计分析的ICMP隧道检测方法与实现
https://www.freebuf.com/articles/network/202634.html
[Web安全]  Hack The Box - BigHead
https://0xrick.github.io/hack-the-box/bighead/
[工具]  Exploit for CVE-2019-9810 Firefox on Windows 64 bits
https://github.com/0vercl0k/CVE-2019-9810
[漏洞分析]  Taking Control of VMware Through the Universal Host Controller Interface: Part 1
https://www.zerodayinitiative.com/blog/2019/5/7/taking-control-of-vmware-through-the-universal-host-controller-interface-part-1
[工具]  wpbullet: A static code analysis for WordPress (and PHP)
https://github.com/webarx-security/wpbullet
[取证分析]  浅谈入侵溯源过程中的一些常见姿势
https://www.freebuf.com/articles/network/202168.html
[Web安全]  利用ASP.NET中的x-up-devcap-post-charset请求头绕过Web防火墙
https://nosec.org/home/detail/2556.html
[恶意分析]  代理蜜罐的开发与应用实战
https://www.freebuf.com/articles/network/202310.html
[取证分析]  2600万TRX被盗背后的罗生门
https://mp.weixin.qq.com/s/aInEaYdS9X7HP7FbzWl6AQ?from=timeline
[恶意分析]   Cisco Talos报告Alpine Linux Docker镜像中的硬编码凭据
https://nosec.org/home/detail/2568.html
[Web安全]  x-up-devcap-post-charset Header in ASP.NET to Bypass WAFs Again!
https://soroush.secproject.com/blog/2019/05/x-up-devcap-post-charset-header-in-aspnet-to-bypass-wafs-again/
[恶意分析]  How to Reverse Malware on macOS Without Getting Infected | Part 1
https://www.sentinelone.com/blog/how-to-reverse-macos-malware-part-one/
[漏洞分析]  Command injection by setting a custom search engine
https://hackerone.com/reports/497312
[漏洞分析]  Hijacking browser TLS traffic through Client Domain Hooking
https://blog.duszynski.eu/hijacking-browser-tls-traffic-through-client-domain-hooking/
[Web安全]  List of Awesome Asset Discovery Resources
https://github.com/redhuntlabs/Awesome-Asset-Discovery
[杂志]  SecWiki周刊(第270期)
https://www.sec-wiki.com/weekly/270
[取证分析]  Watermark: 网页添加水印的库
https://github.com/YanxinTang/Watermark
[漏洞分析]  write-after-free vulnerability in Firefox, Analysis and Exploitation
https://news.sophos.com/en-us/2019/04/18/protected-cve-2018-18500-heap-write-after-free-in-firefox-analysis-and-exploitation/
[其它]  “不可破解”生物识别USB通过纯文本传输密码
https://nosec.org/home/detail/2567.html
[工具]  Open Source SIRP with Elasticsearch and TheHive
https://arnaudloos.com/2019/open-source-sirp-overview/
[Web安全]  Tale of a Wormable Twitter XSS
https://www.virtuesecurity.com/tale-of-a-wormable-twitter-xss/
[工具]  ExtAnalysis: Browser Extension Analysis Framework
https://github.com/Tuhinshubhra/ExtAnalysis
[漏洞分析]   Broadcom无线芯片组的逆向分析之旅
https://nosec.org/home/detail/2540.html
[其它]  From zero to tfp0 - Part 2: Walkthrough of the voucher_swap exploit
https://www.darkmatter.ae/papers-articles/from-zero-to-tfp0-part-2-a-walkthrough-of-the-voucher_swap-exploit/
[其它]  Comprehensive walkthrough of the LTDH19 RE challenges
https://blog.syscall.party/post/ltdh-re-walkthrough/
[漏洞分析]  Looking inside the box
https://anvilventures.com/blog/looking-inside-the-box.html
[漏洞分析]  Browser、Mitigation 、Kernel 等漏洞利用相关研究
https://github.com/yeyintminthuhtut/Awesome-Advanced-Windows-Exploitation-References
[Web安全]  The XSS challenge that +100k people saw but only 90 solved
https://blog.intigriti.com/2019/05/06/intigriti-xss-challenge-1/
[漏洞分析]  Exploring Mimikatz - Part 1
https://blog.xpnsec.com/exploring-mimikatz-part-1/
[运维安全]  SSH Honey Keys
https://kulinacs.com/ssh-honey-keys/
[数据挖掘]  知识图谱怎么入门
https://zhuanlan.zhihu.com/p/65457826
[工具]  tetanus: Helper script for mangling CS payloads
https://github.com/secgroundzero/tetanus
[漏洞分析]  如何攻击Mirai僵尸网络(及其变种)的控制服务器?
https://nosec.org/home/detail/2558.html
[恶意分析]  Using Win95 kernel32.dll exports like a virus
https://log.vexation.ca/2019/04/using-win95-kernel32dll-exports-like.html?m=1
[恶意分析]  Detailed Analysis of macOS Vulnerability CVE-2019-8507
https://www.fortinet.com/blog/threat-research/detailed-analysis-mac-os-vulnerability-cve-2019-8507.html
[工具]  Bashter: Web Crawler, Scanner, and Analyzer Framework (Shell-Script based)
https://github.com/zerobyte-id/Bashter
[恶意分析]  Unpacking Redaman Malware & Basics of Self-Injection Packers
https://liveoverflow.com/unpacking-buhtrap-malware-basics-of-self-injection-packers-ft-oalabs-2/
[漏洞分析]  Throwing 500 vm’s at your fuzzing target being an individual security researcher
https://kciredor.com/throwing-500-vms-fuzzing-target-individual-security-researcher.html
[恶意分析]  聊聊安全测试中如何快速搞定Webshell
https://www.freebuf.com/articles/web/201421.html
[Web安全]  XMLDecoder解析流程分析
https://mp.weixin.qq.com/s/FupNkLOOWAabvnC3Yob_uw
[恶意分析]  Finding Registry Malware Persistence with RECmd
https://digital-forensics.sans.org/blog/2019/05/07/malware-persistence-recmd/
[数据挖掘]  Security Data Science Learning Resources
https://medium.com/@jason_trost/security-data-science-learning-resources-8f7586995040
[恶意分析]  Malicious DLL execution using Apple's APSDaemon.exe signed binary
https://0x00sec.org/t/malicious-dll-execution-using-apples-apsdaemon-exe-signed-binary/13409
[工具]  Vulmap: Vulmap Online Local Vulnerability Scanners Project
https://github.com/vulmon/Vulmap
[取证分析]  2600万TRX被盗背后的罗生门 - 第二集
https://mp.weixin.qq.com/s/9Cl6-ZmAi-U3Qi6cPVZJxQ?from=timeline
[工具]  response: Monzo's real-time incident response and reporting tool
https://github.com/monzo/response
-----微信ID:SecWiki-----
SecWiki,12年来一直专注安全技术资讯分析!
SecWiki:https://www.sec-wiki.com

本期原文地址: SecWiki周刊(第271期)