SecWiki周刊(第273期)
2019/05/20-2019/05/26
安全资讯
网络安全行业不会一家独大 远不止FBI和CIA——美国情报机构红宝书 关于《网络安全审查办法(征求意见稿)》公开征求意见
安全技术
2000day in Safari Make Redirection Evil Again: URL Parser Issues in OAuth AWS Security Incident Response Guide 国赛-bbvvmm-SM4逆向分析,虚拟机指令分析 CVE-2019-0708 Technical Analysis (RDP-RCE) How to Create a Malware Detection System With Machine Learning DataCon 2019: 1st place solution of malicious DNS traffic & DGA analysis CTF中常见编码、代码混淆及加解密 Incident response at your fingertips with Microsoft Defender ATP live response Calling iOS Native Functions from Python Using Frida and RPC 从Zend虚拟机分析PHP加密扩展 西部数码MyCloud NAS命令执行漏洞 智能摄像头安全分析及案例参考 CVE-2019-8506 JavaScriptCore exploit 蚁剑绕WAF进化图鉴 Pymetasploit3:使用Python3实现Metasploit自动化 鱼叉攻击-尝试 分布式web漏洞扫描平台WDScanner v1.1版本发布 The Tier of Threat Actors – Cheatsheet 第一届HDCTF Write up CheckVM-Sandbox 智能威胁分析之图数据构建 Acunetix Vulnerability Scanner现可进行网络安全扫描 应急响应实战笔记 我生命中最昂贵的经历:SIM卡移植攻击 Sojobo - Yet another binary analysis framework 【移动安全】移动应用安全基础篇——破掉iOS加密数据 An extremely insecure Ethereum cryptowallet iOS/OSX Content Filter Kernel UAF Analysis + POC 深度学习算法地图 WD My Cloud RCE CVE-2019-0803: Win32k Elevation of Privilege Poc LFI ON PRODUCTION SERVERS in "springboard.google.com" – $13,337USD 无需括号和分号的XSS 如何将XSS漏洞从中危提升到严重 RCTF 2019 Web Writeup Even more secret Telegrams Is MIME Sniffing XSS a real thing? yurita: Anomaly detection framework @ PayPal Microsoft Edge Renderer Exploitation (CVE-2019-0940). Part 1 Reverse Engineering the iClicker Base Station XSS without parentheses and semi-colons Injecting shellcode into x64 ELF binaries XSSed my way to 1000$ 域渗透——普通用户权限获得DNS记录 Details of SIM port hack 从后渗透分析应急响应的那些事儿(二)免杀初识篇 Awesome-Cellular-Hacking 异常检测的N种方法 APT28分析之CVE-2015-1641样本分析 jQuery 安全模型解释 Hacking Facebook the Hard Way Stealing Downloads from Slack Users ESCAPING THE CHROME SANDBOX WITH A WIN32K NDAY Reversing Golang Binaries: Part-1 Detecting Patterns with Unsupervised Learning APP漏洞利用组合拳——应用克隆案例分析 Getting Into Browser Exploitation A Curious Case of Malwarebytes SonarQube踩坑记 Fun With Custom URI Schemes Linux Privilege Escalation via LXD & Hijacked UNIX Socket Credentials Using the Exception Directory to find GetProcAddress Reversing Golang Binaries: Part-2-----微信ID:SecWiki-----
SecWiki,12年来一直专注安全技术资讯分析!
SecWiki:https://www.sec-wiki.com
本期原文地址: SecWiki周刊(第273期)