SecWiki周刊(第281期)
2019/07/15-2019/07/21
安全资讯
安全技术
蚁剑 disable_functions 研究
https://tmr.js.org/p/a63cefbc/
https://tmr.js.org/p/a63cefbc/
线下赛AWD训练平台搭建手册
https://mp.weixin.qq.com/s/VPaAYUu_W3MTOmfmgVxUjA
https://mp.weixin.qq.com/s/VPaAYUu_W3MTOmfmgVxUjA
dz-ml-rce.py:discuz ml RCE漏洞检测工具
https://github.com/theLSA/discuz-ml-rce
https://github.com/theLSA/discuz-ml-rce
路由器漏洞分析系列(2):CVE-2018-20056 DIR-619L&605L 栈溢出漏洞分析及复现
https://xz.aliyun.com/t/5699
https://xz.aliyun.com/t/5699
特斯拉上价值10000美元的XSS漏洞
https://nosec.org/home/detail/2781.html
https://nosec.org/home/detail/2781.html
Attacking SSL VPN - Part 1: PreAuth RCE on Palo Alto GlobalProtect
https://blog.orange.tw/2019/07/attacking-ssl-vpn-part-1-preauth-rce-on-palo-alto.html
https://blog.orange.tw/2019/07/attacking-ssl-vpn-part-1-preauth-rce-on-palo-alto.html
浅析Redis中SSRF的利用
https://mp.weixin.qq.com/s/as4WP7RkGaXVI6enlMDktg
https://mp.weixin.qq.com/s/as4WP7RkGaXVI6enlMDktg
路由器漏洞分析系列(1):路由器固件模拟环境搭建
https://xz.aliyun.com/t/5697
https://xz.aliyun.com/t/5697
监视我自己的手机:数据都去哪儿了?
https://www.v2ex.com/t/583824
https://www.v2ex.com/t/583824
如何设置一个GPO后门并将其隐藏
https://nosec.org/home/detail/2789.html
https://nosec.org/home/detail/2789.html
如何暴力破解Instagram的6位验证码
https://nosec.org/home/detail/2784.html
https://nosec.org/home/detail/2784.html
精简版SDL落地实践
https://xz.aliyun.com/t/5656
https://xz.aliyun.com/t/5656
Auxiliary Loss Optimization for Hypothesis Augmentation for DGA Domain Detection
https://medium.com/@jason_trost/auxiliary-loss-optimization-for-hypothesis-augmentation-for-dga-domain-detection-98c382082514
https://medium.com/@jason_trost/auxiliary-loss-optimization-for-hypothesis-augmentation-for-dga-domain-detection-98c382082514
FastJson最新反序列化漏洞分析
https://xz.aliyun.com/t/5680
https://xz.aliyun.com/t/5680
Analysis of an Atlassian Crowd RCE - CVE-2019-11580
https://www.corben.io/atlassian-crowd-rce/
https://www.corben.io/atlassian-crowd-rce/
风控引擎的演进及设计思想
https://zhuanlan.zhihu.com/p/73181470
https://zhuanlan.zhihu.com/p/73181470
Getting started with DGA Domain Detection Research
http://www.covert.io/getting-started-with-dga-research/
http://www.covert.io/getting-started-with-dga-research/
赛博杯2019 Write Up
https://xz.aliyun.com/t/5648
https://xz.aliyun.com/t/5648
恶意样本家族分类实践
https://xz.aliyun.com/t/5666
https://xz.aliyun.com/t/5666
SecWiki周刊(第280期)
https://www.sec-wiki.com/weekly/280
https://www.sec-wiki.com/weekly/280
一些值得学习的Fuzzer开源项目
http://riusksk.me/2019/07/14/%E4%B8%80%E4%BA%9B%E5%80%BC%E5%BE%97%E5%AD%A6%E4%B9%A0%E7%9A%84Fuzzer%E5%BC%80%E6%BA%90%E9%A1%B9%E7%9B%AE/
http://riusksk.me/2019/07/14/%E4%B8%80%E4%BA%9B%E5%80%BC%E5%BE%97%E5%AD%A6%E4%B9%A0%E7%9A%84Fuzzer%E5%BC%80%E6%BA%90%E9%A1%B9%E7%9B%AE/
Scavenger: Crawler searching for credential leaks on paste sites
https://github.com/rndinfosecguy/Scavenger
https://github.com/rndinfosecguy/Scavenger
-----微信ID:SecWiki-----
SecWiki,12年来一直专注安全技术资讯分析!
SecWiki:https://www.sec-wiki.com本期原文地址: SecWiki周刊(第281期)
