SecWiki周刊(第286期)
2019/08/19-2019/08/25
安全资讯
水利部印发水利网络安全管理办法(试行)
http://www.cac.gov.cn/2019-08/17/c_1124887757.htm
http://www.cac.gov.cn/2019-08/17/c_1124887757.htm
美军网络空间军事思想与能力体系综述
https://mp.weixin.qq.com/s/eTqE3GXnyvutwJ5MAkaR7g
https://mp.weixin.qq.com/s/eTqE3GXnyvutwJ5MAkaR7g
“战斗民族”俄罗斯网络空间作战研究
https://mp.weixin.qq.com/s/lHTNtsA6Pc-FGGoQoO6AUw
https://mp.weixin.qq.com/s/lHTNtsA6Pc-FGGoQoO6AUw
BCS 2019 安全创客汇
https://mp.weixin.qq.com/s/Mj8RDrFl6HcWH2GsH-mXhQ
https://mp.weixin.qq.com/s/Mj8RDrFl6HcWH2GsH-mXhQ
BCS 2019 40 家企业展台的亮点内容及产品
https://mp.weixin.qq.com/s/EeKghha0lKOIhJgB1sHKEg
https://mp.weixin.qq.com/s/EeKghha0lKOIhJgB1sHKEg
安全技术
BlackHat US-19 笔记
https://www.sec-un.org/blackhat-us-19-%e7%ac%94%e8%ae%b0/
https://www.sec-un.org/blackhat-us-19-%e7%ac%94%e8%ae%b0/
蚁剑 CUSTOM AES编/解码器弥补蚁剑其他 Shell 没有强加密算法的缺陷
https://github.com/Ch1ngg/OtherAntSwordAESEncoder
https://github.com/Ch1ngg/OtherAntSwordAESEncoder
Top 10 Browser Extensions for Hackers & OSINT Researchers
https://medium.com/@NullByteWht/top-10-browser-extensions-for-hackers-osint-researchers-fca19b469158
https://medium.com/@NullByteWht/top-10-browser-extensions-for-hackers-osint-researchers-fca19b469158
BCS 2019 红队行动会议重点内容
https://github.com/Mel0day/RedTeam-BCS
https://github.com/Mel0day/RedTeam-BCS
利用SSH隧道反弹Shell
https://mp.weixin.qq.com/s/wnCWeZqXDqbas6HBOxhBlw
https://mp.weixin.qq.com/s/wnCWeZqXDqbas6HBOxhBlw
基于 ATT&CK 的 APT 威胁跟踪和狩猎
https://mp.weixin.qq.com/s/nqQmlWcemAGopy898I4cNg
https://mp.weixin.qq.com/s/nqQmlWcemAGopy898I4cNg
网络安全学习方法论之体系的重要性
https://micropoor.blogspot.com/2019/08/blog-post.html
https://micropoor.blogspot.com/2019/08/blog-post.html
利用CobaltStrike捆绑后门的艺术
https://www.freebuf.com/sectool/210416.html
https://www.freebuf.com/sectool/210416.html
基于框架开发的程序的代码审计思路总结
http://www.f4ckweb.top/index.php/archives/62/
http://www.f4ckweb.top/index.php/archives/62/
DomainFrontingLists: A list of Domain Frontable Domains by CDN
https://github.com/vysecurity/DomainFrontingLists
https://github.com/vysecurity/DomainFrontingLists
实战化ATT&CK™:威胁情报
https://mp.weixin.qq.com/s/CzrQoLdpVUHrXGTMrkWHPQ
https://mp.weixin.qq.com/s/CzrQoLdpVUHrXGTMrkWHPQ
记一次对某医院HIS系统的渗透测试
https://mp.weixin.qq.com/s/0hvD_afmLNQW9bQZzvk0OA
https://mp.weixin.qq.com/s/0hvD_afmLNQW9bQZzvk0OA
如何轻松bypass文件沙箱
https://yuange1975.blogspot.com/2019/08/bypass.html
https://yuange1975.blogspot.com/2019/08/bypass.html
基于SPARK的分布式网页近似度检测
https://blog.chih.me/simjoin-on-spark.html
https://blog.chih.me/simjoin-on-spark.html
NDSS 2019议题解读:从运营商角度清除Mirai僵尸网络
https://mp.weixin.qq.com/s/j9eXRPu_YYLGyzFiz2fj4g
https://mp.weixin.qq.com/s/j9eXRPu_YYLGyzFiz2fj4g
从源代码漏洞挖掘谈有价值研究-PPT
https://www.inforsec.org/wp/?p=3499
https://www.inforsec.org/wp/?p=3499
漏洞扫描技巧篇-Web 漏洞扫描器
https://mp.weixin.qq.com/s/urbFms6AiUb7uu_IGj3LXQ
https://mp.weixin.qq.com/s/urbFms6AiUb7uu_IGj3LXQ
从ATT&CK看威胁情报的发展和应用趋势
https://mp.weixin.qq.com/s/zbAwTDZ5IuRCMkuIDo82Cw
https://mp.weixin.qq.com/s/zbAwTDZ5IuRCMkuIDo82Cw
实战化ATT&CK™:引言
https://mp.weixin.qq.com/s/pF_d4Jbqs8QGlWN0ITnm6g
https://mp.weixin.qq.com/s/pF_d4Jbqs8QGlWN0ITnm6g
web.config文件上传技术研究
https://xz.aliyun.com/t/6037
https://xz.aliyun.com/t/6037
SecWiki周刊(第285期)
https://www.sec-wiki.com/weekly/285
https://www.sec-wiki.com/weekly/285
单机日志分析工具-logC
https://xz.aliyun.com/t/5894
https://xz.aliyun.com/t/5894
利用ICMP进行命令控制和隧道传输
https://www.freebuf.com/sectool/210450.html
https://www.freebuf.com/sectool/210450.html
-----微信ID:SecWiki-----
SecWiki,12年来一直专注安全技术资讯分析!
SecWiki:https://www.sec-wiki.com本期原文地址: SecWiki周刊(第286期)
