SecWiki周刊(第293期)
2019/10/07-2019/10/13
安全资讯
[事件]   有黑客正拍卖一个包含9200万巴西公民详细信息的数据库
https://nosec.org/home/detail/3018.html
[新闻]  Facebook、Twitter涉嫌违反欧盟GDPR 或面临数十亿美元罚款
https://nosec.org/home/detail/3021.html
安全技术
[Web安全]  SRC漏洞挖掘实用技巧
https://mp.weixin.qq.com/s/g-vlNmn4uQKUnBKZ7LMJvA
[工具]  Cobalt Strike - 使用其他方式抓取密码/dump hash
https://github.com/Ch1ngg/AggressorScript-RunDumpHash
[Web安全]  php反序列化靶机实战
https://mp.weixin.qq.com/s/2bkCRZf6_An2fWEdXbHxrg
[恶意分析]  ISCX-IDS-2012 intrusion detection evaluation dataset
https://www.unb.ca/cic/datasets/ids.html
[Web安全]  红蓝对抗——加密Webshell“冰蝎”攻防
https://mp.weixin.qq.com/s/o6aUI-sk0A7fSDMTinoMNg
[事件]  TeamViewer疑似被入侵事件分析
https://nosec.org/home/detail/3038.html
[漏洞分析]  CVE-2019-17059:Cyber​​oam SSL VPN的RCE漏洞
https://nosec.org/home/detail/3034.html
[文档]  PENTESTING-BIBLE
https://github.com/blaCCkHatHacEEkr/PENTESTING-BIBLE
[漏洞分析]  泛微E-cology OA系统SQL注入漏洞
https://nosec.org/home/detail/3030.html
[无线安全]  侧信道攻击,从喊666到入门之—错误注入攻击白盒
https://www.anquanke.com/post/id/188340
[运维安全]  资产十问
https://www.sec-un.org/%e8%b5%84%e4%ba%a7%e5%8d%81%e9%97%ae/
[其它]  浅析DARPA的运作机制
https://mp.weixin.qq.com/s/T5EqLfqSCU8JRp6Ez4vdpg
[比赛]  “北极星杯”AWD线上赛复盘
https://xz.aliyun.com/t/6477
[恶意分析]  Revoke-Obfuscation: PowerShell Obfuscation Detection Framework
https://github.com/danielbohannon/Revoke-Obfuscation
[设备安全]  工控安全入门(五)—— plc逆向初探
https://www.anquanke.com/post/id/187792
[设备安全]  一小时完成上位机SCADA
http://jzgkchina.com/node/1273
[漏洞分析]  CVE-2019-1315:基于错误报告机制的Windows提权漏洞
https://nosec.org/home/detail/3027.html
[取证分析]  一文看懂ATT&CK框架以及使用场景实例
https://www.anquanke.com/post/id/187998
[其它]  美国政府持续深入开展爱因斯坦项目以提升网络威胁感知能力(2019)
https://www.sec-un.org/%e7%be%8e%e5%9b%bd%e6%94%bf%e5%ba%9c%e6%8c%81%e7%bb%ad%e6%b7%b1%e5%85%a5%e5%bc%80%e5%b1%95%e7%88%b1%e5%9b%a0%e6%96%af%e5%9d%a6%e9%a1%b9%e7%9b%ae%e4%bb%a5%e6%8f%90%e5%8d%87%e7%bd%91%e7%bb%9c%e5%a8%81/
[Web安全]  协议层的攻击—HTTP请求走私
https://paper.seebug.org/1048/
[恶意分析]  Repository of YARA rules made by McAfee ATR Team
https://github.com/advanced-threat-research/Yara-Rules
[漏洞分析]  ThinkPHP5.1.X反序列化利用链
https://xz.aliyun.com/t/6467
[漏洞分析]  PDF调试技巧剖析
https://www.anquanke.com/post/id/188138
[杂志]  SecWiki周刊(第292期)
https://www.sec-wiki.com/weekly/292
[漏洞分析]  HackMD Stored XSS and HackMD Desktop RCE
https://5alt.me/2019/10/HackMD%20Stored%20XSS%20and%20HackMD%20Desktop%20RCE/
[Web安全]  Venom - A Multi-hop Proxy for Penetration Testers
https://github.com/Dliv3/Venom
[Web安全]  Web安全Day8 - XXE实战攻防
https://xz.aliyun.com/t/6502
[取证分析]  ATT&CK一般性学习笔记
https://mp.weixin.qq.com/s/qfthyNQ3E_TruEbREcIJzg
[漏洞分析]  [CVE-2019-9535] Iterm2命令执行的不完整复现
https://mp.weixin.qq.com/s/4KcpS4eNGQ8bL6DTM4K0aQ
[Web安全]  Hacking Windows 备忘录
https://xz.aliyun.com/t/6498
[漏洞分析]   D-Link路由器曝出RCE漏洞,牵涉多个型号
https://nosec.org/home/detail/3020.html
[Web安全]  CatchMail: 收集邮箱的工具
https://github.com/0Kee-Team/CatchMail
[漏洞分析]  The Art of WebKit Exploitation
http://blog.umangis.me/the-art-of-webkit-exploitation/
[Web安全]  以攻擊者的角度制定防禦策略
https://devco.re/blog/2019/10/09/def-strategy/
[取证分析]  基于mitmproxy的被动扫描代理
https://www.freebuf.com/articles/web/216301.html
[Web安全]  SharpSniper利用分析
https://3gstudent.github.io/3gstudent.github.io/SharpSniper%E5%88%A9%E7%94%A8%E5%88%86%E6%9E%90/
[漏洞分析]  How a double-free bug in WhatsApp turns to RCE
https://awakened1712.github.io/hacking/hacking-whatsapp-gif-rce/
[取证分析]  从Exchange服务器上搜索和导出邮件
https://www.4hou.com/technology/20718.html
[漏洞分析]  在PWN题中绕过lea esp以及关于Ret2dl的一些补充
https://www.anquanke.com/post/id/187875
[漏洞分析]   vBulletin再修复高危RCE和SQL注入漏洞
https://nosec.org/home/detail/3022.html
-----微信ID:SecWiki-----
SecWiki,13年来一直专注安全技术资讯分析!
SecWiki:https://www.sec-wiki.com

本期原文地址: SecWiki周刊(第293期)