SecWiki周刊(第317期)
2020/03/23-2020/03/29
安全技术
[恶意分析]  黑产研究之秒拨IP
https://mp.weixin.qq.com/s/XL6XO-FBHq37H1h-iMwV4w
[Web安全]  iox: 端口转发 & 内网代理工具
https://github.com/EddieIvan01/iox/blob/master/docs/README_CN.md
[恶意分析]  无文件执行:一切皆是shellcode(中篇)
https://mp.weixin.qq.com/s/6Khnj0tX3SgbRes25bOmow
[漏洞分析]  Django CVE-2020-9402 Geo SQL注入分析
https://xz.aliyun.com/t/7403
[Web安全]  域渗透—基于资源的约束委派利用
https://xz.aliyun.com/t/7454
[工具]  模块化网站管理工具的思考
https://tmr.js.org/p/4644576d/
[取证分析]  基于开源情报解密美国雷神山火神山
https://mp.weixin.qq.com/s/OCAK5byqIvXttqxxSQmDkQ
[运维安全]  Announcing the Zeek Agent
https://blog.trailofbits.com/2020/03/23/announcing-the-zeek-agent/
[取证分析]  俄罗斯情报部门代号一览(Top Secret)
https://mp.weixin.qq.com/s/2FnrR5qsm9BTlAS_SeKrzw
[运维安全]  Windows OS Hardening with PowerShell DSC
https://github.com/NVISO-BE/posh-dsc-windowsserver-hardening
[漏洞分析]  A First Introduction to System Exploitation
https://research.checkpoint.com/wp-content/uploads/2020/03/pwnable_writeup.pdf
[恶意分析]  DrayTek Vigor企业级路由器和交换机设备在野0-day 漏洞分析报告
https://blog.netlab.360.com/two-zero-days-are-targeting-draytek-broadband-cpe-devices/
[恶意分析]  网络威胁检测技术NTA
https://mp.weixin.qq.com/s/DYqFKBIj1BKwDzTpnO_tHg
[运维安全]  Nightingale-开源的企业级监控解决方案
https://mp.weixin.qq.com/s/Wo_em4yB5dRPvFecma4bkw
[Web安全]  渗透测试和安全面试的经验之谈
https://github.com/Leezj9671/Pentest_Interview
[论文]  后量子区块链: 抗量子攻击的区块链密码学研究综述(上)
https://mp.weixin.qq.com/s/zC62SGEiNTPbMxxYNR4yUA
[Web安全]  Kimsuky APT组织利用疫情话题针对南韩进行双平台的攻击活动的分析
https://mp.weixin.qq.com/s/eENIP9rDquDXHZWsGurJ9w
[移动安全]  微信远程攻击面简单的研究与分析
https://mp.weixin.qq.com/s/yMQN3MciI-0f3mzz_saiwQ
[运维安全]  张欧:数字银行可信网络实践
https://mp.weixin.qq.com/s/VRG9LEbGTxhpMmCUTUSA8w
[杂志]  SecWiki周刊(第316期)
https://www.sec-wiki.com/weekly/316
[恶意分析]  恶意软件命名与描述规范研究
https://mp.weixin.qq.com/s/KGfsmEUu_fMH9Vj3TleMMQ
[Web安全]  List of bug bounty writeups · Pentester Land
https://pentester.land/list-of-bug-bounty-writeups.html
[设备安全]  固件分析之GoAhead框架ASP文件提取
http://blog.nsfocus.net/0320-goahead-asp/
[运维安全]  零信任架构实战系列:如何选择零信任架构
https://mp.weixin.qq.com/s/JkzkCaIjT-jWyQEp-I5muw
[其它]  security_w1k1: 安全相关资源列表
https://github.com/euphrat1ca/security_w1k1
[漏洞分析]  Java RMI入门
http://scz.617.cn/network/202002221000.txt
[恶意分析]  RSAC-2020随笔 — 供应链安全
https://www.anquanke.com/post/id/201485?from=timeline
[设备安全]  IoT上SSL安全开发小结
https://mp.weixin.qq.com/s/rSXqBCFmawLg_oYYVKecLQ
[Web安全]  WAF建设运营及AI应用实践
https://mp.weixin.qq.com/s/fTm1hUfRmm6ujmjvSHRLUA
[漏洞分析]  使用AFL挖掘libxml2
https://xz.aliyun.com/t/7400
[漏洞分析]  使用Powershell对目标进行屏幕监控
https://mp.weixin.qq.com/s/bmQCCoilsXYqydc_RXrtTQ
[漏洞分析]  Java RMI入门(4)
http://scz.617.cn/network/202003191728.txt
[Web安全]  Facebook CSRF bug which lead to Instagram Partial account takeover
https://ysamm.com/?p=379
[漏洞分析]  Java RMI入门(3)
http://scz.617.cn/network/202003121717.txt
[漏洞分析]  CVE-2020-0729: Remote Code Execution Through .LNK Files
https://www.thezdi.com/blog/2020/3/25/cve-2020-0729-remote-code-execution-through-lnk-files
[恶意分析]  一些网站https证书出现问题的情况分析
https://blog.netlab.360.com/ongoing-websites-hijacking/
[漏洞分析]  Java RMI入门(2)
http://scz.617.cn/network/202003081810.txt
[漏洞分析]  Take Down MacOS Bluetooth with Zero-click RCE
http://blogs.360.cn/post/macOS_Bluetoothd_0-click.html
[漏洞分析]  CVE-2020-0069: Autopsy of the Most Stable MediaTek Rootkit
https://blog.quarkslab.com/cve-2020-0069-autopsy-of-the-most-stable-mediatek-rootkit.html
[Web安全]  提权之DLL注入
https://mp.weixin.qq.com/s/T3C44Jc2vsTcisS7pWHnZA
[漏洞分析]  对CVE中的无效漏洞报告进行分类和预测
https://mp.weixin.qq.com/s/laYXRDTtAn9kBqV1G99gog
[取证分析]  2020年开源情报(OSINT)TOP20 工具
https://mp.weixin.qq.com/s?__biz=MzI2NDY1NDg0OA==&mid=2247484049&idx=1&sn=e6e716cfcfef01956c1acc7d684d44d1
[取证分析]  The-Cyber-Intelligence-Analyst-Cookbook
https://github.com/open-source-rs/The-Cyber-Intelligence-Analyst-Cookbook
-----微信ID:SecWiki-----
SecWiki,12年来一直专注安全技术资讯分析!
SecWiki:https://www.sec-wiki.com

本期原文地址: SecWiki周刊(第317期)