SecWiki周刊(第4期)
2014/03/24-2014/03/30
安全技术
[Web安全]  如何利用BurpSuite破解webshell
http://www.5d87.com/article/%E9%9A%8F%E7%AC%94/189.html
[漏洞分析]  Some exploits and exploit development stuff
https://github.com/infodox/exploits
[编程技术]  ​​Light4Freedom战队BCTF攻略(上)
http://www.freebuf.com/articles/web/29517.html
[取证分析]  Linux日志清理工具wipe
http://www.coolhacker.org/?p=1572
[移动安全]  Oldboot.B:与Bootkit技术结合的木马隐藏手段的运用
http://blogs.360.cn/blog/analysis_of_oldboot_b/
[移动安全]  AndroTotal: free service to scan suspicious APKs
http://andrototal.org/
[移动安全]  New iOS malware use Cydia Substrate to steal advertisement promotion fee
http://www.claudxiao.net/2014/03/ios_malware_spad/
[漏洞分析]  WinRar File extension spoofing ( 0DAY )
http://an7isec.blogspot.co.il/2014/03/winrar-file-extension-spoofing-0day.html
[漏洞分析]  回到基本面:CFI的软件防护视角
http://qing.blog.sina.com.cn/1891235985/70b9f89133004wr4.html
[Web安全]  wechall mysql关卡题解
http://drops.wooyun.org/papers/1321
[运维安全]  white-elephant:Hadoop log aggregator and dashboard
https://github.com/linkedin/white-elephant
[移动安全]  测试金字塔新解之移动无线应用测试
http://blog.jobbole.com/63690/
[Web安全]  [Honeypot Alert] JCE Joomla Extension Attacks
http://blog.spiderlabs.com/2014/03/honeypot-alert-jce-joomla-extension-attacks.html
[其它]  讲座:善用佳软,让您轻松高效学习
http://xbeta.info/lecture-201403.htm
[漏洞分析]  CVE-2013-3897漏洞分析
http://www.freebuf.com/articles/system/29445.html
[Web安全]  Ping&DNS – 查询 Ping/DNS/Whois 等信息
http://www.appinn.com/ping-and-dns-for-android/
[Web安全]  多层代理下解决链路低延迟的技巧
http://drops.wooyun.org/tips/1286
[恶意分析]  Malware-Traffic-Analysis.net
http://malware-traffic-analysis.net/
[设备安全]  NSFOCUS_ICS_Security_Report_20140311
http://vdisk.weibo.com/s/r1DAFAovsYVH
[运维安全]  Nginx安全配置研究
http://drops.wooyun.org/tips/1323
[数据挖掘]  Decision Tree 及实现
http://blog.sae.sina.com.cn/archives/3206
[Web安全]  XSS和字符集的那些事儿
http://drops.wooyun.org/papers/1327
[无线安全]  无线局域网安全风险解决和分析
http://c.blog.sina.com.cn/profile.php?blogid=12e41f4b2890017un
[Web安全]  linux键盘记录软件 logkeys
http://www.coolhacker.org/?p=1444
[取证分析]  Computer Forensics Investigation – A Case Study
http://resources.infosecinstitute.com/computer-forensics-investigation-case-study/
[Web安全]  Linux PAM&&PAM后门
http://drops.wooyun.org/tips/1288
[Web安全]  Windows Domain Credentials Phishing Tool
http://sourceforge.net/projects/wdcpt/
[恶意分析]  fireeye-zero-day-attacks-in-2013
http://vdisk.weibo.com/s/C72IDYVyJJhK_/1395930614
[编程技术]  让你的网站支持手机二维码登录
http://www.ideawu.net/blog/archives/793.html
[其它]  谈谈个人常用的软件(新增加三款)
http://jianshu.io/p/01acf2aa5b24
[数据挖掘]  Bogofilter:邮件过滤器
http://bogofilter.sourceforge.net/
[漏洞分析]  Reverse Engineering Resources
http://samdmarshall.com/re.html
[书籍]  Go Bootcamp
http://www.golangbootcamp.com/book
[编程技术]  『风车』技术架构介绍
http://yedingding.com/2014/03/20/fengcheco-architecture.html
[会议]  Security Conference Calendar
https://www.duosecurity.com/resources/calendar
-----微信ID:SecWiki-----
SecWiki,12年来一直专注安全技术资讯分析!
SecWiki:https://www.sec-wiki.com

本期原文地址: SecWiki周刊(第4期)