SecWiki周刊(第401期)
2021/11/01-2021/11/07
安全技术
KCon 2021 部分 PPT 发布
https://paper.seebug.org/1748/
https://paper.seebug.org/1748/
Top100密码学经典论文大盘点
https://mp.weixin.qq.com/s/iZ7X9bC4yRutkYWiCxuApQ
https://mp.weixin.qq.com/s/iZ7X9bC4yRutkYWiCxuApQ
第四届“强网”拟态防御国际精英挑战赛web的wp
https://www.anquanke.com/post/id/256992
https://www.anquanke.com/post/id/256992
VulnHub-[DC-8-9]-系列通关手册
https://www.sec-in.com/article/1131
https://www.sec-in.com/article/1131
TCTF/0CTF 2021-FINAL 两道 kernel pwn 题解
https://www.anquanke.com/post/id/258146
https://www.anquanke.com/post/id/258146
天府杯华硕会战的围剿与反围剿
https://mp.weixin.qq.com/s/k1ouK1Gyxpped0ZK4H4h7g
https://mp.weixin.qq.com/s/k1ouK1Gyxpped0ZK4H4h7g
如何通过进程内存提取密钥解密Cobalt Strike流量
https://mp.weixin.qq.com/s/MwGmwMfiWumPfyNZcWYpLw
https://mp.weixin.qq.com/s/MwGmwMfiWumPfyNZcWYpLw
破解版密钥相同,部分CobaltStrike加密流量可解
https://mp.weixin.qq.com/s/AcIFSjyqn9gzyRkyx3sRIQ
https://mp.weixin.qq.com/s/AcIFSjyqn9gzyRkyx3sRIQ
基于优化搜索的API序列推荐
https://mp.weixin.qq.com/s/jbR2nfIGcAjRS-dceTag8Q
https://mp.weixin.qq.com/s/jbR2nfIGcAjRS-dceTag8Q
解释与改进安全应用场景下的深度异常检测方法
https://mp.weixin.qq.com/s/U5HYIFLjO3ikkMgHyjsUpQ
https://mp.weixin.qq.com/s/U5HYIFLjO3ikkMgHyjsUpQ
基于语义的下游内核中补丁的存在性测试
https://mp.weixin.qq.com/s/4rVWVseMr3UT65sOBMjiqQ
https://mp.weixin.qq.com/s/4rVWVseMr3UT65sOBMjiqQ
WebExp: 2020年~2021年 网站CMS、中间件、框架系统漏洞集合
https://github.com/RASSec/WebExp
https://github.com/RASSec/WebExp
JavaWeb 内存马一周目通关攻略
https://su18.org/post/memory-shell/
https://su18.org/post/memory-shell/
从开放目录到 GitHub 投毒
https://mp.weixin.qq.com/s/HNdcwa5x3mTuxEPg2wmdMQ
https://mp.weixin.qq.com/s/HNdcwa5x3mTuxEPg2wmdMQ
CodeQL with CVE-2021-2471
http://m0d9.me/2021/11/01/CodeQL-CVE-2021-2471/
http://m0d9.me/2021/11/01/CodeQL-CVE-2021-2471/
Docker PHP裸文件本地包含综述
https://tttang.com/archive/1312/
https://tttang.com/archive/1312/
2021年网络安全领域四大顶会中国学者发表论文88篇(附目录)
https://mp.weixin.qq.com/s/igXuvxBdVZpM9fkAxnkJ5g
https://mp.weixin.qq.com/s/igXuvxBdVZpM9fkAxnkJ5g
4G/LTE 移动通信系统中对隐私和可用性的实际攻击
https://www.anquanke.com/post/id/257679
https://www.anquanke.com/post/id/257679
劫持 Golang 编译
https://paper.seebug.org/1749/
https://paper.seebug.org/1749/
从Java反序列化漏洞题看CodeQL数据流
https://www.anquanke.com/post/id/256967
https://www.anquanke.com/post/id/256967
航空产业已成境外情报机构重点网络攻击目标
https://mp.weixin.qq.com/s/ANDLQBHTzB2uiS54xxyuZw
https://mp.weixin.qq.com/s/ANDLQBHTzB2uiS54xxyuZw
Apache安全——挂钩分析
https://www.anquanke.com/post/id/257539
https://www.anquanke.com/post/id/257539
JavaWeb 内存马二周目通关攻略
https://tttang.com/archive/1313/
https://tttang.com/archive/1313/
从广东省强网杯——girlfriend中看realloc的艺术
https://www.anquanke.com/post/id/256793
https://www.anquanke.com/post/id/256793
SecWiki周刊(第400期)
https://www.sec-wiki.com/weekly/400
https://www.sec-wiki.com/weekly/400
浅谈无需修改注册表抓取明文密码
https://www.anquanke.com/post/id/255226
https://www.anquanke.com/post/id/255226
CodeInspector: Java 可控参数分析和数据流跟踪分析
https://github.com/EmYiQing/CodeInspector
https://github.com/EmYiQing/CodeInspector
渗透测试-一次从黑盒转向白盒
https://websecuritys.cn/archives/Blog-Ac-1.html
https://websecuritys.cn/archives/Blog-Ac-1.html
Building a Secure Open-Source Operating-System Kernel
https://mp.weixin.qq.com/s/UpB07tQxK5vvYl1alSQY3A
https://mp.weixin.qq.com/s/UpB07tQxK5vvYl1alSQY3A
VulnHub-[DC-1-7]-系列通关手册
https://www.sec-in.com/article/1126
https://www.sec-in.com/article/1126
-----微信ID:SecWiki-----
SecWiki,12年来一直专注安全技术资讯分析!
SecWiki:https://www.sec-wiki.com本期原文地址: SecWiki周刊(第401期)
