SecWiki周刊(第431期)
2022/05/30-2022/06/05
安全技术
Tomcat CVE-2022-29885
https://4ra1n.love/post/5zNrXSlvJ/
https://4ra1n.love/post/5zNrXSlvJ/
Artillery: JAVA 插件化漏洞扫描器
https://github.com/Weik1/Artillery
https://github.com/Weik1/Artillery
Awesome-Redteam: 一个红队知识仓库
https://github.com/Threekiii/Awesome-Redteam
https://github.com/Threekiii/Awesome-Redteam
SSL 指纹识别和绕过
https://ares-x.com/2021/04/18/SSL-%E6%8C%87%E7%BA%B9%E8%AF%86%E5%88%AB%E5%92%8C%E7%BB%95%E8%BF%87/
https://ares-x.com/2021/04/18/SSL-%E6%8C%87%E7%BA%B9%E8%AF%86%E5%88%AB%E5%92%8C%E7%BB%95%E8%BF%87/
浅谈Windows传统取证
https://mp.weixin.qq.com/s/zb2gIwPvepLeNrtlc7P2Og
https://mp.weixin.qq.com/s/zb2gIwPvepLeNrtlc7P2Og
基于框架漏洞的代码审计实战
https://xz.aliyun.com/t/11360
https://xz.aliyun.com/t/11360
搜狐中招钓鱼邮件诈骗的技术和基础设施分析
https://mp.weixin.qq.com/s/qGbwJJ5oGn4tdnFadq0c8g
https://mp.weixin.qq.com/s/qGbwJJ5oGn4tdnFadq0c8g
诈骗知名门户的黑产团伙溯源分析
https://mp.weixin.qq.com/s/uEiJIFzCqVuFsPzONu7v_A
https://mp.weixin.qq.com/s/uEiJIFzCqVuFsPzONu7v_A
APICraft: 为闭源的SDK库生成模糊的驱动程序
https://mp.weixin.qq.com/s/rekrBOCzY9eldsoVgXzaEg
https://mp.weixin.qq.com/s/rekrBOCzY9eldsoVgXzaEg
PE文件结构解析3
https://www.sec-in.com/article/1657
https://www.sec-in.com/article/1657
在计算机领域的科研中,最初的创新点从何而来?
https://www.zhihu.com/question/534444001
https://www.zhihu.com/question/534444001
SecWiki周刊(第430期)
https://www.sec-wiki.com/weekly/430
https://www.sec-wiki.com/weekly/430
蓝牙协议对汽车安全的影响研究报告
https://hexhive.epfl.ch/publications/files/22WOOT.pdf
https://hexhive.epfl.ch/publications/files/22WOOT.pdf
bandit工具分析
https://xz.aliyun.com/t/11341
https://xz.aliyun.com/t/11341
ATT&CK矩阵的攻与防
https://xz.aliyun.com/t/11347
https://xz.aliyun.com/t/11347
FirmSec-物联网固件中的第三方组件安全性研究
https://mp.weixin.qq.com/s/s7JwCRrzvF5kFc8aNvQ5xg
https://mp.weixin.qq.com/s/s7JwCRrzvF5kFc8aNvQ5xg
端口扫描技术实现分析
https://www.anquanke.com/post/id/272878
https://www.anquanke.com/post/id/272878
恶意npm包的自动化挖掘方法
https://mp.weixin.qq.com/s/VZ83yYVphJHOarhaexhy7A
https://mp.weixin.qq.com/s/VZ83yYVphJHOarhaexhy7A
兰德深度报告-美国商业太空能力与市场概述
https://mp.weixin.qq.com/s/7aC8RHMil--jTRms9jMU1A
https://mp.weixin.qq.com/s/7aC8RHMil--jTRms9jMU1A
Twitter 威胁情报跟踪与评估
https://mp.weixin.qq.com/s/wUrV3rGolpDeWDYKArcBJg
https://mp.weixin.qq.com/s/wUrV3rGolpDeWDYKArcBJg
RSAC 2022 – 创新沙盒观感 (1)
https://mp.weixin.qq.com/s/WRG25tuSEuGMHAZ6vfFjVg
https://mp.weixin.qq.com/s/WRG25tuSEuGMHAZ6vfFjVg
图神经网络及认知推理总结和普及
https://blog.csdn.net/Eastmount/article/details/125016409
https://blog.csdn.net/Eastmount/article/details/125016409
CobaltStrike WebServer特征分析
https://mp.weixin.qq.com/s/hNFVTRINKbBiOQiOf0WTMA
https://mp.weixin.qq.com/s/hNFVTRINKbBiOQiOf0WTMA
Fuzzm: 针对WebAssembly内存错误的模糊测试
https://zhuanlan.zhihu.com/p/523207785
https://zhuanlan.zhihu.com/p/523207785
-----微信ID:SecWiki-----
SecWiki,12年来一直专注安全技术资讯分析!
SecWiki:https://www.sec-wiki.com本期原文地址: SecWiki周刊(第431期)
