SecWiki周刊(第47期)
2015/01/19-2015/01/25
安全资讯
白帽黑客吐嘈《骇客交锋》:一部极烂的黑客电影 Exploit Kits: A Fast Growing Threat 热门游戏《英雄联盟》和《流放之路》官方版本中被植入木马后门 国际学术期刊的四大巨头 Thousands of U.S. gas stations exposed to Internet attacks Weakest, common passwords of 2014 revealed 1800 Minecraft logins leak online 关于安全威胁情报的问卷调研结果分享 Unpatched Vulnerability (0day) in Flash Player is being exploited 我关于手机安全的部分观点 第二代防火墙标准发布会即将在京召开 Chinese MITM attack on outlook.com 英美两国扩大网络空间安全合作协议 雷峰沙龙ASRC上海白帽子交流会总结 The Digital Arms Race: NSA Preps America for Future Battle
安全技术
Github敏感信息收集工具Gitrob介绍 Google account hijacking via exploitation of XSS flaw | Security Affairs 深入解读MS14-068漏洞:微软精心策划的后门? 首次现身中国的CTB-Locker“比特币敲诈者”病毒分析 ubuntu渗透测试工具 通付盾开源第一代安全加固方案(dex文件整体加密) 一条命令实现无文件兼容性强的反弹后门 深入理解Yii2.0 Our Favorite Presentations from ShmooCon 2015 python和django的目录遍历漏洞(任意文件读取) Pocket Hacking: NetHunter实战指南 高手对决 -- 博客服务器被黑的故事 Analysis and Detection of Heap-based Malwares Using Introspection in a Virtualiz BSides Columbus 2015 Videos 新型渗透测试系统-Parrot Security OS-☜-ACHE-²º¹³ 使用 GitHub / GitLab 的 Webhooks 进行网站自动化部署 ProcDOT:a new way of visual malware analysis Mathy Vanhoef: Reversing and Exploiting ARM Binaries: rwthCTF Trafman Rsync path spoofing attack vulnerability (CVE-2014-9512) 廉价Arduino山寨板制作teensy PEDA - Python Exploit Development Assistance for GDB Ghost In The Shellcode 2015 CTF Write-up 如何发现 NTP 放大攻击漏洞 Which Programming Language Should I Learn First? AVM FRITZ!Box: Firmware Signature Bypass 关于webshell验证存活工具编写及思考 Nullcon HackIM 2015: Forensics 500 writeup PDF deconstruído al aroma de shellcode (III) 加油站实时监测设备的一次全球统计报告 Windows 存储设备栈分析 Metasploit渗透技巧:后渗透Meterpreter代理 美团推荐算法实践 Exploiting NVMAP to escape the Chrome sandbox - CVE-2014-5332 GSM HACK的另一种方法:RTL-SDR 11 open source security tools catching fire on GitHub 对抗机器人:打造前后端结合的WAF(应用层防火墙) 聊天机器人与自动问答技术 淘宝内部分享:MySQL & MariaDB性能优化 PEP 8 - Style Guide for Python Code Linux下基于内存分析的Rootkit检测方法 用MeCab打造一套实用的中文分词系统 Malware analysis with ... Gephi? CapTipper - Malicious HTTP traffic explorer tool Scan office documents with OfficeMalScanner Dynamic Malware Analysis with REMnux v5 – Part 1 Examine Shellcode in a Debugger through Control of the Instructio Powershell and Windows RAW SOCKET Exploiting Un-validated HTML Form Elements Machine Learning for Hackers dubbo中文参考文档 Using Assembly Language in Linux--(1) 苹果手机产品安全设计相关文章 libpcap 编程入门资源 乌云月爆第九期 Unpatched Vulnerability (0day) in Flash Player is being exploited by Angler EK 使用调试器对安卓APP进行安全测试 Python Tips and Traps Phishing for Credentials SQL Injections in MySQL LIMIT clause Zarp - Local Network Attack Framework http:// Glorious Leader's Not-That-Glorious Malwares Using Kernel Rootkits to Conceal Infected MBR | MalwareTech Shellcode in linux, Create your shellcode from asm Hack tools A toolkit to help you write shellcode ghost-in-the-shellcode-2015 write-ups 安全漏洞本质扯谈之安全漏洞“串串烧”2 Looking back at three months of afl-fuzz Linux Assembly XRay:Transparency for the Web 国外程序员整理的系统管理员资源大全 Backdoor in a Public RSA Key SSHGuard:Defend from brute force attacks Mac osx_infector PDF deconstruído al aroma de shellcode ( I ) Shellcode on linux, Crea tu shellcode apartir de asm 2 Awesome Penetration Testing Using Assembly Language in Linux Chinese Spies Stole Australia’s New F-35 Lightning-II fighter Jet Design Using Assembly Language in Linux--(2) PDF deconstruído al aroma de shellcode ( II )- Powershell and Windows RAW SOCKET iftop: display bandwidth usage on an interface zxcvbn: realistic password strength estimation 亿级用户下的新浪微博平台架构 linux symbolic link attack tutorial-----微信ID:SecWiki-----
SecWiki,12年来一直专注安全技术资讯分析!
SecWiki:https://www.sec-wiki.com
本期原文地址: SecWiki周刊(第47期)