SecWiki周刊(第47期)
2015/01/19-2015/01/25
安全资讯
白帽黑客吐嘈《骇客交锋》:一部极烂的黑客电影
http://www.aqniu.com/news/6399.html
http://www.aqniu.com/news/6399.html
Exploit Kits: A Fast Growing Threat
https://blog.malwarebytes.org/exploits-2/2015/01/exploit-kits-a-fast-growing-threat/
https://blog.malwarebytes.org/exploits-2/2015/01/exploit-kits-a-fast-growing-threat/
热门游戏《英雄联盟》和《流放之路》官方版本中被植入木马后门
http://www.freebuf.com/news/57062.html
http://www.freebuf.com/news/57062.html
Thousands of U.S. gas stations exposed to Internet attacks
http://www.networkworld.com/article/2874753/thousands-of-us-gas-stations-exposed-to-internet-attacks.html#tk.rss_all
http://www.networkworld.com/article/2874753/thousands-of-us-gas-stations-exposed-to-internet-attacks.html#tk.rss_all
Weakest, common passwords of 2014 revealed
http://www.welivesecurity.com/2015/01/21/weakest-common-passwords-2014-revealed/
http://www.welivesecurity.com/2015/01/21/weakest-common-passwords-2014-revealed/
1800 Minecraft logins leak online
http://www.welivesecurity.com/2015/01/20/1800-minecraft-logins-leak-online/
http://www.welivesecurity.com/2015/01/20/1800-minecraft-logins-leak-online/
关于安全威胁情报的问卷调研结果分享
http://www.sec-un.org/results-of-questionnaire-survey-on-security-threat-intelligence-sharing.html
http://www.sec-un.org/results-of-questionnaire-survey-on-security-threat-intelligence-sharing.html
Unpatched Vulnerability (0day) in Flash Player is being exploited
http://malware.dontneedcoffee.com/2015/01/unpatched-vulnerability-0day-in-flash.html
http://malware.dontneedcoffee.com/2015/01/unpatched-vulnerability-0day-in-flash.html
第二代防火墙标准发布会即将在京召开
http://www.nsfocus.com.cn/news/201501/902.html
http://www.nsfocus.com.cn/news/201501/902.html
我关于手机安全的部分观点
http://www.weibo.com/p/1001603796524613155744
http://www.weibo.com/p/1001603796524613155744
Chinese MITM attack on outlook.com
http://www.netresec.com/?page=Blog&month=2015-01&post=Chinese-MITM-attack-on-outlook-com
http://www.netresec.com/?page=Blog&month=2015-01&post=Chinese-MITM-attack-on-outlook-com
英美两国扩大网络空间安全合作协议
http://www.aqniu.com/news/6383.html
http://www.aqniu.com/news/6383.html
雷峰沙龙ASRC上海白帽子交流会总结
http://www.weibo.com/p/1001603801026883881684
http://www.weibo.com/p/1001603801026883881684
The Digital Arms Race: NSA Preps America for Future Battle
http://www.spiegel.de/international/world/new-snowden-docs-indicate-scope-of-nsa-preparations-for-cyber-battle-a-1013409.html
http://www.spiegel.de/international/world/new-snowden-docs-indicate-scope-of-nsa-preparations-for-cyber-battle-a-1013409.html
安全技术
Github敏感信息收集工具Gitrob介绍
http://www.91ri.org/11928.html
http://www.91ri.org/11928.html
深入解读MS14-068漏洞:微软精心策划的后门?
http://www.freebuf.com/vuls/56081.html
http://www.freebuf.com/vuls/56081.html
Google account hijacking via exploitation of XSS flaw | Security Affairs
http://securityaffairs.co/wordpress/32615/hacking/google-account-hijacking-via-xss.html
http://securityaffairs.co/wordpress/32615/hacking/google-account-hijacking-via-xss.html
首次现身中国的CTB-Locker“比特币敲诈者”病毒分析
http://www.freebuf.com/vuls/57033.html
http://www.freebuf.com/vuls/57033.html
通付盾开源第一代安全加固方案(dex文件整体加密)
https://github.com/SharkTeam
https://github.com/SharkTeam
一条命令实现无文件兼容性强的反弹后门
http://zone.wooyun.org/content/18244
http://zone.wooyun.org/content/18244
深入理解Yii2.0
http://www.digpage.com/index.html
http://www.digpage.com/index.html
Our Favorite Presentations from ShmooCon 2015
http://researchcenter.paloaltonetworks.com/2015/01/favorite-presentations-shmoocon-2015/
http://researchcenter.paloaltonetworks.com/2015/01/favorite-presentations-shmoocon-2015/
高手对决 -- 博客服务器被黑的故事
http://yafeilee.me/blogs/54be6e876c69341430050000
http://yafeilee.me/blogs/54be6e876c69341430050000
Pocket Hacking: NetHunter实战指南
http://drops.wooyun.org/tips/4634
http://drops.wooyun.org/tips/4634
python和django的目录遍历漏洞(任意文件读取)
http://www.lijiejie.com/python-django-directory-traversal/
http://www.lijiejie.com/python-django-directory-traversal/
Analysis and Detection of Heap-based Malwares Using Introspection in a Virtualiz
http://scholarworks.uno.edu/cgi/viewcontent.cgi?article=2947&context=td
http://scholarworks.uno.edu/cgi/viewcontent.cgi?article=2947&context=td
BSides Columbus 2015 Videos
http://www.irongeek.com/i.php?page=videos/bsidescolumbus2015/mainlist
http://www.irongeek.com/i.php?page=videos/bsidescolumbus2015/mainlist
新型渗透测试系统-Parrot Security OS-☜-ACHE-²º¹³
http://r1-r1.com/post/402411_5745698
http://r1-r1.com/post/402411_5745698
PEDA - Python Exploit Development Assistance for GDB
https://github.com/longld/peda
https://github.com/longld/peda
使用 GitHub / GitLab 的 Webhooks 进行网站自动化部署
http://www.lovelucy.info/auto-deploy-website-by-webhooks-of-github-and-gitlab.html
http://www.lovelucy.info/auto-deploy-website-by-webhooks-of-github-and-gitlab.html
ProcDOT:a new way of visual malware analysis
http://www.procdot.com/
http://www.procdot.com/
Mathy Vanhoef: Reversing and Exploiting ARM Binaries: rwthCTF Trafman
http://www.mathyvanhoef.com/2013/12/reversing-and-exploiting-arm-binaries.html
http://www.mathyvanhoef.com/2013/12/reversing-and-exploiting-arm-binaries.html
Rsync path spoofing attack vulnerability (CVE-2014-9512)
http://xteam.baidu.com/?p=169
http://xteam.baidu.com/?p=169
AVM FRITZ!Box: Firmware Signature Bypass
https://www.redteam-pentesting.de/en/advisories/rt-sa-2014-010/-avm-fritz-box-firmware-signature-bypass
https://www.redteam-pentesting.de/en/advisories/rt-sa-2014-010/-avm-fritz-box-firmware-signature-bypass
Ghost In The Shellcode 2015 CTF Write-up
http://labs.jumpsec.com/2015/01/19/ghost-shellcode-2015-ctf-write-cloudfs-challenge/
http://labs.jumpsec.com/2015/01/19/ghost-shellcode-2015-ctf-write-cloudfs-challenge/
廉价Arduino山寨板制作teensy
http://lcx.cc/?i=4482
http://lcx.cc/?i=4482
如何发现 NTP 放大攻击漏洞
http://drops.wooyun.org/tips/4715
http://drops.wooyun.org/tips/4715
Which Programming Language Should I Learn First?
http://carlcheo.com/startcoding?utm_content=buffer86253&utm_medium=social&utm_source=twitter.com&utm_campaign=buffer
http://carlcheo.com/startcoding?utm_content=buffer86253&utm_medium=social&utm_source=twitter.com&utm_campaign=buffer
关于webshell验证存活工具编写及思考
https://sobug.com/article/detail/5
https://sobug.com/article/detail/5
PDF deconstruído al aroma de shellcode (III)
http://www.securityartwork.es/2014/10/21/pdf-deconstruido-al-aroma-de-shellcode-iii/
http://www.securityartwork.es/2014/10/21/pdf-deconstruido-al-aroma-de-shellcode-iii/
Nullcon HackIM 2015: Forensics 500 writeup
https://zairon.wordpress.com/2015/01/19/nullcon-hackim-2015-forensics-500-writeup/
https://zairon.wordpress.com/2015/01/19/nullcon-hackim-2015-forensics-500-writeup/
Metasploit渗透技巧:后渗透Meterpreter代理
http://www.freebuf.com/tools/56432.html
http://www.freebuf.com/tools/56432.html
Windows 存储设备栈分析
http://blog.jowto.com/?p=97
http://blog.jowto.com/?p=97
Exploiting NVMAP to escape the Chrome sandbox - CVE-2014-5332
http://googleprojectzero.blogspot.it/2015/01/exploiting-nvmap-to-escape-chrome.html
http://googleprojectzero.blogspot.it/2015/01/exploiting-nvmap-to-escape-chrome.html
GSM HACK的另一种方法:RTL-SDR
http://drops.wooyun.org/papers/4716
http://drops.wooyun.org/papers/4716
11 open source security tools catching fire on GitHub
http://www.infoworld.com/article/2606779/security/163151-11-open-source-security-tools-catching-fire-on-GitHub.html
http://www.infoworld.com/article/2606779/security/163151-11-open-source-security-tools-catching-fire-on-GitHub.html
对抗机器人:打造前后端结合的WAF(应用层防火墙)
http://www.freebuf.com/articles/web/57172.html
http://www.freebuf.com/articles/web/57172.html
Linux下基于内存分析的Rootkit检测方法
http://drops.wooyun.org/tips/4731
http://drops.wooyun.org/tips/4731
淘宝内部分享:MySQL & MariaDB性能优化
http://www.tuicool.com/articles/Uz2aqeM
http://www.tuicool.com/articles/Uz2aqeM
PEP 8 - Style Guide for Python Code
https://www.python.org/dev/peps/pep-0008/
https://www.python.org/dev/peps/pep-0008/
用MeCab打造一套实用的中文分词系统
http://www.52nlp.cn/%e7%94%a8mecab%e6%89%93%e9%80%a0%e4%b8%80%e5%a5%97%e5%ae%9e%e7%94%a8%e7%9a%84%e4%b8%ad%e6%96%87%e5%88%86%e8%af%8d%e7%b3%bb%e7%bb%9f
http://www.52nlp.cn/%e7%94%a8mecab%e6%89%93%e9%80%a0%e4%b8%80%e5%a5%97%e5%ae%9e%e7%94%a8%e7%9a%84%e4%b8%ad%e6%96%87%e5%88%86%e8%af%8d%e7%b3%bb%e7%bb%9f
Malware analysis with ... Gephi?
http://www.405labs.com/blog/2015/1/21/malware-analysis-with-gephi
http://www.405labs.com/blog/2015/1/21/malware-analysis-with-gephi
Scan office documents with OfficeMalScanner
http://www.securityartwork.es/2015/01/12/destripando-documentos-ofimaticos-con-officemalscanner/
http://www.securityartwork.es/2015/01/12/destripando-documentos-ofimaticos-con-officemalscanner/
Dynamic Malware Analysis with REMnux v5 – Part 1
http://countuponsecurity.com/2015/01/13/dynamic-malware-analysis-with-remnux-v5-part-1/
http://countuponsecurity.com/2015/01/13/dynamic-malware-analysis-with-remnux-v5-part-1/
CapTipper - Malicious HTTP traffic explorer tool
http://www.omriher.com/2015/01/captipper-malicious-http-traffic.html
http://www.omriher.com/2015/01/captipper-malicious-http-traffic.html
Exploiting Un-validated HTML Form Elements
https://www.youtube.com/watch?v=CNRlg8BiJOw
https://www.youtube.com/watch?v=CNRlg8BiJOw
Examine Shellcode in a Debugger through Control of the Instructio
http://digital-forensics.sans.org/blog/2014/12/30/taking-control-of-the-instruction-pointer#.VLAphMvYpfU.twitter
http://digital-forensics.sans.org/blog/2014/12/30/taking-control-of-the-instruction-pointer#.VLAphMvYpfU.twitter
Powershell and Windows RAW SOCKET
http://x0day.me/index.php/archives/powershell-and-windows-raw-socket.html
http://x0day.me/index.php/archives/powershell-and-windows-raw-socket.html
Machine Learning for Hackers
https://github.com/wuhujun/git/raw/master/R/Machine%20Learning%20for%20Hackers.pdf
https://github.com/wuhujun/git/raw/master/R/Machine%20Learning%20for%20Hackers.pdf
libpcap 编程入门资源
http://blog.csdn.net/cnbird2008/article/details/42883969
http://blog.csdn.net/cnbird2008/article/details/42883969
Using Assembly Language in Linux--(1)
http://blog.chinaunix.net/uid-25909722-id-2881267.html
http://blog.chinaunix.net/uid-25909722-id-2881267.html
使用调试器对安卓APP进行安全测试
http://www.freebuf.com/articles/terminal/57027.html
http://www.freebuf.com/articles/terminal/57027.html
Unpatched Vulnerability (0day) in Flash Player is being exploited by Angler EK
http://malware.dontneedcoffee.com/2015/01/unpatched-vulnerability-0day-in-flash.html
http://malware.dontneedcoffee.com/2015/01/unpatched-vulnerability-0day-in-flash.html
Phishing for Credentials
https://enigma0x3.wordpress.com/2015/01/21/phishing-for-credentials-if-you-want-it-just-ask/
https://enigma0x3.wordpress.com/2015/01/21/phishing-for-credentials-if-you-want-it-just-ask/
Python Tips and Traps
https://www.airpair.com/python/posts/python-tips-and-traps
https://www.airpair.com/python/posts/python-tips-and-traps
SQL Injections in MySQL LIMIT clause
https://rateip.com/blog/sql-injections-in-mysql-limit-clause/
https://rateip.com/blog/sql-injections-in-mysql-limit-clause/
Zarp - Local Network Attack Framework http://
http://hack-tools.blackploit.com/2014/10/zarp-local-network-attack-framework.html?utm_source=dlvr.it&utm_medium=twitter
http://hack-tools.blackploit.com/2014/10/zarp-local-network-attack-framework.html?utm_source=dlvr.it&utm_medium=twitter
Glorious Leader's Not-That-Glorious Malwares
https://www.codeandsec.com/Glorious-Leaders-Not-That-Glorious-Malwares-Part-2
https://www.codeandsec.com/Glorious-Leaders-Not-That-Glorious-Malwares-Part-2
Using Kernel Rootkits to Conceal Infected MBR | MalwareTech
http://www.malwaretech.com/2015/01/using-kernel-rootkits-to-conceal.html
http://www.malwaretech.com/2015/01/using-kernel-rootkits-to-conceal.html
Shellcode in linux, Create your shellcode from asm
https://www.youtube.com/watch?v=mvatIExT-IA
https://www.youtube.com/watch?v=mvatIExT-IA
A toolkit to help you write shellcode
https://media.blackhat.com/us-13/Arsenal/us-13-Fratantonio-ShellNoob-Slides.pdf
https://media.blackhat.com/us-13/Arsenal/us-13-Fratantonio-ShellNoob-Slides.pdf
ghost-in-the-shellcode-2015 write-ups
https://github.com/ctfs/write-ups-2015/tree/master/ghost-in-the-shellcode-2015
https://github.com/ctfs/write-ups-2015/tree/master/ghost-in-the-shellcode-2015
XRay:Transparency for the Web
http://xray.cs.columbia.edu/
http://xray.cs.columbia.edu/
Linux Assembly
http://asm.sourceforge.net/
http://asm.sourceforge.net/
国外程序员整理的系统管理员资源大全
http://blog.jobbole.com/83212/
http://blog.jobbole.com/83212/
Looking back at three months of afl-fuzz
http://lcamtuf.blogspot.com/2015/01/looking-back-at-three-months-of-afl-fuzz.html
http://lcamtuf.blogspot.com/2015/01/looking-back-at-three-months-of-afl-fuzz.html
安全漏洞本质扯谈之安全漏洞“串串烧”2
http://www.weibo.com/p/1001643801038518942277
http://www.weibo.com/p/1001643801038518942277
Backdoor in a Public RSA Key
http://kukuruku.co/hub/infosec/backdoor-in-a-public-rsa-key
http://kukuruku.co/hub/infosec/backdoor-in-a-public-rsa-key
SSHGuard:Defend from brute force attacks
http://www.sshguard.net/
http://www.sshguard.net/
Mac osx_infector
https://gist.github.com/secretsquirrel/2ba497786027472f98dd
https://gist.github.com/secretsquirrel/2ba497786027472f98dd
Shellcode on linux, Crea tu shellcode apartir de asm 2
https://www.youtube.com/watch?v=k3ZSeYq0txE
https://www.youtube.com/watch?v=k3ZSeYq0txE
PDF deconstruído al aroma de shellcode ( I )
http://www.securityartwork.es/2014/09/30/pdf-deconstruido-al-aroma-de-shellcode-i/
http://www.securityartwork.es/2014/09/30/pdf-deconstruido-al-aroma-de-shellcode-i/
Awesome Penetration Testing
https://github.com/enaqx/awesome-pentest#online-resources
https://github.com/enaqx/awesome-pentest#online-resources
Using Assembly Language in Linux
http://asm.sourceforge.net/articles/linasm.html
http://asm.sourceforge.net/articles/linasm.html
Chinese Spies Stole Australia’s New F-35 Lightning-II fighter Jet Design
http://thehackernews.com/2015/01/F-35-Lightning-II-fighter-Jet-Design.html
http://thehackernews.com/2015/01/F-35-Lightning-II-fighter-Jet-Design.html
Using Assembly Language in Linux--(2)
http://blog.chinaunix.net/uid-25909722-id-2890374.html
http://blog.chinaunix.net/uid-25909722-id-2890374.html
PDF deconstruído al aroma de shellcode ( II )-
http://www.securityartwork.es/2014/10/08/pdf-deconstruido-al-aroma-de-shellcode-ii/
http://www.securityartwork.es/2014/10/08/pdf-deconstruido-al-aroma-de-shellcode-ii/
iftop: display bandwidth usage on an interface
http://www.ex-parrot.com/pdw/iftop/
http://www.ex-parrot.com/pdw/iftop/
Powershell and Windows RAW SOCKET
http://drops.wooyun.org/tips/4707
http://drops.wooyun.org/tips/4707
zxcvbn: realistic password strength estimation
https://tech.dropbox.com/2012/04/zxcvbn-realistic-password-strength-estimation/
https://tech.dropbox.com/2012/04/zxcvbn-realistic-password-strength-estimation/
亿级用户下的新浪微博平台架构
http://blog.jobbole.com/83459/
http://blog.jobbole.com/83459/
linux symbolic link attack tutorial
http://xteam.baidu.com/?p=175
http://xteam.baidu.com/?p=175
-----微信ID:SecWiki-----
SecWiki,12年来一直专注安全技术资讯分析!
SecWiki:https://www.sec-wiki.com本期原文地址: SecWiki周刊(第47期)
