SecWiki周刊(第49期)
2015/02/02-2015/02/08
安全资讯
一种新型的DDoS:“胡乱域名”攻击
http://www.aqniu.com/threat-alert/6568.html
http://www.aqniu.com/threat-alert/6568.html
初创公司通过CPU拦截恶意软件
http://www.aqniu.com/neotech/6497.html
http://www.aqniu.com/neotech/6497.html
奥巴马要求140亿美元建立网络空间安全
http://www.aqniu.com/news/6529.html
http://www.aqniu.com/news/6529.html
2月3日sec-un安全技术沙龙技术观点速记
http://www.sec-un.org/february-3-sec-un-security-technology-salon-technical-shorthand.html
http://www.sec-un.org/february-3-sec-un-security-technology-salon-technical-shorthand.html
SyScan'15 Singapore program
https://www.syscan.org/index.php/sg/program
https://www.syscan.org/index.php/sg/program
安全技术
TangScan:唐朝Web漏洞扫描器框架
https://github.com/WooYun/TangScan
https://github.com/WooYun/TangScan
Microsoft Windows Server 2003 SP2(CVE-2014-4076)本地提权(含exp)
http://www.cnxhacker.com/2015/02/02/6966.html
http://www.cnxhacker.com/2015/02/02/6966.html
Android Banking Trojan and SMS stealer floating in the wild
http://research.zscaler.com/2015/02/android-banking-trojan-and-sms-stealer.html
http://research.zscaler.com/2015/02/android-banking-trojan-and-sms-stealer.html
谷歌全球ip地址库,妈妈再也不用担心我上不去谷歌啦~
http://www.cnxhacker.com/2014/06/11/424.html
http://www.cnxhacker.com/2014/06/11/424.html
通过javascript破解TP-Link路由器(含Poc和视频)
http://www.cnxhacker.com/2015/02/05/7084.html
http://www.cnxhacker.com/2015/02/05/7084.html
leakScan:在线漏洞扫描
https://github.com/Skycrab/leakScan
https://github.com/Skycrab/leakScan
wydomain:目标系统信息收集组件
https://github.com/ring04h/wydomain
https://github.com/ring04h/wydomain
文件系统取证分析(第11章:NTFS概念)
http://www.cnblogs.com/skogkatt/p/4246783.html
http://www.cnblogs.com/skogkatt/p/4246783.html
iptraf: A TCP/UDP Network Monitoring Utility | Unixmen
http://www.unixmen.com/iptraf-tcpudp-network-monitoring-utility/
http://www.unixmen.com/iptraf-tcpudp-network-monitoring-utility/
A sample of malware I analyzed
https://raw.githubusercontent.com/arvinddoraiswamy/blahblah/master/somevirus.pdf
https://raw.githubusercontent.com/arvinddoraiswamy/blahblah/master/somevirus.pdf
Angler Exploit Kit – New Variants
http://blogs.cisco.com/security/talos/angler-variants
http://blogs.cisco.com/security/talos/angler-variants
逆向分析 360 for linux 版本
http://v2ex.com/t/168194#reply0
http://v2ex.com/t/168194#reply0
电子取证实例:基于文件系统的磁盘数据取证分析
http://www.freebuf.com/articles/system/57804.html
http://www.freebuf.com/articles/system/57804.html
Python scripts for reverse engineering.
https://github.com/tandasat/scripts_for_RE
https://github.com/tandasat/scripts_for_RE
笔记: Data Retrieval over DNS in SQL Injection Attacks
https://www.ricter.me/posts/%E7%AC%94%E8%AE%B0:%20Data%20Retrieval%20over%20DNS%20in%20SQL%20Injection%20Attacks
https://www.ricter.me/posts/%E7%AC%94%E8%AE%B0:%20Data%20Retrieval%20over%20DNS%20in%20SQL%20Injection%20Attacks
Akamai互联网安全情报:2014年第四季度DDoS报告
http://www.aqniu.com/security-reports/6509.html
http://www.aqniu.com/security-reports/6509.html
wyportmap:目标端口扫描+系统服务指纹识别
https://github.com/ring04h/wyportmap
https://github.com/ring04h/wyportmap
Awk 20 分钟入门介绍
http://blog.jobbole.com/83844/
http://blog.jobbole.com/83844/
libfacedetection:人脸检测库
https://github.com/ShiqiYu/libfacedetection
https://github.com/ShiqiYu/libfacedetection
How To Keep A Process Running After Putty Or SSH Session Closed
http://www.unixmen.com/linux-troubleshooting-keep-process-running-putty-ssh-session-closed/
http://www.unixmen.com/linux-troubleshooting-keep-process-running-putty-ssh-session-closed/
Dshell:a network forensic analysis framework.
https://github.com/USArmyResearchLab/Dshell
https://github.com/USArmyResearchLab/Dshell
RansomWeb:一种新兴的web安全威胁
http://drops.wooyun.org/papers/4834
http://drops.wooyun.org/papers/4834
理解php对象注入
http://drops.wooyun.org/papers/4820
http://drops.wooyun.org/papers/4820
Account Hunting for Invoke-TokenManipulation
https://www.trustedsec.com/january-2015/account-hunting-invoke-tokenmanipulation/
https://www.trustedsec.com/january-2015/account-hunting-invoke-tokenmanipulation/
Exploiting “BadIRET” (CVE-2014-9322, Linux kernel privilege escalation)
http://labs.bromium.com/2015/02/02/exploiting-badiret-vulnerability-cve-2014-9322-linux-kernel-privilege-escalation/
http://labs.bromium.com/2015/02/02/exploiting-badiret-vulnerability-cve-2014-9322-linux-kernel-privilege-escalation/
CPU backdoors
http://danluu.com/cpu-backdoors/
http://danluu.com/cpu-backdoors/
PortEx:a Java library for static malware analysis of portable executable file
http://katjahahn.github.io/PortEx/
http://katjahahn.github.io/PortEx/
从源码编译Chrome(chromium)
http://wendal.net/2015/02/04.html
http://wendal.net/2015/02/04.html
Dumping Ad Hashes Without Process Injection
http://www.securitytube.net/video/12286?utm_source=HT&utm_medium=twitter&utm_campaign=SM
http://www.securitytube.net/video/12286?utm_source=HT&utm_medium=twitter&utm_campaign=SM
Analysis on Internet Explorer's UXSS
http://innerht.ml/blog/ie-uxss.html
http://innerht.ml/blog/ie-uxss.html
Best Security Podcasts
http://resources.infosecinstitute.com/best-security-podcasts/
http://resources.infosecinstitute.com/best-security-podcasts/
ToolsWatch Newsletter January 2015
http://www.toolswatch.org/2015/02/toolswatch-newsletter-january-2015/
http://www.toolswatch.org/2015/02/toolswatch-newsletter-january-2015/
Comparing DOM based XSS Identification Tools on Rea Vulnerability
http://blog.mindedsecurity.com/2015/02/comparing-dom-based-xss-identification.html
http://blog.mindedsecurity.com/2015/02/comparing-dom-based-xss-identification.html
VolatilityBot – An automated malicious code dumper
http://fightingmalware.com/blog/?p=221
http://fightingmalware.com/blog/?p=221
黑客防线2015年第1期杂志
http://www.hacker.com.cn/show-7-2743-1.html
http://www.hacker.com.cn/show-7-2743-1.html
An In-depth analysis of the Fiesta Exploit Kit: An infection in 2015
http://blog.0x3a.com/post/110052845124/an-in-depth-analysis-of-the-fiesta-exploit-kit-an
http://blog.0x3a.com/post/110052845124/an-in-depth-analysis-of-the-fiesta-exploit-kit-an
Python中的高级数据结构
http://python.jobbole.com/65218/
http://python.jobbole.com/65218/
2014 Static Analysis Benchmarks
http://blog.regehr.org/archives/1217
http://blog.regehr.org/archives/1217
Symbolic execution in vuln research
http://lcamtuf.blogspot.com/2015/02/symbolic-execution-in-vuln-research.html
http://lcamtuf.blogspot.com/2015/02/symbolic-execution-in-vuln-research.html
CMSmap:a python open source CMS scanner
https://github.com/dionach/CMSmap
https://github.com/dionach/CMSmap
A New Zero-Day of Adobe Flash CVE-2015-0313 Exploited in the Wild
http://blog.spiderlabs.com/2015/02/a-new-zero-day-of-adobe-flash-cve-2015-0313-exploited-in-the-wild.html
http://blog.spiderlabs.com/2015/02/a-new-zero-day-of-adobe-flash-cve-2015-0313-exploited-in-the-wild.html
实例详解机器学习如何解决问题
http://tech.meituan.com/mt-mlinaction-how-to-ml.html
http://tech.meituan.com/mt-mlinaction-how-to-ml.html
Exploiting “BadIRET” vulnerability
https://raw.githubusercontent.com/citypw/citypw-SCFE/master/security/Documentation/exp_badiret_CVE-2014-9322.txt
https://raw.githubusercontent.com/citypw/citypw-SCFE/master/security/Documentation/exp_badiret_CVE-2014-9322.txt
-----微信ID:SecWiki-----
SecWiki,12年来一直专注安全技术资讯分析!
SecWiki:https://www.sec-wiki.com本期原文地址: SecWiki周刊(第49期)
