SecWiki周刊(第65期)
2015/05/25-2015/05/31
安全资讯
Sniffing and tracking wearable tech and smartphones
http://www.net-security.org/secworld.php?id=18422
http://www.net-security.org/secworld.php?id=18422
携程全线瘫痪,传言代码被恶意删除
http://www.freebuf.com/news/68558.html
http://www.freebuf.com/news/68558.html
Exodus Intelligence 2015 Training Courses
http://blog.exodusintel.com/2014/12/11/2015-training-courses/
http://blog.exodusintel.com/2014/12/11/2015-training-courses/
企业安全涵盖哪些事情
http://www.ayazero.com/?p=19
http://www.ayazero.com/?p=19
成人交友站AdultFriendFinder数据库泄露
http://silic.org:81/post/AdultFriendFinder_Database_Dumped
http://silic.org:81/post/AdultFriendFinder_Database_Dumped
安全技术
从Web页面直接调用USB接口API
http://reillyeon.github.io/webusb/
http://reillyeon.github.io/webusb/
CodeXplorer自动识别虚表调用
https://github.com/REhints/HexRaysCodeXplorer/releases/tag/1.7
https://github.com/REhints/HexRaysCodeXplorer/releases/tag/1.7
KDD 2015 Accepted Papers
http://www.kdd.org/kdd2015/program.html#
http://www.kdd.org/kdd2015/program.html#
用Python解密手机QQ聊天记录
http://www.freebuf.com/articles/terminal/68224.html
http://www.freebuf.com/articles/terminal/68224.html
用机器学习识别随机生成的C&C域名
http://drops.wooyun.org/tips/6220
http://drops.wooyun.org/tips/6220
Android 9patch 图片解析堆溢出漏洞分析(CVE-2015-1532)
http://security.tencent.com/index.php/blog/msg/85
http://security.tencent.com/index.php/blog/msg/85
When is something overflowing
https://speakerdeck.com/zer0mem/when-is-something-overflowing
https://speakerdeck.com/zer0mem/when-is-something-overflowing
DEF CON 23 QUALS WRITE-UPS
https://www.defcon.org/html/links/dc-ctf.html#dc23ctfquals
https://www.defcon.org/html/links/dc-ctf.html#dc23ctfquals
Reconnaissance tool for GitHub organizations
https://github.com/michenriksen/gitrob
https://github.com/michenriksen/gitrob
PHP自动化白盒审计技术与实现
http://drops.wooyun.org/tips/6261
http://drops.wooyun.org/tips/6261
新开普Newcapec高校一卡通渗透思路
http://silic.org:81/post/Newcapec_Card_System_Cracked
http://silic.org:81/post/Newcapec_Card_System_Cracked
The Empire Strikes Back Apple
https://reverse.put.as/2015/05/29/the-empire-strikes-back-apple-how-your-mac-firmware-security-is-completely-broken/
https://reverse.put.as/2015/05/29/the-empire-strikes-back-apple-how-your-mac-firmware-security-is-completely-broken/
Snowman: a native code to C/C++ decompiler
https://github.com/yegord/snowman
https://github.com/yegord/snowman
Official Kali Linux Docker Images | Kali Linux
https://www.kali.org/news/official-kali-linux-docker-images/
https://www.kali.org/news/official-kali-linux-docker-images/
Heap Models For Exploit Systems
http://openwall.info/wiki/_media/people/jvanegue/files/spw15_heap_models_vanegue.pdf
http://openwall.info/wiki/_media/people/jvanegue/files/spw15_heap_models_vanegue.pdf
来自 ttyS0 的 Netgear 固件逆向
http://dwz.cn/MjZDK
http://dwz.cn/MjZDK
eu-14-Javed-Revisiting-XSS-Sanitization-wp.pdf
https://www.blackhat.com/docs/eu-14/materials/eu-14-Javed-Revisiting-XSS-Sanitization-wp.pdf
https://www.blackhat.com/docs/eu-14/materials/eu-14-Javed-Revisiting-XSS-Sanitization-wp.pdf
200 的开放源码项目后: 源代码静态分析经验
http://dwz.cn/MjZCy
http://dwz.cn/MjZCy
HackSys 极其脆弱的驱动
https://github.com/hacksysteam/HackSysExtremeVulnerableDriver
https://github.com/hacksysteam/HackSysExtremeVulnerableDriver
kaggle competition Microsoft malware classification
https://github.com/xiaozhouwang/kaggle_Microsoft_Malware
https://github.com/xiaozhouwang/kaggle_Microsoft_Malware
Analysis of a MICROSOFT WORD INTRUDER sample
http://blog.0x3a.com/post/117760824504/analysis-of-a-microsoft-word-intruder-sample
http://blog.0x3a.com/post/117760824504/analysis-of-a-microsoft-word-intruder-sample
hitbsecconf 2015 ams slide
https://conference.hitb.org/hitbsecconf2015ams/materials/
https://conference.hitb.org/hitbsecconf2015ams/materials/
angr, a static and concolic binary analysis framework
http://angr.re/
http://angr.re/
OWASP dependency-check
https://github.com/jeremylong/DependencyCheck
https://github.com/jeremylong/DependencyCheck
Embedded Device Security & Zollard Botnet Analysis
http://blog.balicbilisim.com/embedded-device-security-zollard-botnet-analysis/
http://blog.balicbilisim.com/embedded-device-security-zollard-botnet-analysis/
NitlovePOS: Another New POS Malware
https://www.fireeye.com/blog/threat-research/2015/05/nitlovepos_another.html
https://www.fireeye.com/blog/threat-research/2015/05/nitlovepos_another.html
利用固件和硬件攻击虚拟机监控程序
http://dwz.cn/MjZDO
http://dwz.cn/MjZDO
WebPwn3r - Web Applications Security Scanner
http://www.kitploit.com/2014/04/webpwn3r-web-applications-security.html
http://www.kitploit.com/2014/04/webpwn3r-web-applications-security.html
黑客防线2015年第4期杂志
http://www.hacker.com.cn/show-7-2747-1.html
http://www.hacker.com.cn/show-7-2747-1.html
Exploiting PHP Part 3: Popping Remote Shells
http://www.inulledmyself.com/2015/05/exploiting-memory-corruption-bugs-in.html
http://www.inulledmyself.com/2015/05/exploiting-memory-corruption-bugs-in.html
JIT 引擎触发 RowHammer 可行性研究
http://vdisk.weibo.com/s/qn_cPhjlNXSG2
http://vdisk.weibo.com/s/qn_cPhjlNXSG2
IDA PLUG-IN WRITING IN C/C++
http://www.binarypool.com/idapluginwriting/idapw.pdf
http://www.binarypool.com/idapluginwriting/idapw.pdf
Naikon APT 与 MsnMM 运动
http://dwz.cn/LBVFO
http://dwz.cn/LBVFO
AdFind command examples
http://social.technet.microsoft.com/wiki/contents/articles/7535.adfind-command-examples.aspx
http://social.technet.microsoft.com/wiki/contents/articles/7535.adfind-command-examples.aspx
Netflix工程总监眼中的分类算法:深度学习优先级最低
http://www.csdn.net/article/2015-05-24/2824758
http://www.csdn.net/article/2015-05-24/2824758
从客户端游戏漏洞看开发中的安全隐患
http://drops.wooyun.org/papers/6238
http://drops.wooyun.org/papers/6238
PDF - Mess with the web
http://insert-script.blogspot.co.at/2015/05/pdf-mess-with-web.html
http://insert-script.blogspot.co.at/2015/05/pdf-mess-with-web.html
CVE-2015-3090 (Flash up to 17.0.0.169) and Exploit Kits
http://malware.dontneedcoffee.com/2015/05/cve-2015-3090-flash-up-to-1700169-and.html
http://malware.dontneedcoffee.com/2015/05/cve-2015-3090-flash-up-to-1700169-and.html
HITB 2015 阿姆斯特丹会议资料下载
http://dwz.cn/MjZCD
http://dwz.cn/MjZCD
DAMM - Differential Analysis of Malware in Memory
http://www.kitploit.com/2014/11/damm-differential-analysis-of-malware.html
http://www.kitploit.com/2014/11/damm-differential-analysis-of-malware.html
We Don’t Know Sh—. You Don’t Know Sh—.
https://securosis.com/blog/we-dont-know-sh-.-you-dont-know-sh
https://securosis.com/blog/we-dont-know-sh-.-you-dont-know-sh
The RESTful cookbook
http://restcookbook.com/
http://restcookbook.com/
Python识别网站验证码
http://drops.wooyun.org/tips/6313
http://drops.wooyun.org/tips/6313
TRAFFIC ANALYSIS EXERCISE
http://malware-traffic-analysis.net/2015/05/08/index.html
http://malware-traffic-analysis.net/2015/05/08/index.html
idaref:IDA Pro Instruction Reference Plugin
https://github.com/nologic/idaref
https://github.com/nologic/idaref
恶意代码分析
http://resources.infosecinstitute.com/windows-functions-in-malware-analysis-cheat-sheet-part-1/
http://resources.infosecinstitute.com/windows-functions-in-malware-analysis-cheat-sheet-part-1/
Tracking Internet threats by visualizing IP and DNS data
https://www.youtube.com/watch?v=QbCCLXFhuls&feature=youtu.be
https://www.youtube.com/watch?v=QbCCLXFhuls&feature=youtu.be
一例针对中国政府机构的准APT攻击中所使用的样本分析
http://www.antiy.com/response/APT-TOCS.html
http://www.antiy.com/response/APT-TOCS.html
Tool to detect and correct vulnerabilities in PHP
http://www.kitploit.com/2014/11/web-application-protection-tool-to.html
http://www.kitploit.com/2014/11/web-application-protection-tool-to.html
Mixed-Mode Malware and Its Analysis
http://ranger.uta.edu/~csallner/papers/aboughadareh14mixed.pdf
http://ranger.uta.edu/~csallner/papers/aboughadareh14mixed.pdf
Angler Exploit kit breaks Referer chain using HTTPS to HTTP redirection
https://hiddencodes.wordpress.com/2015/05/29/angler-exploit-kit-breaks-referer-chain-using-https-to-http-redirection/
https://hiddencodes.wordpress.com/2015/05/29/angler-exploit-kit-breaks-referer-chain-using-https-to-http-redirection/
二进制漏洞之——邪恶的printf
http://drops.wooyun.org/binary/6259
http://drops.wooyun.org/binary/6259
Bandit Walkthrough
http://drops.wooyun.org/tips/6211
http://drops.wooyun.org/tips/6211
XSS Horror Show
http://businessinfo.co.uk/labs/talk/XSS_Horror_Show.pptx
http://businessinfo.co.uk/labs/talk/XSS_Horror_Show.pptx
执行Lua脚本的Android恶意程序
http://blog.avlyun.com/2015/05/2280/%e6%89%a7%e8%a1%8clua%e8%84%9a%e6%9c%ac%e7%9a%84android%e6%81%b6%e6%84%8f%e7%a8%8b%e5%ba%8f/
http://blog.avlyun.com/2015/05/2280/%e6%89%a7%e8%a1%8clua%e8%84%9a%e6%9c%ac%e7%9a%84android%e6%81%b6%e6%84%8f%e7%a8%8b%e5%ba%8f/
RSA Incident Response: An APT Case Study
https://blogs.rsa.com/wp-content/uploads/2015/05/RSA-IR-Case-Study.pdf
https://blogs.rsa.com/wp-content/uploads/2015/05/RSA-IR-Case-Study.pdf
DD - DebugDetector
https://github.com/zer0fl4g/DebugDetector
https://github.com/zer0fl4g/DebugDetector
XSS Theory Framework.png
http://www.pkav.net/XSS.png
http://www.pkav.net/XSS.png
-----微信ID:SecWiki-----
SecWiki,12年来一直专注安全技术资讯分析!
SecWiki:https://www.sec-wiki.com本期原文地址: SecWiki周刊(第65期)
