SecWiki周刊(第8期)
2014/04/21-2014/04/27
安全技术
[其它]  Heartbleed test script for OpenVPN
https://github.com/falstaff84/heartbleed_test_openvpn
[其它]  Symantec 《2014互联网安全报告》
http://www.valleytalk.org/wp-content/uploads/2014/04/2014security.pdf
[其它]  Cisco’s Hadoop-Based Security Tool
http://www.isssource.com/ciscos-hadoop-based-security-tool/
[Web安全]  Nessus, OpenVAS and Nexpose VS Metasploitable
http://hackertarget.com/nessus-openvas-nexpose-vs-metasploitable/
[运维安全]  报警助手介绍
http://noops.me/?p=1483
[Web安全]  IronWASP:web security scannners
https://ironwasp.org/index.html
[Web安全]  WebPwn3r - Web Applications Security Scanner
https://github.com/zigoo0/webpwn3r
[漏洞分析]  漏扫工具AWVS命令执行
http://drops.wooyun.org/papers/1501
[其它]  ssl-hearbleed.nse mod
http://blog.didierstevens.com/2014/04/24/ssl-hearbleed-nse-mod/
[其它]  流量劫持能有多大危害
http://fex.baidu.com/blog/2014/04/traffic-hijack-2
[编程技术]  neocrawler:nodejs 的爬虫系统
http://git.oschina.net/dreamidea/neocrawler
[移动安全]  iOS Malware Campaign "Unflod Baby Panda"
https://www.sektioneins.de/en/blog/14-04-18-iOS-malware-campaign-unflod-baby-panda.html
[恶意分析]  malwarez:Malware visualization on earth map
https://github.com/YakindanEgitim/malwarez
[书籍]  Android Hacker's Handbook
http://pan.baidu.com/s/1dDGJj25
[Web安全]  Scream: Write-up
http://paulsec.github.io/blog/2014/04/16/scream-write-up/
[数据挖掘]  Crab:Recommender Systems Framework in Python
http://muricoca.github.io/crab/
[Web安全]  Cobalt Strike 之团队服务器的搭建与DNS通讯演示
http://drops.wooyun.org/tools/1475
[编程技术]  2014腾讯校园招聘实习技术类笔试题目
http://www.netknight.in/archives/440/
[恶意分析]  Malware Analysis: Cryptocurrency-mining Malware Running on DVRs
http://blogs.avg.com/news-threats/cryptocurrency-mining-dvr-malware/
[Web安全]  php渗透测试技巧-文件操作
http://www.secoff.net/archives/206.html
[运维安全]  从cloudstack默认配置看NFS安全
http://drops.wooyun.org/tips/1473
[杂志]  [EZINE] (FuckTheSystem) FTS Zine 5
http://www.exploit-db.com/papers/32984/
[设备安全]  Another backdoor in my router
http://www.synacktiv.com/ressources/TCP32764_backdoor_again.pdf
[恶意分析]  An SMS Trojan with global ambitions
http://www.securelist.com/en/blog/8209/An_SMS_Trojan_with_global_ambitions
[运维安全]  Iptables入门教程
http://drops.wooyun.org/tips/1424
[设备安全]  为LTE小区搜索程序加入HackRF支持
http://www.hackrf.net/2014/04/lte-hackrf/
[移动安全]  XDS: Cross-Device Scripting Attacks
http://drops.wooyun.org/papers/1472
[漏洞分析]  part 1: disassembling and understanding shellcode
http://hackerforhire.com.au/part-1-disassembling-and-understanding-shellcode/
[编程技术]  自定义google map marker、tooltips、toggle switch、map style
http://blog.segmentfault.com/jy00295005/1190000000474972
[编程技术]  Phonegap踩过的坑
http://snoopyxdy.blog.163.com/blog/static/60117440201432491123551
[设备安全]  Privilege Escalation Vulnerability in Cisco ASA's SSL VPN
http://blog.spiderlabs.com/2014/04/privilege-escalation-vulnerability-in-cisco-asas-ssl-vpn.html
[Web安全]  ColdFusion(CVE-2010-2861) 本地包含利用方法
http://drops.wooyun.org/tips/1410
[杂志]  《安全参考》HACKCTO-201404-16
http://pan.baidu.com/s/1ntiCHdR
安全专题
Android系统下的渗透工具
https://www.sec-wiki.com/topic/45
-----微信ID:SecWiki-----
SecWiki,12年来一直专注安全技术资讯分析!
SecWiki:https://www.sec-wiki.com

本期原文地址: SecWiki周刊(第8期)