SecWiki周刊(第84期)
2015/10/05-2015/10/11
安全资讯
[无线安全]  Hacking Wireless Printers With Phones on Drones
http://www.wired.com/2015/10/drones-robot-vacuums-can-spy-office-printer/
[视频]  方小顿《十二万个漏洞》
http://v.youku.com/v_show/id_XMTM0NjgxMzE1Mg==.html
[漏洞分析]  What’s New with Microsoft Threat Modeling Tool 2016
http://blogs.microsoft.com/cybertrust/2015/10/07/whats-new-with-microsoft-threat-modeling-tool-2016/
[漏洞分析]  HackerOne推出免费漏洞协调成熟度模型工具
http://www.aqniu.com/tools/10582.html
[恶意分析]  Behind the NSA Details and images on almost 300 patents filed
https://medium.com/silk-stories/behind-the-nsa-e0bf2c3a40c0
安全技术
[论文]  Financial Cryptography and Data Security 2015
http://fc15.ifca.ai/schedule.html
[其它]  浅析大规模DDOS防御架构-应对T级攻防
http://www.ayazero.com/?p=75
[比赛]  CTF主办方指南之对抗搅屎棍
http://drops.wooyun.org/tips/9405
[其它]  PwnWiki
http://pwnwiki.io
[运维安全]  webshell检测-日志分析
http://danqingdani.blog.163.com/blog/static/18609419520158221409771/
[Web安全]  Weblogic-Weakpassword-Scnner
https://github.com/dc3l1ne/Weblogic-Weakpassword-Scnner
[数据挖掘]  OpenGraphiti : Data Visualization Framework
http://www.opengraphiti.com/
[移动安全]  APK decompiler online
http://www.javadecompilers.com/apk
[其它]  安全科研:优秀资料推荐
http://secdr.github.io/2015/05/03/good-papers/
[编程技术]  Try Django 1.8 Tutorial 视频
http://www.bilibili.com/video/av3007483/
[漏洞分析]  ROP Illmatic: Exploring Universal ROP on glibc x86-64 (en)
http://www.slideshare.net/inaz2/rop-illmatic-exploring-universal-rop-on-glibc-x8664-en-41595384
[其它]  Microsoft Threat Modeling Tool 2016
http://www.microsoft.com/en-us/download/details.aspx?id=49168
[移动安全]  Kemoge: Another Mobile Malicious Adware Infecting Over 20 Countries
https://www.fireeye.com/blog/threat-research/2015/10/kemoge_another_mobi.html
[设备安全]  BadUsb----结合实例谈此类外设的风险
http://drops.wooyun.org/tips/9336
[编程技术]  pwntools — pwntools 2.2.0 documentation
http://pwntools.readthedocs.org/en/latest/index.html
[漏洞分析]  Fuzzing with american fuzzy lop [LWN.net]
http://lwn.net/Articles/657959/
[恶意分析]  ODA - onlinedisassembler
https://www.onlinedisassembler.com/odaweb/
[漏洞分析]  Cisco Web VPNs Leveraged for Access and Persistence
http://www.volexity.com/blog/?p=179
[数据挖掘]  Big Data University
http://bigdatauniversity.com.cn/
[其它]  OSXCollector : Automated forensic evidence collection & analysis for OS X
http://files.brucon.org/2015/Kuba_Sendor_OSXCollector.pdf
[Web安全]  A survey of insecure Flash crossdomain policies – Alexa Top 10,000
http://blog.whatever.io/2015/10/03/a-survey-of-insecure-flash-crossdomain-policies-alexa-top-10000-case-study/
[恶意分析]  A Study in Bots: DiamondFox
http://blog.cylance.com/a-study-in-bots-diamondfox
[数据挖掘]  Materials for my Pycon 2015 scikit-learn tutorial
https://github.com/jakevdp/sklearn_pycon2015
[Web安全]  WordPress 利用 system.multicall RPC进行快速爆破
http://rickgray.me/2015/10/09/wordpress-xmlrpc-brute-force-in-one-request.html
[运维安全]  Dradis:Effective Information Sharing
http://dradisframework.org/
[漏洞分析]  Dynamic Analysis Of Adobe Flash Files
http://www.securityevaluators.com/knowledge/flash/flash.pdf
[编程技术]  cpp con2015
https://github.com/CppCon/CppCon2015
[编程技术]  python 安全类目推荐
http://zone.wooyun.org/content/23255
[恶意分析]  Viper is a binary management and analysis framework
http://viper.li/
安全专题
大数据可视化开源库
https://www.sec-wiki.com/topic/64
-----微信ID:SecWiki-----
SecWiki,12年来一直专注安全技术资讯分析!
SecWiki:https://www.sec-wiki.com

本期原文地址: SecWiki周刊(第84期)