SecWiki周刊(第92期)
2015/11/30-2015/12/06
安全资讯
Let's Encrypt: Entering Public Beta
https://letsencrypt.org/2015/12/03/entering-public-beta.html
https://letsencrypt.org/2015/12/03/entering-public-beta.html
安全技术
ElasticZombie Botnet - Exploiting Elasticsearch Vulnerabilities
https://www.alienvault.com/open-threat-exchange/blog/elasticzombie-botnet-exploiting-elasticsearch-vulnerabilities#
https://www.alienvault.com/open-threat-exchange/blog/elasticzombie-botnet-exploiting-elasticsearch-vulnerabilities#
Lucky Microseconds: A Timing Attack on Amazon’s s2n Implementation of TLS
http://eprint.iacr.org/2015/1129.pdf
http://eprint.iacr.org/2015/1129.pdf
Webshell安全检测篇
http://drops.wooyun.org/papers/10807
http://drops.wooyun.org/papers/10807
用户画像系列文章之用户能力标签
http://weibo.com/p/1001603914906402462128
http://weibo.com/p/1001603914906402462128
PSAttack:A framework for Powershell attack platfrom
https://github.com/jaredhaight/PSAttack
https://github.com/jaredhaight/PSAttack
php-grinder:Simple PHP static code analysis for security researchers
http://php-grinder.com/
http://php-grinder.com/
Attacking Hypervisors ZeroNights_0x5
https://github.com/REhints/Publications/blob/master/Conferences/Zeronights'2015/AttackingHypervisors_ZeroNights_0x5.pdf
https://github.com/REhints/Publications/blob/master/Conferences/Zeronights'2015/AttackingHypervisors_ZeroNights_0x5.pdf
Acunetix WVS 10 - Local Privilege escalation
https://www.exploit-db.com/exploits/38847/
https://www.exploit-db.com/exploits/38847/
hashcat and oclHashcat have gone open source
https://github.com/hashcat/
https://github.com/hashcat/
-----微信ID:SecWiki-----
SecWiki,12年来一直专注安全技术资讯分析!
SecWiki:https://www.sec-wiki.com本期原文地址: SecWiki周刊(第92期)
