SecWiki周刊(第94期)
2015/12/14-2015/12/20
安全资讯
[其它]  13 Million MacKeeper Users Hacked — 21 GB of Data Exposed
http://thehackernews.com/2015/12/mackeeper-antivirus-hacked_14.html
安全技术
[工具]  Yahoo结构化数据爬虫Anthelion(基于Nutch)
https://github.com/yahoo/anthelion
[Web安全]  X-XSS-Nightmare: 1; mode=attack XSS Attacks Exploiting XSS Filter
http://www.slideshare.net/masatokinugawa/xxn-en
[运维安全]  数据科学在Web威胁感知中的应用(一)
http://www.jianshu.com/p/942d1beb7fdd
[移动安全]  “汽车网络信息安全发展全生命周期风险评估管理”
http://www.acss2016.grccinc.com/news/152.html
[移动安全]  Build One MiniPwner
http://www.minipwner.com/index.php/build-one
[运维安全]  安全情报分析中的钻石模型
http://weibo.com/p/1001603919911725464798
[文档]  secadmin-2015-ctf-writeup
http://blog.pepelux.org/2015/12/13/secadmin-2015-ctf-writeup/
[恶意分析]  New Cuckoo for You
https://labs.opendns.com/2015/12/15/new-cuckoo-for-you/
[Web安全]  in-depth-analyses-of-the-joomla-0-day-user-agent-exploit
https://blog.patrolserver.com/2015/12/17/in-depth-analyses-of-the-joomla-0-day-user-agent-exploit/
[Web安全]  phpsploit: Stealth post-exploitation framework
https://github.com/nil0x42/phpsploit
[Web安全]  How to Xss(科普&minictf writeup)
http://www.math1as.com/index.php/archives/186/
[Web安全]  XSSPayloads-Execute-Cheatsheet
http://www.xss-payloads.com/papers/cheatsheets/XSSPayloads-Execute-Cheatsheet.pdf
[运维安全]  异常检测
http://www.jianshu.com/p/d8b6bb53f9a0
[视频]  Data Science Driven Approaches to Malware Detection
https://www.youtube.com/watch?v=_0yvytg24Nk&feature=youtu.be
[漏洞分析]  FireEye Exploitation: Project Zero’s Vulnerability of the Beast
http://googleprojectzero.blogspot.com/2015/12/fireeye-exploitation-project-zeros.html
[Web安全]  Critical 0-day Remote Command Execution Vulnerability in Joomla
https://blog.sucuri.net/2015/12/remote-command-execution-vulnerability-in-joomla.html
-----微信ID:SecWiki-----
SecWiki,12年来一直专注安全技术资讯分析!
SecWiki:https://www.sec-wiki.com

本期原文地址: SecWiki周刊(第94期)