2017-05-17 09:50:04
阅读:483次
点赞(0)
收藏
来源: 安全客
作者:adlab_puky
热点概要:一波未平一波又起!影子经纪人宣称每月将定期出售NSA黑客工具、为什么钓鱼攻击能够成功、您的ePub阅读器是否足够安全?、分析Microsoft Office的攻击面、Hidden Alternative Data Streams的进阶利用技巧、利用互斥体阻断想哭蠕虫,实现联网升级、您的ePub阅读器是否足够安全?
资讯类:
“影子经纪人”将放出更多0day漏洞 支持月度付款
http://thehackernews.com/2017/05/shodow-brokers-wannacry-hacking.html
贝尔加拿大公司遭入侵:神秘黑客席卷200万账户详情
http://www.theregister.co.uk/2017/05/16/bell_canada_quieting_fears_post_data_heist/
技术类:
一波未平一波又起!影子经纪人宣称每月将定期出售NSA黑客工具
http://bobao.360.cn/news/detail/4169.html
https://steemit.com/shadowbrokers/@theshadowbrokers/oh-lordy-comey-wanna-cry-edition
PVS-Studio团队公开表示愿意改善Tizen项目的安全性
https://developer.tizen.org/forums/general-support/pvs-studio-team-willing-work-on-improving-tizen-project-open-letter
为什么钓鱼攻击能够成功
https://ttmm.io/tech/why-phishing-attacks-succeed/
SSH 中间人工具 v1.0
https://github.com/jtesta/ssh-mitm
渗透测试亚马逊简单存储服务AMAZON S3
https://rhinosecuritylabs.com/penetration-testing/penetration-testing-aws-storage/
您的ePub阅读器是否足够安全?
https://shhnjk.blogspot.jp/2017/05/is-your-epub-reader-secure-enough.html
MacroMeter - VBA Reversed TCP Meterpreter Stager
https://github.com/Cn33liz/MacroMeter/blob/master/MacroMeter.vba
你需要知道的http header中的安全属性
https://blog.appcanary.com/2017/http-security-headers.html
web开发者的安全书单
https://simplesecurity.sensedeep.com/web-developer-security-checklist-f2e4f43c9c56
hack虚拟内存:malloc,堆和程序中断
https://blog.holbertonschool.com/hack-the-virtual-memory-malloc-the-heap-the-program-break/
sniffROM:一个用于被动式数据捕获和串行闪存芯片的工具
https://github.com/alainiamburg/sniffROM
在VBA中使用DLL改善宏的攻击功能
https://labs.mwrinfosecurity.com/blog/dll-tricks-with-vba-to-improve-offensive-macro-capability/
分析Microsoft Office的攻击面
https://0b3dcaf9-a-62cb3a1a-s-sites.googlegroups.com/site/zerodayresearch/Analysis_of_the_Attack_Surface_of_Microsoft_Office_from_User_Perspective_final.pdf
利用互斥体阻断想哭蠕虫,实现联网升级
http://www.4hou.com/technology/4793.html
WSSiP:WebSocket操作代理
https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2017/may/wssip-a-websocket-manipulation-proxy/
Burp中的美化json的工具
https://blog.netspi.com/beautifying-json-in-burp/
法国总统选举:跟踪MACRONGATE的来源
https://www.qurium.org/alerts/france/tracing_macrongate_source/
iOS 10.3.2修复了大量CVE漏洞
https://support.apple.com/en-us/HT207798
mysql SQL Injection速查表
http://www.sqlinjectionwiki.com/Categories/2/mysql-sql-injection-cheat-sheet/
Hidden Alternative Data Streams的进阶利用技巧
http://www.4hou.com/technology/4783.html
Adobe Flash: Out-of-bounds read in getting TextField width
https://bugs.chromium.org/p/project-zero/issues/detail?id=1211
Adobe Flash: Out-of-bounds read in AVC deblocking
https://bugs.chromium.org/p/project-zero/issues/detail?id=1171
Adobe Flash: Heap Corruption in Margin Handling
https://bugs.chromium.org/p/project-zero/issues/detail?id=1174
Adobe Flash: Out-of-bounds write in hit test
https://bugs.chromium.org/p/project-zero/issues/detail?id=1210
本文由 安全客 原创发布,如需转载请注明来源及本文地址。
本文地址:http://bobao.360.cn/learning/detail/3862.html