2017-07-28 11:16:59
阅读:773次
点赞(0)
收藏
来源: 安全客
作者:童话
热点概要:美国黑帽大会上披露Cisco Autonomic Networking漏洞、维基解密公布CIA开发的针对MacOS和linux系统的黑客工具、Black Hat USA 2017 议题PPT下载(部分)、CVE-2017-5698 (Intel AMT) exploit、看雪CTF2017学习记录整理系列5
资讯类:
维基解密公布CIA开发的针对MacOS和Linux系统的黑客工具
http://thehackernews.com/2017/07/linux-macos-hacking-tools.html
技术类:
美国黑帽大会上披露Cisco Autonomic Networking漏洞
http://www.securityweek.com/unpatched-cisco-autonomic-networking-flaws-disclosed-black-hat
WiFi渗透测试电子书
https://rootsh3ll.com/product/kali-linux-wireless-pentesting-security-ebook/
Cracking the Lens:针对HTTP的隐藏攻击面
http://blog.portswigger.net/2017/07/cracking-lens-targeting-https-hidden.html
Awesome Web Security
https://github.com/qazbnm456/awesome-web-security
Black Hat USA 2017 议题PPT下载(部分)
https://www.blackhat.com/us-17/briefings.html
CVE-2017-8464:LNK Remote Code Execution Vulnerability,python exp
https://github.com/nixawk/labs/blob/master/CVE-2017-8464/exploit_CVE-2017-8464.py
Web cache deception Attack
https://www.blackhat.com/docs/us-17/wednesday/us-17-Gil-Web-Cache-Deception-Attack-wp.pdf
Morten Schenk在Black Hat 2017披露windows 10 内核利用
https://github.com/MortenSchenk/BHUSA2017/blob/master/us-17-Schenk-Taking-Windows-10-Kernel-Exploitation-To-The-Next-Level%E2%80%93Leveraging-Write-What-Where-Vulnerabilities-In-Creators-Update-wp.pdf
跨站点请求伪造(CSRF)你必须要知道的知识点
https://www.darknet.org.uk/2017/07/all-you-need-to-know-about-cross-site-request-forgery-csrf/
CLR-Injection
https://github.com/3gstudent/CLR-Injection
BlueSpoof:跨平台magstripe欺骗工具
https://salmg.net/2017/06/13/bluespoof/
A New Era of SSRF-Exploiting URL Parser in Trending Programming Languages!
https://www.blackhat.com/docs/us-17/thursday/us-17-Tsai-A-New-Era-Of-SSRF-Exploiting-URL-Parser-In-Trending-Programming-Languages.pdf
攻击用户Docker容器隐藏、权限维持、植入恶意软件
https://threatpost.com/attack-uses-docker-containers-to-hide-persist-plant-malware/126992/
CVE-2017-5698 (Intel AMT) exploit
https://github.com/embedi/amt_auth_bypass_poc
Supervisor Authenticated远程代码执行漏洞
https://blogs.securiteam.com/index.php/archives/3348
阿里云安骑士 webshell规则逆向
https://mp.weixin.qq.com/s?__biz=MzI4NjYwMTQ1Ng==&mid=2247483697&idx=1&sn=f36f1420fe39f51ca648e1de5b5431b2
腾讯云 webshell检测规则逆向
https://mp.weixin.qq.com/s?__biz=MzI4NjYwMTQ1Ng==&mid=2247483708&idx=1&sn=e8548a85d75584cc93fd2379f591c634
Docker Security最佳实践电子书
https://www.sqreen.io/resources/docker-security-best-practices
Metasploit for Machine Learning: Deep-Pwning
https://n0where.net/metasploit-for-machine-learning-deep-pwning/
看雪CTF2017学习记录整理系列5
https://weiyiling.cn/one/pediy_ctf2017-5
本文由 安全客 原创发布,如需转载请注明来源及本文地址。
本文地址:http://bobao.360.cn/learning/detail/4165.html