2017-08-21 11:00:23
阅读:749次
点赞(0)
收藏
来源: 安全客
作者:童话
热点概要:内网主机发现技巧、使用SpiderFoot与SHODAN识别目标操作系统及开放端口、Pentest Cheat Sheets、Kronos恶意软件分析、混淆的Locky勒索软件下载者分析、Xshellghost后门事件分析、CVE-2017-6327: 赛门铁克 <= 10.6.3-2远程代码执行漏洞、NSA无人机袭击目标致数百平民丧生、FBI 警告私营部门停止使用卡巴斯基
国内热词(以下内容部分摘自http://www.solidot.org/):
FBI 警告私营部门停止使用卡巴斯基
Chrome 将会对 HTTP Web 表单显示不安全警告
资讯类:
NSA无人机袭击目标致数百平民丧生
http://thehackernews.com/2017/08/nsa-spying-australia.html
暗网新闻:
Valhalla Market 也被查,初期已有200+用户信息被芬兰海关获取到,目测已经被采取强制措施
https://www.deepdotweb.com/2017/08/18/valhalla-market-seized-finnish-customs-allegedly-identified-hundreds-valhalla-users/
技术类:
使用SpiderFoot与SHODAN识别目标操作系统及开放端口
https://asciinema.org/a/127601
逆向工程家庭安全系统:解码固件更新
https://markclayton.github.io/reverse-engineering-my-home-security-system-decompiling-firmware-updates.html
Kronos恶意软件分析(part 1 )
https://blog.malwarebytes.com/cybercrime/2017/08/inside-kronos-malware/
Bug Bounty:如何使用Shodan和Golang扫描多个组织
https://medium.com/@woj_ciech/scan-multiple-organizations-with-shodan-and-golang-bug-bounty-example-d994ba6a9587
udp2raw tunnel:通过raw socket给UDP包加上TCP或ICMP header,进而绕过UDP屏蔽或QoS,或在UDP不稳定的环境下提升稳定性。可以有效防止在使用kcptun或者finalspeed的情况下udp端口被运营商限速。
https://github.com/wangyu-/udp2raw-tunnel
Pentest Cheat Sheets
https://github.com/coreb1t/awesome-pentest-cheat-sheets
混淆的Locky勒索软件下载者分析
http://www.ringzerolabs.com/2017/08/analyzing-several-layers-of-obfuscation.html
信息收集:内网主机发现技巧
https://mp.weixin.qq.com/s?__biz=MzI5MDQ2NjExOQ==&mid=2247484689&idx=1&sn=67433d76467ed12fcd86981a1b2e32c2&chksm=ec1e3539db69bc2f2f7f9095b2bde41e21096179fcd3cabf20f149b2814c442fc42d78ef5e1e&scene=21#wechat_redirect
https://mp.weixin.qq.com/s/l-Avt72ajCIo5GdMEwVx7A
Xshellghost后门事件分析
360追日团队:http://bobao.360.cn/learning/detail/4280.html
360天眼实验室:http://bobao.360.cn/learning/detail/4278.html
通过加密Payload实现杀软绕过(C#实现)
https://www.linkedin.com/pulse/bypass-all-anti-viruses-encrypted-payloads-c-damon-mohammadbagher?trk=v-feed
使用VENOM工具加密payload绕过杀软
https://www.linkedin.com/pulse/bypass-anti-virus-detection-encrypted-payloads-using-venom-james-ceh?trk=v-feed
cansina:基于python的目录扫描器
https://github.com/deibit/cansina/
dockerscan:docker安全分析工具
https://github.com/cr0hn/dockerscan
沙盒攻击面分析工具v1.0.9
https://github.com/google/sandbox-attacksurface-analysis-tools/releases/tag/v1.0.9
CVE-2017-6327: 赛门铁克 <= 10.6.3-2远程代码执行漏洞
http://seclists.org/fulldisclosure/2017/Aug/28
Scanning Effectively Through a SOCKS Pivot with Nmap and Proxychains
https://cybersyndicates.com/2015/12/nmap-and-proxychains-scanning-through-a-socks-piviot/
如何一步一步解码复杂恶意软件
https://blog.sucuri.net/2017/08/malware-decoding-step-step-guide.html?utm_source=Twitter&utm_medium=Social&utm_campaign=Blog&utm_term=EN&utm_content=Malware-Decoding-Step-by-Step
Secrets and LIE-abilities: The State of Modern Secret Management (2017)
https://medium.com/on-docker/secrets-and-lie-abilities-the-state-of-modern-secret-management-2017-c82ec9136a3d
Chainspace: A Sharded Smart Contracts Platform
https://www.benthamsgaze.org/2017/08/18/chainspace-a-sharded-smart-contracts-platform/
RETGUARD, the OpenBSD next level in exploit mitigation, is about to debut
http://undeadly.org/cgi?action=article&sid=20170819230157
CLKSCREW: Exposing the Perils of Security-Oblivious Energy Management
https://www.usenix.org/system/files/conference/usenixsecurity17/sec17-tang.pdf
本文由 安全客 原创发布,如需转载请注明来源及本文地址。
本文地址:http://bobao.360.cn/learning/detail/4284.html
