SecWiki周刊(第265期) – 作者:SecWiki

安全资讯

[事件]  美国230万灾难幸存者隐私信息恐遭泄露

https://nosec.org/home/detail/2396.html

安全技术

[Web安全]  Coablt strike官方教程中文译版本

https://backlion.cnblogs.com/p/10616308.html?from=timeline

[Web安全]  谷歌论坛的越权漏洞(500美金)

https://nosec.org/home/detail/2419.html

[漏洞分析]  VMware 本地权限提升

https://bugs.chromium.org/p/project-zero/issues/detail?id=1733

[恶意分析]  勒索病毒应急响应 自救手册(第二版)

https://www.anquanke.com/post/id/175550

[运维安全]  Osquery检测入侵痕迹

https://evilanne.github.io/2019/02/20/Osquery%E6%A3%80%E6%B5%8B%E5%85%A5%E4%BE%B5%E7%97%95%E8%BF%B9/

[数据挖掘]  SearchApp: 小型网络空间搜索引擎

https://github.com/imjdl/SearchApp

[Web安全]  Pwn2Own 2019 Firefox 远程代码执行漏洞(CVE-2019-9810)的 POC

https://github.com/xuechiyaobai/CVE-2019-9810-PoC/

[设备安全]  利用BadUSB控制整个网络

https://nosec.org/home/detail/2425.html

[移动安全]  详解Laravel 5.8 SQL注入漏洞

https://nosec.org/home/detail/2395.html

[运维安全]  小师妹聊安全标准(二)

https://www.freebuf.com/articles/es/199084.html

[Web安全]  PayPal旗下Braintree网站的“不寻常”漏洞(3200美金)

https://nosec.org/home/detail/2420.html

[设备安全]  IoT 设备固件分析之网络协议 fuzz

https://mp.weixin.qq.com/s/5gwJpqj7ysue19OcoPI16A

[运维安全]  初入甲方的企业安全建设规划

https://www.freebuf.com/articles/es/198597.html

[Web安全]  一篇域攻击文章的复现

https://xz.aliyun.com/t/4441

[漏洞分析]  通过漏洞利用模版使漏洞利用自动化

https://www.4hou.com/web/16902.html

[其它]  Linux CTF 二进制挑战的详细逆向工程分析

https://blog.kartone.ninja/2019/03/25/when-a-reverse-me-ctf-binary-makes-you-loose-that-job/

[运维安全]  以攻促防:企业蓝军建设思考

https://mp.weixin.qq.com/s/8iJs2ON66NY1Jdbt7c-BTA

[Web安全]  阿里云和谷歌(1300美金)的XSS漏洞

https://nosec.org/home/detail/2402.html

[Web安全]  寻找隐藏在CloudFlare和Tor后的真实IP

https://nosec.org/home/detail/2405.html

[运维安全]  Google 基础架构安全设计概述

https://mp.weixin.qq.com/s/MOJCYDN-W9KObOZpc6kx1g

[Web安全]  红队基础建设:隐藏你的C2 server

https://xz.aliyun.com/t/4509

[设备安全]  社工攻击-BadUSB攻防

https://mp.weixin.qq.com/s/R4MdPVTOqUNg8-1HSOyQzw

[取证分析]  点融NIDS实践 

http://www.ebwill.com/2018/09/10/DR_NIDS/

[工具]  cve-2019-0808-poc

https://github.com/ze0r/cve-2019-0808-poc/

[编程技术]  酷炫的深度学习网络图画法

https://bigquant.com/community/t/topic/150804

[恶意分析]  软件供应链来源攻击分析报告

https://mp.weixin.qq.com/s/If_Q0BlIZTiYp_7d1zJMWw

[漏洞分析]  automated-pentest-自动化扫描和生成渗透测试报告的 Parrot OS 系统容器

https://github.com/vishnudxb/automated-pentest

[漏洞分析]  Druid拦截功能的配置与简单绕过

https://mp.weixin.qq.com/s/lGalf63VXCva2I5BpmSMgQ

[无线安全]  使用 BadUSB 攻击路由设备控制目标网络

https://medium.com/tenable-techblog/owning-the-network-with-badusb-72daa45d1b00

[运维安全]  GithubMonitor: 关键词监控GitHub泄漏

https://github.com/Macr0phag3/GithubMonitor

[编程技术]  交互式Git教程 ​​​

https://learngitbranching.js.org/

[取证分析]  OSINT Primer:域名(第1部分)

https://xz.aliyun.com/t/4504

[取证分析]  browspy: 浏览器用户全部信息收集JavaScript

https://github.com/Urinx/browspy

[漏洞分析]  Tomcat变体利用:host-manager

https://xz.aliyun.com/t/4435

[取证分析]  对泄漏的未初始化内核内存的取证分析

https://dfir.ru/2019/03/25/forensic-analysis-of-disclosed-uninitialized-kernel-memory/

[编程技术]  Simdjson:一个超高速的JSON解析工具

https://www.freebuf.com/sectool/198277.html

[漏洞分析]  Remote command injection through an endpoint security product

https://www.pentestpartners.com/security-blog/remote-command-injection-through-an-endpoint-security-product/

[Web安全]  使用 Sboxr 自动化发现和利用 DOM XSS – Part 1

https://blog.appsecco.com/automating-discovery-and-exploiting-dom-client-xss-vulnerabilities-using-sboxr-part-1-2e55c120c9e1

[数据挖掘]  基于机器学习的Web日志异常检测实践 

https://www.wzsite.cn/2018/10/22/%E5%9F%BA%E4%BA%8E%E6%9C%BA%E5%99%A8%E5%AD%A6%E4%B9%A0%E7%9A%84Web%E6%97%A5%E5%BF%97%E5%BC%82%E5%B8%B8%E6%A3%80%E6%B5%8B%E5%AE%9E%E8%B7%B5/

[其它]  NTA技术 & 代表性NTA产品一览

https://mp.weixin.qq.com/s/MP0tONsz5KRRa-swTwDh9w

[Web安全]  从零开始Java代码审计系列(一)

https://xz.aliyun.com/t/4558

[漏洞分析]  通过 DCOM 远程执行 Excel 4.0/XLM 宏实现横向渗透的利用脚本

https://github.com/outflanknl/Excel4-DCOM

[漏洞分析]  Microsoft Defender ATP investigation unearths privilege escalation flaw

https://www.microsoft.com/security/blog/2019/03/25/from-alert-to-driver-vulnerability-microsoft-defender-atp-investigation-unearths-privilege-escalation-flaw/

[Web安全]  HackerOne 50M CTF Writeup

http://0xc0ffee.io/blog/50M-CTF

[无线安全]  披露一种针对W-IFI WPA/WPA2协议的MOTS(Man-On-The-Side)的攻击方式

https://github.com/zjlywjh001/CanSecWest19

[漏洞分析]  CVE-2019-7286 Part II: Gaining PC Control

https://blog.zecops.com/vulnerabilities/exploit-of-cve-2019-7286/

[Web安全]  攻破 Chrome 的 ValueDeserializer::ReadDenseJSArray 越界写漏洞(CVE-2018-17480)

https://bugs.chromium.org/p/chromium/issues/detail?id=905940

[工具]  router_badusb: BadUSB in Routers

https://github.com/tenable/router_badusb

[漏洞分析]  一行代码逃逸 Safari 沙箱

https://weibo.com/ttarticle/p/show?id=2309404354112320866984&sudaref=cp0.win&display=0&retcode=6102

[Web安全]  .NET高级代码审计(第五课) .NET Remoting反序列化漏洞

https://www.anquanke.com/post/id/174009

[运维安全]  绕过 nftables/PacketFilter 防火墙过滤规则传输 ICMP/ICMPv6 数据包的漏洞详解

https://www.synacktiv.com/posts/systems/icmp-reachable.html

[恶意分析]  Analysis of .Net Stealer GrandSteal

http://www.peppermalware.com/2019/03/analysis-of-net-stealer-grandsteal-2019.html

[Web安全]  Google Groups Authorization Bypass / $500 bounty

https://www.komodosec.com/post/google-groups-authorization-bypass

[Web安全]  一行代码逃逸 Safari 沙箱

https://weibo.com/ttarticle/p/show?id=2309404354112320866984

[恶意分析]  Analysis of NetWiredRC trojan

https://maskop9.tech/index.php/2019/01/30/analysis-of-netwiredrc-trojan/

[Web安全]  PHP内核层解析反序列化漏洞

https://mp.weixin.qq.com/s/RL8_kDoHcZoED1G_BBxlWw

[工具]  npk: A mostly-serverless distributed hash cracking platform

https://github.com/Coalfire-Research/npk

[恶意分析]  KBuster:以伪造韩国银行APP的韩国黑产活动披露

https://mp.weixin.qq.com/s/p2pmW_JH7DgPt5o-HYmTpw

[漏洞分析]  Windows 10 IoT Core远程命令执行漏洞验证及建议

https://mp.weixin.qq.com/s/Pq2win4kH72eG_n7aKQdIQ

[漏洞分析]  Analysis and Reproduction of iOS/OSX Vulnerability: CVE-2019-7286

https://blog.zecops.com/vulnerabilities/analysis-and-reproduction-of-cve-2019-7286/

[移动安全]  Android Runtime Restrictions Bypass

https://blog.quarkslab.com/android-runtime-restrictions-bypass.html

[漏洞分析]  One-liner Safari sandbox escape exploit

https://medium.com/0xcc/one-liner-safari-sandbox-escape-exploit-91082ddbe6ef

[恶意分析]  Defeating Userland Hooks (ft. Bitdefender)

https://0x00sec.org/t/defeating-userland-hooks-ft-bitdefender/12496

[恶意分析]  Dissecting ShadowHammer

https://www.cyberfox.blog/dissecting-shadowhammer/

[Web安全]  Attacking Java RMI services after JEP 290

https://mogwailabs.de/blog/2019/03/attacking-java-rmi-services-after-jep-290/

[移动安全]  fridump3: A universal memory dumper using Frida for Python 3

https://github.com/rootbsd/fridump3

-----微信ID:SecWiki-----
SecWiki,5年来一直专注安全技术资讯分析!
SecWiki:https://www.sec-wiki.com

本期原文地址: SecWiki周刊(第265期)

footer.png

来源:freebuf.com 2019-04-01 20:46:06 by: SecWiki

© 版权声明
THE END
喜欢就支持一下吧
点赞0
分享
评论 抢沙发

请登录后发表评论