安全技术
[其它] 技术人的修炼之道:从业余到专业
https://mp.weixin.qq.com/s/gBgFyy4MMrF5vn-8NGEVQw
[漏洞分析] 协议模糊测试相关技术梳理
https://mp.weixin.qq.com/s/RCpAUpFEzbSewEnWpHrsqw
[工具] 从 SQL 到 RCE 利用 SessionState 反序列化攻击 ASP.NET 网站应用程式
https://paper.seebug.org/1186/
[杂志] SecWiki周刊(第322期)
https://www.sec-wiki.com/weekly/322
[Web安全] 已知邮箱,求手机号码?
https://mp.weixin.qq.com/s/XvMruURNVWBkEwxvnPSW1g
[Web安全] De1CTF2020-WriteUp上(Web、Misc、Pwn)
https://mp.weixin.qq.com/s/1CR0up_b5a1zw02wZNwJpg
[Web安全] 数字中国创新大赛-虎符网络安全赛道Write up
https://mp.weixin.qq.com/s/ih2X8IXVFmrMVwJYuf5gng
[恶意分析] Decrypting and analyzing HTTPS traffic without MITM
https://blog.silentsignal.eu/2020/05/04/decrypting-and-analyzing-https-traffic-without-mitm/
[工具] Java 反序列化系列 ysoserial Groovy 1
https://paper.seebug.org/1171/
[Web安全] DOM XSS in Gmail with a little help from Chrome
https://opnsec.com/2020/05/dom-xss-in-gmail-with-a-little-help-from-chrome/
[Web安全] Socks Over RDP
https://research.nccgroup.com/2020/05/06/tool-release-socks-over-rdp/
[漏洞分析] Windows exploitation
https://fullpwnops.com/windows-exploitation-pathway.html
[运维安全] 用SASE加速零信任网络交付
https://mp.weixin.qq.com/s/OjHgQGrJWfueu4AfxES9Hg
[设备安全] 物联网场景下的白盒加密技术
https://mp.weixin.qq.com/s/y8FNDtuJIIiYmZDLTxuL_g
[观点] 我的安全漏洞观
https://mp.weixin.qq.com/s/86cS8yIgbVcKStZWq84M7Q
[恶意分析] The Dacls RAT now on macOS!
https://objective-see.com/blog/blog_0x57.html
[Web安全] Tide-Mars:资产管理与威胁监测平台开源版本
https://mp.weixin.qq.com/s/-7V14Rpu2KU5HUsa0p025g
[数据挖掘] Understanding E-commerce Fraud from Autonomous Chat
https://mp.weixin.qq.com/s/uzGQxgfaUufsDSvcYIIYig
[Web安全] 子域名托管案例
https://mp.weixin.qq.com/s/Nqy0Agq_h9yZhvqKdZBZgw
[恶意分析] Schnelder – NetBotz Firmware 固件分析
https://paper.seebug.org/1170/
[Web安全] 内网渗透:流量转发场景测试
https://www.anquanke.com/post/id/204347
[漏洞分析] Bugs on the Windshield: Fuzzing the Windows Kernel
https://research.checkpoint.com/2020/bugs-on-the-windshield-fuzzing-the-windows-kernel/
[漏洞分析] WEBPWN入门级调试讲解
https://www.anquanke.com/post/id/204404
[Web安全] linux后渗透之收集登录凭证
[恶意分析] De1CTF2020-WriteUp下(Crypto、Reverse)
https://mp.weixin.qq.com/s/KKkxUb_rUEi7Pxj0Qj5Odw
[Web安全] 对缓存投毒的学习总结
[移动安全] Android’s May 2020 Patches Fix Critical System Vulnerability
https://www.securityweek.com/androids-may-2020-patches-fix-critical-system-vulnerability
[无线安全] GPS欺骗实验
https://www.anquanke.com/post/id/204316
[恶意分析] Deconstructing the Dukes: A Researcher’s Retrospective of APT29
https://blog.f-secure.com/podcast-dukes-apt29/
[漏洞分析] JAVA RMI反序列化知识详解
https://mp.weixin.qq.com/s/bC71HoEtDAKKbHJvStu9qA
[Web安全] 浏览器中隐蔽数据传输通道-DNS隧道
https://mp.weixin.qq.com/s/u5HV7umrZABcgVpZ5pn6WQ
[漏洞分析] Fastjson 反序列化漏洞史
https://paper.seebug.org/1192/
[设备安全] 从乌克兰电网事件看工控安全态势
https://www.freebuf.com/articles/ics-articles/233680.html
[运维安全] 新一代SIEM与SOAR的技术对比
https://mp.weixin.qq.com/s/mfNRbDXIg5_1jSKHbceHCA
[观点] 卫星互联网重新定义网络战
https://mp.weixin.qq.com/s/mj4BVfI-j3yp-xaSZeEW_A
-----微信ID:SecWiki----- SecWiki,8年来一直专注安全技术资讯分析! SecWiki:https://www.sec-wiki.com
本期原文地址: SecWiki周刊(第323期)
来源:freebuf.com 2020-05-11 09:50:39 by: SecWiki
请登录后发表评论
注册