安全技术
[Web安全] 利用js文件进行渗透
https://mp.weixin.qq.com/s/G6qdRQ3BPKrjHY5ucUiG2w
[Web安全] CVE-2019-10392 Jenkins 2k19认证远程RCE
[取证分析] 钓鱼邮件的投递和伪造
[杂志] SecWiki周刊(第289期)
https://www.sec-wiki.com/weekly/289
[Web安全] 内网渗透之端口转发、映射、代理
[Web安全] LuWu: 红队基础设施自动化部署工具
https://github.com/QAX-A-Team/LuWu
[取证分析] 反间谍软件之旅(一)
https://www.anquanke.com/post/id/186489
[其它] SUCTF-WriteUp(上)
https://mp.weixin.qq.com/s/bgWwPPjFsiviFxMgNxjUIg
[工具] vulnerable-sso: vulnerable single sign on
https://github.com/dogangcr/vulnerable-sso
[取证分析] 大型互联网企业威胁情报运营与实践思考
https://www.anquanke.com/post/id/187069
[Web安全] 攻击Scrapyd爬虫
https://www.leavesongs.com/OTHERLAN/attack-scrapy.html
[恶意分析] Malware Classification with ‘Graph Hash,’ Applied to the Orca Cyberespionage Cam
[其它] beyond-good-ol-run-key-part-114(AutoPlay利用)
http://www.hexacorn.com/blog/2019/09/07/beyond-good-ol-run-key-part-114/
[恶意分析] purple-fox-fileless-malware-with-rookit-component-delivered-by-rig-exploit-kit-n
[工具] pdlist: A passive subdomain finder
https://github.com/gnebbia/pdlist
[其它] SUCTF-WriteUp(下)
https://mp.weixin.qq.com/s/NtOgVw0uFXndJ7b1-G-0iw
[其它] Decentralizing DNS to Improve the Security of the Internet
[工具] Bloodhound Cypher Cheatsheet
https://hausec.com/2019/09/09/bloodhound-cypher-cheatsheet/
[Web安全] Server Side Template Injection – on the example of Pebble
https://research.securitum.com/server-side-template-injection-on-the-example-of-pebble/
-----微信ID:SecWiki----- SecWiki,5年来一直专注安全技术资讯分析! SecWiki:https://www.sec-wiki.com
本期原文地址: SecWiki周刊(第290期)
来源:freebuf.com 2019-09-23 20:08:31 by: SecWiki
请登录后发表评论
注册