– 作者:SecWiki

安全资讯

[新闻]  2019年全球网络安全热词排行榜

https://mp.weixin.qq.com/s/agrm_Xgi1GJP3vmCiL4aVg

[新闻]  一图看懂网络安全执法检查

https://mp.weixin.qq.com/s/gAS2cFaWMUdY0s6sT6ZtHw

[人物]  张颖：左手SIEM右手服装设计的美女博士

https://mp.weixin.qq.com/s/qSVjRnMu_Monu_6E2_gsmQ

[新闻]  公安部“净网2018”专项行动取得显著成效

https://www.toutiao.com/i6665463916635619843

安全技术

[漏洞分析]  Finding and exploiting CVE-2018–7445 

https://medium.com/@maxi./finding-and-exploiting-cve-2018-7445-f3103f163cc1

[Web安全]  账户逻辑漏洞

https://bloodzer0.github.io/vulnerability/logical-vulnerability/account/

[工具]  美国国安局逆向工程框架——Ghidra的简单使用

https://www.giantbranch.cn/2019/03/06/%E7%BE%8E%E5%9B%BD%E5%9B%BD%E5%AE%89%E5%B1%80%E9%80%86%E5%90%91%E5%B7%A5%E7%A8%8B%E6%A1%86%E6%9E%B6%E2%80%94%E2%80%94Ghidra%E7%9A%84%E7%AE%80%E5%8D%95%E4%BD%BF%E7%94%A8/

[Web安全]  信息泄漏

https://bloodzer0.github.io/vulnerability/il/

[比赛]  CTF顶级工具与资源

https://www.aqniu.com/learn/44310.html

[漏洞分析]  写在98篇漏洞分析之后

https://whereisk0shl.top/post/2019-03-09

[Web安全]  Cookies 安全白皮书

https://www.netsparker.com/security-cookies-whitepaper/

[漏洞分析]  Web漏洞分析之——顺瓜摸藤 

http://blog.nsfocus.net/web%e6%bc%8f%e6%b4%9e%e5%88%86%e6%9e%90%e4%b9%8b-%e9%a1%ba%e7%93%9c%e6%91%b8%e8%97%a4/

[Web安全]  渗透之权限维持杂谈

https://www.anquanke.com/post/id/171891

[其它]  Windows 漏洞利用辅助工具

https://github.com/bitsadmin/wesng

[恶意分析]  使用贝叶斯网络来识别0day攻击路径

http://www.arkteam.net/?p=4253

[数据挖掘]  中文公开聊天语料库

https://github.com/codemayq/chaotbot_corpus_Chinese

[取证分析]  电子取证最全清单

https://mp.weixin.qq.com/s/ES83wSU-WBrUONGjCN6jYw

[工具]  LuWu: 红队基础设施自动化部署工具

https://github.com/360-A-Team/LuWu

[Web安全]  步步为营之游走于内网

https://mp.weixin.qq.com/s/xGYfxdp_TQmXiuWvC1sN-g

[其它]  WordPress <= 5.0 (CVE-2019-8942 & CVE-2019-8943) 远程代码执行漏洞 Exploit

https://gist.github.com/allyshka/f159c0b43f1374f87f2c3817d6401fd6

[数据挖掘]  Data-Knowledge-Action: 企业安全数据分析入门

https://www.cdxy.me/?p=803

[漏洞分析]  从补丁 DIFF 到 EXP：CVE-2019-0623 漏洞分析与利用

https://paper.seebug.org/832/

[编程技术]  FOFA爬虫大法——API的简单利用

https://nosec.org/home/detail/2302.html

[工具]  CVE-2018-8639-exp

https://github.com/ze0r/CVE-2018-8639-exp/

[Web安全]  红队后渗透测试中的文件传输技巧

https://paper.seebug.org/834/?from=timeline

[运维安全]  •结合图论进行入侵检测

https://www.slideshare.net/MattSwann1/graph-the-planet-2019-intrusion-detection-with-graphs

[漏洞分析]  Linux SNMP NAT 模块越界内存读写漏洞(CVE-2019-9162)

https://www.exploit-db.com/exploits/46477?utm_source=dlvr.it&utm_medium=twitter

[工具]  chomp-scan: 用于简化Bug Bounty/Penetration Test探测阶段的工具脚本

https://github.com/SolomonSklash/chomp-scan

[漏洞分析]  Part 1: Introduction to Exploit Development

https://www.fuzzysecurity.com/tutorials/expDev/1.html

[Web安全]  Great Scott! Timing Attack Demo for the Everyday Webdev

https://www.simplethread.com/great-scott-timing-attack-demo/

[Web安全]  Cobalt Strike 证书修改

https://mp.weixin.qq.com/s/59Bj4qk-ClV2eqLu8SKniQ

[Web安全]  .NET高级代码审计（第一课）XmlSerializer反序列化漏洞

https://www.anquanke.com/post/id/172316

[其它]  Python 开发的 metasploit payload 免杀工具

https://www.kitploit.com/2019/03/phantom-evasion-python-av-evasion-tool.html

[Web安全]  Facebook Information Leak

http://www.tomanthony.co.uk/blog/facebook-bug-confirm-user-identities/

[工具]  jsproxy: 一个基于浏览器端 JS 实现的在线代理

https://github.com/EtherDream/jsproxy

[漏洞分析]  SMoTherSpectre PoC

https://github.com/HexHive/SMoTherSpectre

[编程技术]  Linux 内核漏洞利用开发实验项目

https://github.com/a13xp0p0v/kernel-hack-drill

[取证分析]  威胁建模模型ATT&CK

http://blog.nsfocus.net/threat-modeling-model-attck/

[运维安全]  kubernetes集群渗透测试

https://www.freebuf.com/news/196993.html

[数据挖掘]  基于机器学习的webshell检测（一）

https://zhuanlan.zhihu.com/p/58676764

[恶意分析]  apt40-examining-a-china-nexus-espionage-actor

https://www.fireeye.com/blog/threat-research/2019/03/apt40-examining-a-china-nexus-espionage-actor.html

[工具]  JsDbg: Debugging extensions for Microsoft Edge and Chromium-based browsers

https://github.com/MicrosoftEdge/JsDbg

[取证分析]  从零编写一个自己的蜜罐系统

https://www.freebuf.com/articles/es/196525.html

[Web安全]  探索CobaltStrike的External C2框架

https://xz.aliyun.com/t/4220

[数据挖掘]  AI繁荣下的隐忧—Google Tensorflow安全风险剖析

https://mp.weixin.qq.com/s/rjcOK3A83oKHkpNgbm9Lbg

[Web安全]  PHP7和PHP5在安全上的区别

https://www.freebuf.com/articles/web/197013.html

[取证分析]  Google Launches Backstory —Google的情报工具Backstory

https://thehackernews.com/2019/03/backstory-cybersecurity-software.html

[Web安全]  从php内核角度分析php弱类型

https://www.anquanke.com/post/id/171966

[漏洞分析]  Ubuntu Linux中的特权提升漏洞Dirty Sock分析（含PoC）

https://www.freebuf.com/articles/system/195903.html

[文档]  SecWiki周刊（第261期)

https://www.sec-wiki.com/weekly/261

[工具]  femida: Automated blind-xss search for Burp Suite

https://github.com/wish-i-was/femida

[恶意分析]  GoBrut: A new GoLang Botnet 

https://blog.yoroi.company/research/gobrut-a-new-golang-botnet/

[其它]  $100,000/year if you can solve this reverse engineering test

https://www.linkedin.com/pulse/100000year-you-can-solve-reverse-engineering-test-john-coates/

[设备安全]  绿盟科技 2018物联网安全年报

http://blog.nsfocus.net/annual-report-internet-security-2018/

[Web安全]  绕过 JS Sandbox 限制

https://licenciaparahackear.github.io/en/posts/bypassing-a-restrictive-js-sandbox/

[观点]  技术层面看RSA的创新沙盒

https://mp.weixin.qq.com/s/1-yCu8dvp5GzOfK1i4LIhg

[恶意分析]  软件供应链安全威胁：从“奥创纪元”到“无限战争”

https://www.anquanke.com/post/id/172832

[工具]  SirepRAT: Remote Command Execution as SYSTEM on Windows IoT Core

https://github.com/SafeBreach-Labs/SirepRAT

[Web安全]  Hijacking a Customer Account with a Crafted Image

https://www.fortinet.com/blog/threat-research/wordpress-woocommerce-xss-vulnerability—-hijacking-a-customer-.html

[运维安全]  k8s-security-dashboard: A security monitoring solution for Kubernetes

https://github.com/k8scop/k8s-security-dashboard

[Web安全]  dvantech WebAccess 访问控制权限配置不严导致的本地提权漏洞披露

https://www.thezdi.com/blog/2019/3/6/webaccess-uncontrol

[Web安全]  代码审计实战思路之浅析PHPCMS

https://www.freebuf.com/articles/web/195737.html

[数据挖掘]  采用NLP机器学习来进行自动化合规风险治理

http://blog.nsfocus.net/automated-compliance-risk-management-nlp-machine-learning/

[恶意分析]  分析用Golang编写的新恶意软件

https://www.freebuf.com/articles/network/196498.html

[设备安全]  一个威胁数万用户GPON家用路由器 的RCE

https://xz.aliyun.com/t/4242

[论文]  LEMNA:针对安全应用的深度学习黑盒解释模型

http://www.arkteam.net/?p=4264

[文档]  极验2018交互安全行业研究报告

https://www.freebuf.com/articles/paper/196652.html

[工具]  Automate discovering and dropping payloads on LAN Raspberry Pi’s via ssh

https://github.com/BusesCanFly/rpi-hunter

[数据挖掘]  基于机器学习的攻击检测（一）

https://zhuanlan.zhihu.com/p/58689080

[Web安全]  SVG XLink SSRF fingerprinting libraries version – Arbaz Hussain – Medium

https://medium.com/@arbazhussain/svg-xlink-ssrf-fingerprinting-libraries-version-450ebecc2f3c

[恶意分析]  MacOS Malware Pedia

https://research.checkpoint.com/macos-malware-pedia/

[论文]  Abusing Web Browsers for Persistent and Stealthy Computation

https://mp.weixin.qq.com/s/bvQo-VHWdOEisR2adxx6yA

[数据挖掘]  机器学习算法分析引擎助力安全威胁推理分析

http://blog.nsfocus.net/machine-learning-algorithms-analysis-engine-security-threat-reasoning/

[文档]  2018 BOTNET趋势报告

http://blog.nsfocus.net/wp-content/uploads/2019/03/2018-BOTNET%E8%B6%8B%E5%8A%BF%E6%8A%A5%E5%91%8A.pdf

[恶意分析]  Detecting Powershell Empire shenanigans with Sysinternals

https://holdmybeersecurity.com/2019/02/27/sysinternals-for-windows-incident-response/

[数据挖掘]  基于机器学习的攻击检测（二）下-lstm实现

https://zhuanlan.zhihu.com/p/58732540

[移动安全]  Setting up Frida Without Jailbreak on the Latest iOS 12.1.4 Device

https://blog.securityinnovation.com/frida

[设备安全]  从 Trezor 硬件加密钱包中提取钱包恢复种子的研究

http://colinoflynn.com/2019/03/glitching-trezor-using-emfi-through-the-enclosure/

[其它]  houjingyi233/CPU-vulnerabiility-collections

https://github.com/houjingyi233/CPU-vulnerabiility-collections

[观点]  美国政略统筹下的网军军事战略

https://mp.weixin.qq.com/s/GMvs_YE5W_m532touUOgfg

[数据挖掘]  基于深度学习的webshell检测（二）

https://zhuanlan.zhihu.com/p/58683374

[恶意分析]  Detecting Malicious Behavior by Unmasking WebSockets

https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/detecting-malicious-behavior-by-unmasking-websockets/

[工具]  Online Courses – Ghidra

http://ghidra.re/online-courses/

[恶意分析]  New SLUB Backdoor Uses GitHub, Communicates via Slack

https://blog.trendmicro.com/trendlabs-security-intelligence/new-slub-backdoor-uses-github-communicates-via-slack/

[Web安全]  Facebook Messenger server random memory exposure through corrupted GIF image

https://www.vulnano.com/2019/03/facebook-messenger-server-random-memory.html

[Web安全]  以太坊链审计报告之Clef审计报告

https://www.freebuf.com/articles/blockchain-articles/196822.html

[数据挖掘]  基于机器学习的攻击检测（二）上-理解lstm

https://zhuanlan.zhihu.com/p/58725390

[设备安全]  Don’t worry about being locked with Loccess

https://www.eyeohtee.cheap/dont-worry-about-being-locked-with-loccess/

[漏洞分析]  Automation in Exploit Generation with Exploit Templates

https://sean.heelan.io/2019/03/05/automation-in-exploit-generation-with-exploit-templates/

[恶意分析]  SectorD02 PowerShell Backdoor Analysis

https://threatrecon.nshc.net/2019/03/07/sectord02-powershell-backdoor-analysis/

[工具]  stevenaldinger/decker: Declarative penetration testing orchestration framework

https://github.com/stevenaldinger/decker

[Web安全]  Auditing GitHub Repo Wikis for Fun and Profit

https://www.smeegesec.com/2019/03/auditing-github-repo-wikis-for-fun-and.html

[运维安全]  using-docker-kubernetes-for-automating-appsec-and-osint-workflows

https://github.com/appsecco/using-docker-kubernetes-for-automating-appsec-and-osint-workflows

[恶意分析]  Quick Analysis of a Trickbot Sample with NSA’s Ghidra SRE Framework

http://www.peppermalware.com/2019/03/quick-analysis-of-trickbot-sample-with.html

[移动安全]  3 XSS in ProtonMail for iOS – Vladimir Metnew – Medium

https://medium.com/@vladimirmetnew/3-xss-in-protonmail-for-ios-95f8e4b17054

[Web安全]  Host Header Poisoning in IBM Websphere

https://medium.com/@x41x41x41/host-header-poisoning-in-ibm-websphere-3d459a990f00

[Web安全]  Universal RCE with Ruby YAML.load

https://staaldraad.github.io/post/2019-03-02-universal-rce-ruby-yaml-load/

-----微信ID：SecWiki-----
SecWiki，5年来一直专注安全技术资讯分析！
SecWiki：https://www.sec-wiki.com

本期原文地址: SecWiki周刊(第262期)

来源：freebuf.com 0000-00-00 00:00:00 by: SecWiki