今日导读:谁不需要为平昌奥运会的黑客时间事件负责?、Rig EK一年后的演变:从勒索到挖矿到信息窃取、Exobot手机银行木马的新功能探究、Oracle服务器WLS-WSAT漏洞被利用来进行Monero币挖掘、utorrentJSON-RPC问题导致远程代码执行和信息泄露、MeltdownPrime和SpectrePrime攻击、dedeCMS V5.7 SP2 后台Getshell分析、WAF攻防之SQL注入篇、对小米生态系统进行逆向工程、在允许的环境中使用webshells注销web服务器进程、利用INF-SCT获取和绕过,逃避检测以及持久性技术、深入研究数据库攻击第二部分:通过SQL命令传递和执行恶意可执行文件、ColdFusion渗透测试手册、2017中国高级持续性威胁(APT)研究报告、recon brussels 2018 PPT、一个价值15,000美金的Facebook账户劫持漏洞,还有一个2017年买房购房知识总结等。

1、Who Wasn’t Responsible for Olympic Destroyer?
http://blog.talosintelligence.com/2018/02/who-wasnt-responsible-for-olympic.html

2、Rig EK One Year Later: From Ransomware to Coin Miners and Information Stealers
https://researchcenter.paloaltonetworks.com/2018/02/unit42-rig-ek-one-year-later-from-ransomware-to-coin-miners-and-information-stealers/

3、A look at new features of the Exobot mobile banking trojan
http://blog.k7computing.com/2018/02/extortion-banking-bot-%E2%80%93-exobot/

4、Oracle Server Vulnerability Exploited to Deliver Double Monero Miner Payloads
https://blog.trendmicro.com/trendlabs-security-intelligence/oracle-server-vulnerability-exploited-deliver-double-monero-miner-payloads/

5、utorrent: various JSON-RPC issues resulting in remote code execution, information disclosure, etc.
https://bugs.chromium.org/p/project-zero/issues/detail?id=1524

工具#utorrent crash poc
http://lock.cmpxchg8b.com/utorrent-crash-test.html

7、MeltdownPrime and SpectrePrime:Automatically-Synthesized Attacks Exploiting Invalidation-Based Coherence Protocols
https://arxiv.org/pdf/1802.03802.pdf

8、某CMS V5.7 SP2 后台Getshell
https://xianzhi.aliyun.com/forum/topic/2071

9、WAF攻防之SQL注入篇
http://galaxylab.org/waf%E6%94%BB%E9%98%B2%E4%B9%8Bsql%E6%B3%A8%E5%85%A5%E7%AF%87/

10、在《WAF攻防之SQL注入篇》中几个有意思的发现
https://xianzhi.aliyun.com/forum/topic/2069

11、Reverse engineering Gear VR
http://jsyang.ca/hacks/gear-vr-rev-eng/

12、Deobfuscating a spam mailer written in PHP
http://www.kahusecurity.com/2018/deobfuscating-a-sophisticated-mailer/

13、Reversing IoT: Xiaomi ecosystem
https://recon.cx/2018/brussels/resources/slides/RECON-BRX-2018-Reversing-IoT-Xiaomi-ecosystem.pdf

14、Parasiting web server process with webshells in permissive environments
https://x-c3ll.github.io/posts/parasite-web-server-process/

15、Hijacking ( COM ) For Execute Lateral Movement, in Mode Explorer.
https://homjxi0e.wordpress.com/2018/02/19/hijacking-com-for-execute-lateral-movement-in-mode-explorer/

16、Leveraging INF-SCT Fetch & Execute Techniques For Bypass, Evasion, & Persistence
https://bohops.com/2018/02/26/leveraging-inf-sct-fetch-execute-techniques-for-bypass-evasion-persistence/

17、Java代码审计-层层推进
https://mp.weixin.qq.com/s/muv_q5ENH_0_zpWZqqvHVw

18、A Deep Dive into Database Attacks Part II: Delivery and Execution of Malicious Executables through SQL commands (SQL Server)
https://www.imperva.com/blog/2018/02/deep-dive-database-attacks-part-ii-delivery-execution-malicious-executables-sql-commands-sql-server/

19、Detecting Lateral Movements in Windows Infrastructure(2017)
http://cert.europa.eu/static/WhitePapers/CERT-EU_SWP_17-002_Lateral_Movements.pdf

20、Sensitive Information Tracking in Commodity IoT
https://arxiv.org/pdf/1802.08307.pdf

21、Compiler bug? Linker bug? Windows Kernel bug.
https://randomascii.wordpress.com/2018/02/25/compiler-bug-linker-bug-windows-kernel-bug/

22、ColdFusion for Pentesters
http://www.carnal0wnage.com/papers/LARES-ColdFusion.pdf

23、2017中国高级持续性威胁(APT)研究报告
https://ti.360.net/blog/articles/apt-report-of-2017/

24、2017 Mobile Threat Landscape
https://www.trendmicro.com/vinfo/us/security/research-and-analysis/threat-reports/roundup/2017-mobile-threat-landscape

25、recon brussels 2018 PPT
https://recon.cx/2018/brussels/slides/

26、SecWiki周刊(2018/02/19-2018/02/25)
https://www.sec-wiki.com/weekly/208

27、How To Do Your Reconnaissance Properly Before Chasing A Bug Bounty
https://medium.com/secjuice/guide-to-basic-recon-bug-bounties-recon-728c5242a115

28、I figured out a way to hack any of Facebook’s 2 billion accounts, and they paid me a $15,000 bounty for it
https://medium.freecodecamp.org/responsible-disclosure-how-i-could-have-hacked-all-facebook-accounts-f47c0252ae4d

29、hangzhou_house_knowledge:2017年买房经历总结出来的买房购房知识分享给大家,希望对大家有所帮助。买房不易,且买且珍惜
https://github.com/houshanren/hangzhou_house_knowledge

工具#PoT:Phishing on Twitter
https://github.com/omergunal/PoT

工具#hollows_hunter:A process scanner detecting and dumping hollowed PE modules.
https://github.com/hasherezade/hollows_hunter

工具#Ahk-dumper is a tool to dump AutoHotKey code from the RDATA section of a PE file.
https://github.com/aserper/ahk-dumper

工具#contact.sh:An OSINT tool to find contacts in order to report security vulnerabilities.
https://github.com/EdOverflow/contact.sh

工具#Shellen is an interactive shellcoding environment.
https://github.com/merrychap/shellen

点击收藏 | 0 关注 | 1
  • 动动手指,沙发就是你的了!
登录 后跟帖