今日导读:Mac App Store中的挖矿应用探究、首例利用CVE-2017-8464漏洞挖矿事件:打开U盘即中招 、病毒分析 | 一款史上最流氓的QQ营销病毒、SecurEnvoy SecurMail加密邮件传输解决方案存在多个安全漏洞、远丰集团旗下CMS漏洞分析、在内存中找出Metasploit的Meterpreter痕迹、解析.DS_Store文件格式、UXSS漏洞收集等,还有一些实用工具推荐。

另:图片不要错过

1、A Surreptitious Cryptocurrency Miner in the Mac App Store? › a free calender app possesses more than meets the eye!
https://objective-see.com/blog/blog_0x2B.html

2、首例利用CVE-2017-8464漏洞挖矿事件:打开U盘即中招
http://www.freebuf.com/column/164908.html

3、病毒分析 | 一款史上最流氓的QQ营销病毒
http://www.freebuf.com/articles/terminal/164742.html

4、Several vulnerabilities in the SecurEnvoy SecurMail encrypted mail transfer solution allow an attacker to read other users’ encrypted e-mails and overwrite or delete e-mails stored in other users' inboxes.
https://sec-consult.com/en/blog/advisories/multiple-critical-vulnerabilities-in-securenvoy-securmail/

5、远丰集团旗下CMS疑有官方后门
http://www.freebuf.com/articles/web/164609.html

6、Java代码审计-铁人下载系统
https://landgrey.me/liuxing-java-code-audit/

7、Attacking Merkle Trees with a Second Preimage Attack
https://flawed.net.nz/2018/02/21/attacking-merkle-trees-with-a-second-preimage-attack/

8、网易云音乐PC客户端加密API逆向解析
http://www.freebuf.com/articles/web/164636.html

9、IOTA Signatures, Private Keys and Address Reuse?
http://blog.lekkertech.net/blog/2018/03/07/iota-signatures/

10、Finding Metasploit’s Meterpreter Traces with Memory Forensics
http://cyberforensicator.com/2018/03/11/finding-metasploits-meterpreter-traces-with-memory-forensics/

11、Process Injection with GDB
https://magisterquis.github.io/2018/03/11/process-injection-with-gdb.html

12、Fuzzing arbitrary functions in ELF binaries
https://blahcat.github.io/2018/03/11/fuzzing-arbitrary-functions-in-elf-binaries/

13、Exploring new depths of Threat Hunting... or how to write ARM 32-bit shellcode in 6 minutes
https://azeria-labs.com/downloads/SAS-v1.0-Azeria.pdf

14、Parsing the .DS_Store file format
https://0day.work/parsing-the-ds_store-file-format/

15、A first look at browser-based cryptojacking
https://arxiv.org/pdf/1803.02887.pdf

16、Precise and Scalable Detection of Double-Fetch Bugs in OS Kernels
https://csdl.computer.org/csdl/proceedings/sp/2018/4353/00/435301a270.pdf

17、Understanding Linux Malware
http://www.s3.eurecom.fr/docs/oakland18_cozzi.pdf

18、Cool list of UXSS bugs
https://github.com/Metnew/uxss-db

19、Easily Report Phishing and Malware
https://decentsecurity.com/#/malware-web-and-phishing-investigation/

20、SecWiki周刊(2018/03/05-2018/03/11)
https://www.sec-wiki.com/weekly/210

21、PHP : Winning the race against PHP (alternative way to easy_php @ N1CTF2018)
http://dann.com.br/php-winning-the-race-condition-vs-temporary-file-upload-alternative-way-to-easy_php-n1ctf2018/

工具#APT15 YARA rule
https://github.com/Neo23x0/signature-base/blob/master/yara/apt_apt15.yar

工具#signature-base is a submodule for my scanner tools LOKI and SPARK
https://github.com/Neo23x0/signature-base

工具#tactical-exploitation:Modern tactical exploitation toolkit.
https://github.com/0xdea/tactical-exploitation

工具#PyREBox : a Python scriptable Reverse Engineering sandbox (based on QEMU)
https://github.com/Cisco-Talos/pyrebox

工具#RAT-via-Telegram - Windows Remote Administration Tool via Telegram
https://github.com/Dviros/RAT-via-Telegram

工具#Probable-Wordlists:Wordlists sorted by probability originally created for password generation and testing
https://github.com/berzerk0/Probable-Wordlists

工具#EasyROP - tool allows you to search gadgets, operations formed by gadgets and generate automatic ROP chains in Portable Executable (PE). Based on Capstone, pefile.
https://github.com/uZetta27/EasyROP

工具#firefox_tunnel:The way to use firefox to make a tunnel to remote communication.
https://github.com/convisoappsec/firefox_tunnel

工具#Memory Analysis Framework Server - a small TCP-based server for interfacing with an iOS device's memory over the network (a port of Ian Beer's extra_recipe server stub)
https://github.com/PsychoTea/maf_server

工具#python-sandboxapi:Python library providing a common interface to a variety of sandboxes, including: Cuckoo, Falcon (Formerly VxStream), FireEye, Joe, and VMRay.
https://github.com/InQuest/python-sandboxapi

点击收藏 | 0 关注 | 1
  • 动动手指,沙发就是你的了!
登录 后跟帖