6月1日-每日安全知识热点

http://p0.qhimg.com/t01f7ef32da341925d2.jpg

Fail2Ban 终将支持 ipv6

https://www.slightfuture.com/security/fail2ban-ipv6


对OEM更新的安全分析

https://duo.com/assets/pdf/out-of-box-exploitation_oem-updaters.pdf


Web Storage: the lesser evil for session tokens

http://blog.portswigger.net/2016/05/web-storage-lesser-evil-for-session.html


基于docker,可在浏览器中操作的kali容器

http://jerrygamblin.com/2016/05/31/kalibrowser/


基于docker,可在浏览器中操作的burpsuite容器

http://jerrygamblin.com/2016/05/31/burpbrowser/


使用rr跟踪堆溢出

https://sean.heelan.io/2016/05/31/tracking-down-heap-overflows-with-rr/


深入分析hdroot

http://williamshowalter.com/a-universal-windows-bootkit/


使用windows自带的工具分发恶意软件的三个新方法

https://www.invincea.com/2016/05/decodes-downloads-and-disguises-three-new-methods-for-distributing-malware-using-windows-internal-tools/


Burp Suite JS Beautifier 插件

https://github.com/irsdl/BurpSuiteJSBeautifier


从xss到绕过waf到获取webshell

https://www.ethicalhacker.net/features/root/hacking-wordpress-with-xss-to-bypass-waf-and-shell-an-internal-box


HITB CTF 2016: 'Special Delivery' writeup

https://kitctf.de/writeups/hitbctf/special_delivery/


近期增加的针对23端口的扫描

https://isc.sans.edu/diary/21115


另一个利用powershell和wmi作为恶意软件的实例

https://citizenlab.org/2016/05/stealth-falcon/


通过javascript执行payload的附件

https://neonprimetime.blogspot.tw/2016/05/javascript-attachment-executing-payload.html


通过wpad_audit快速审计.net应用

http://seclist.us/wpad_audit-is-a-quick-and-easy-method-to-audit-net-applications-for-wpad-mitm-attacks-over-http-and-https.html


The Devopsification of Windows Server.pptx

https://github.com/jpsnover/Conferences/blob/master/2016-May-WinOps/The%20Devopsification%20of%20Windows%20Server.pptx


客户端的密码hashing可以减少服务器负载以及限制暴力破解

https://github.com/dxa4481/clientHashing


针对Virtualbox, VirtualMachine, Cuckoo, Anubis, ThreatExpert, Sandboxie, QEMU的检测工具

https://github.com/AlicanAkyol/sems


aleph:一个开源的恶意软件分析系统

https://n0where.net/aleph-opensource-malware-analysis-system/

免责声明:文章内容不代表本站立场,本站不对其内容的真实性、完整性、准确性给予任何担保、暗示和承诺,仅供读者参考,文章版权归原作者所有。如本文内容影响到您的合法权益(内容、图片等),请及时联系本站,我们会及时删除处理。查看原文

为您推荐