2月2日-每日安全知识热点

1、gophish:一个开源的钓鱼框架

https://getgophish.com/

2、事件响应中的恶意软件分析

http://www.redblue.team/2016/02/a-soft-introduction-to-malware-analysis.html

3、frida 6.2发行:大量的性能改善,增加新的API

http://www.frida.re/news/2016/02/01/frida-6-2-released/

4、从McAfee的sitelist.xml配置文件里的账户信息到活动目录域权限

https://github.com/tfairane/HackStory/blob/master/McAfeePrivesc.md

5、注入代码到运行的linux进程

https://lkubuntu.wordpress.com/2016/01/31/injecting-code-into-running-process-with-linux-inject/

6、socat安全公告:可能的加密后门【硬编码的1024为DH参数没有素数】

http://www.openwall.com/lists/oss-security/2016/02/01/4

7、burpsuite插件:java反序列化扫描

https://github.com/federicodotta/Java-Deserialization-Scanner?

8、hackIM 2016 CTF writeup

http://www.kizhakkinan.com/?cat=22

9、卫星电话不可信:安全分析2个卫星电话标准

http://ieeexplore.ieee.org/stamp/stamp.jsp?reload=true&arnumber=6234409

10、排名top 20航空旅游站点yatra.com被重定向到恶意软件下载站点

http://blogs.forcepoint.com/security-labs/top-20-airline-travel-site-yatracom-victim-malvertizing-attack-redirects-users-angler