技术类:
移动安全:使用便宜的设备实践攻击
http://www.synacktiv.fr/ressources/synacktiv_mobile_communications_attacks.pdf
一款开源的杀毒软件引擎,用来检测病毒
https://github.com/develbranch/TinyAntivirus
OSTrICa:开源的威胁情报收集平台
https://github.com/Ptr32Void/OSTrICa
wget 1.17 以及之前版本的任意代码执行漏洞poc
https://blogs.securiteam.com/index.php/archives/2701
Windows 7 SP1 x86提权POC (MS16-014)
https://www.exploit-db.com/exploits/40039/
PowerSploit cheatsheet
https://github.com/HarmJ0y/CheatSheets/blob/master/PowerSploit.pdf
MIRCOP恶意欺诈软件的解密工具下载
http://news.softpedia.com/news/free-decrypter-available-for-download-for-mircop-ransomware-505976.shtml?utm_content=bufferf8aa5&utm_medium=social&utm_source=plus.google.com&utm_campaign=buffer
分析vegan anti-BeFF的chrome的扩展绕过
https://github.com/beefproject/beef/commit/9e3385cf4c6cb98fe96343117d545415514f94ed
U2F Zero:开源的,支持Google,Openssh,github等服务的物理双银子验证工具
https://github.com/conorpp/u2f-zero
在Cpython中编写C代码
https://spacy.io/blog/writing-c-in-cython
开源的PGP实现工具,可以在web中使用
https://github.com/henryboldi/felony
BDFProxy 更新,可以支持mitmproxy到v0.17版本
https://github.com/secretsquirrel/BDFProxy
在dell ChromeBook 11 安装kali
http://jerrygamblin.com/2016/07/04/installing-kali-on-a-dell-chromebook-11/
Gootkit木马分析
http://www.malekal.com/trojan-gootkit/
Cisco Prime Infrastructure 远程代码执行漏洞
https://blogs.securiteam.com/index.php/archives/2727
[NDH2K16 2016] [FORENSICS 150 – DRAW ME A SHEEP] WRITE UP
https://0x90r00t.com/2016/07/04/ndh2k16-2016-forensics-150-draw-me-a-sheep-write-up/
恶意广告有所减少,但是并没有完全消失
https://blog.malwarebytes.com/cybercrime/exploits/2016/07/malvertising-slowing-down-but-not-out/
hashkiller 2016-7月比赛的writeup
https://hashkiller.co.uk/contest/2016-06/contest_2016-07_write-up.pdf
资讯类:
Satana 恶意欺诈软件加密你计算机的BOOT,阻止你启动
http://news.softpedia.com/news/satana-ransomware-encrypts-your-boot-record-and-prevents-your-pc-from-starting-505933.shtml
联想thinkpad 0day可以绕过windows安全
http://www.itnews.com.au/news/lenovo-thinkpad-zero-day-bypasses-windows-security-430090?utm_source=feed&utm_medium=rss&utm_campaign=iTnews+Security+feed&utm_source=twitterfeed&utm_medium=twitter
在yiSpecter和HummingBad恶意软件后的中国广告商
http://news.softpedia.com/news/chinese-advertiser-behind-yispectre-ios-malware-and-hummingbad-android-malware-505939.shtml?utm_content=buffer88cbd&utm_medium=social&utm_source=plus.google.com&utm_campaign=buffer
黑客如何窃取facebook账号,然后制作假护照
https://www.grahamcluley.com/2016/07/hacker-stole-access-facebook-users-profile-fake-passport/
仅仅48个小时,恶意软件通过facebook传播,感染1万用户
http://news.softpedia.com/news/malware-spread-via-facebook-makes-10-000-victims-in-48-hours-505969.shtml
数据泄露消息:
有人放出twitter的7千万账号以及yahoo 的500万
昨天匿名者声称放出alibaba的数据库,提供了解压密码,
因该是前段时间用的原来网易的邮箱撞库出来的,相关新闻https://nakedsecurity.sophos.com/2016/02/05/data-breach-in-china-100-million-records-used-to-hack-20-million-taobao-users/
发表评论
您还未登录,请先登录。
登录