4月18日-每日安全知识热点

http://p0.qhimg.com/t01f7ef32da341925d2.jpg

1、介绍WINDOWS内核利用

https://www.whitehatters.academy/intro-to-windows-kernel-exploitation-more-of-the-hacksys-driver/

2、INFILTRATE 2016 会议PPT和部分视频

http://infiltratecon.com/archives.html

3、HackingTeam被黑过程英文版,西班牙语版http://pastebin.com/raw/GPSHF04A

http://pastebin.com/raw/0SNSvyjJ

4、Edge XSS filter 绕过

http://blog.portswigger.net/2016/04/edge-xss-filter-bypass.html

5、一个ELF/STD irc BOT分析

http://blog.malwaremustdie.org/2016/04/mmd-0053-2016-bit-about-elfstd-irc-bot.html

6、操作系统开发系列教程

http://www.brokenthorn.com/Resources/OSDevIndex.html

7、通过powershell实现Meterpreter stage的AV/IDS逃逸

https://arno0x0x.wordpress.com/2016/04/13/meterpreter-av-ids-evasion-powershell/

8、通过VOIP内网评估获取域管理员权限的方法

http://c0d3xpl0it.blogspot.tw/2016/04/compromising-domain-admin-in-voip.html

9、通过工具检测BGP路由劫持和其他路由异常

https://labs.ripe.net/Members/guillaume_valadon/tools-to-parse-bgp-archives

10、从exploitdb下载工具然后编译运行的自动化LINUX提权工具

https://github.com/ngalongc/AutoLocalPrivilegeEscalation

11、Docker & Security

https://www.ernw.de/download/ERNW_Stocard_Docker-Devops-Security_fbarth-mluft.pdf

12、Microsoft Internet Explorer 11 MSHTML.DLL远程二进制 Planting 漏洞

http://seclists.org/fulldisclosure/2016/Apr/61

13、关于bash_history你所不知道的技巧

http://www.deer-run.com/~hal/DontKnowJack-bash_history.pdf

14、sctf 2016 writeup

https://github.com/VulnHub/ctf-writeups/tree/master/2016/sctf

15、如何编写钓鱼模板

http://resources.infosecinstitute.com/how-to-write-phishing-templates-that-work/

16、了解机器学习:从理论到算法:

http://www.cs.huji.ac.il/~shais/UnderstandingMachineLearning/understanding-machine-learning-theory-algorithms.pdf

17、DNS问题导致西部数据用户数据暴露

http://www.securityweek.com/western-digital-user-data-exposed-dns-issue

18、使用数字签名伪装windows 系统二进制

https://labs.mwrinfosecurity.com/blog/masquerading-as-a-windows-system-binary-using-digital-signatures/

19、sCTF 2016 Q1: Ed25519 Writeup

https://gist.github.com/elliptic-shiho/f41fd75cc30646a61d7ad63043fdd56e

20、反混淆和分析垃圾邮件发送者的php脚本

https://jelleraaijmakers.nl/2016/04/dissecting-spammers-spam-script

21、PlaidCTF 2016 rabit write-up

http://blog.clark.re/2016/04/plaidctf-2016-rabit-write-up.html

22、Plaid CTF 2016: Butterfly Writeup (pwn 150)

http://redgetan.cc/plaid-ctf-2016-butterfly-writeup/

23、从scrath构建一个linux 路由器

http://arstechnica.com/gadgets/2016/04/the-ars-guide-to-building-a-linux-router-from-scratch/

24、用python写一个python interpreter

http://aosabook.org/en/500L/pages/a-python-interpreter-written-in-python.html

免责声明:文章内容不代表本站立场,本站不对其内容的真实性、完整性、准确性给予任何担保、暗示和承诺,仅供读者参考,文章版权归原作者所有。如本文内容影响到您的合法权益(内容、图片等),请及时联系本站,我们会及时删除处理。查看原文

为您推荐