腾讯玄武实验室安全动态推送
Tencent Xuanwu Lab Security Daily News
-
[ Detect ] Detecting lateral movement in APT's by Japan CERT. http://goo.gl/tJ6ccc #ThreatHunting https://t.co/otncpHdy3P
" 通过分析 Windows 事件日志的方法检测 APT 攻击中的横向移动: https://cyber-ir.com/2016/09/23/detecting-lateral-movement-in-apts-by-japan-cert/ "
-
[ iOS ] 935csbypass- bypassing code signatures in iOS 9.3.5 https://github.com/kpwn/935csbypass
" iOS 9.3.5 代码签名绕过工具: https://t.co/N4doHnJrFr "
-
[ Others ] As promised in my last tweet: Using branch target buffer collisions to break hypervisor ASLR. PoC on github: https://github.com/felixwilhelm/mario_baslr/
" 利用分支目标缓冲区冲突的方法攻击 KVM Hypervisor ASLR: https://t.co/fmtS3uYMlM Paper: http://www.cs.binghamton.edu/%7Edima/micro16.pdf "
-
[ Pentest ] The slides for "A Year in the Empire" by myself and @ harmj0y are up: http://www.slideshare.net/harmj0y/a-year-in-the-empire 2.0 code is here: https://t.co/bRxZYfF8j7
" A Year in the Empire,Empire 是一个 PowerShell 攻击框架︰ https://t.co/Gj0VffPQAD 2.0 版本︰ https://t.co/bRxZYfF8j7"
-
[ Tools ] Code coverage for crashing inputs triggered by AFL: https://github.com/bshastry/afl-sancov - fork of my afl-cov project.
" 基于 Clang CoverageSanitizer 的 AFL 代码覆盖率分析工具︰ https://github.com/bshastry/afl-sancov "
-
[ Tools ] VMAttack - Plugin for static and dynamic virtualization-based packed analysis and deobfuscation. Based on IDAPython https://github.com/anatolikalysch/VMAttack
"VMAttack - 基于 IDAPython,用于辅助分析基于虚拟化的代码混淆: https://t.co/29Zx3qtQn9"
-
[ Tools ] BinAuthor - IDA pro plugin developped through research at concordia in the area of binary authorship identification. https://github.com/g4hsean/BinAuthor
"BinAuthor - IDA Pro 的插件,用于识别二进制代码的作者: https://t.co/m7o2kFiF6B"
-
[ Windows ] @ vvalien1 and I released our new Windows Privilege escalation @ DerbyCon today - code is online at https://github.com/foxglovesec/RottenPotato - blog post soon
" RottenPotato - 从本地服务用户提权至 SYSTEM 的工具: https://github.com/foxglovesec/RottenPotato "
