腾讯玄武实验室安全动态推送
Tencent Xuanwu Lab Security Daily News
-
[ Conference ] Security conferences – Survival guide 2017 Q2 “May the odds be ever in your favor”! https://blogs.securiteam.com/index.php/archives/2968 https://t.co/YMpBJdiojp
"2017 年第二季度安全会议参会指南: https://t.co/RVbBCROO82 https://t.co/YMpBJdiojp"
-
[ Detect ] Attackers crack #ActiveDirectory service account pw offline for privilege esc. Detect #Kerberoasting Activity:… https://t.co/PTQsYa9PqD
"检测 Kerberoasting 攻击行为: https://adsecurity.org/?p=3458"
-
[ Linux ] #SharedLinks ROP Primer - Walkthrough of Level 0 http://j.mp/2k3PVB9
"ROP Primer - Walkthrough of Level 0: https://t.co/ACaGeP90RL"
-
[ Linux ] ZoneMinder - multiple vulnerabilities https://goo.gl/fb/5Lemyv #FullDisclosure
"视频监控软件 ZoneMinder 存在多个漏洞(CVE-2017-5595, CVE-2017-5367, CVE-2017-5368, CVE-2016-10140): https://t.co/BxJycl1shd "
-
[ Malware ] Phishlulz setup tutorial now live! Credit to @ antisnatchor for #phishlulz #phishing #BeEF https://jamescoote.co.uk/?p=112
"基于 Amazon AWS 的自动化钓鱼框架 Phishlulz 搭建教程: https://t.co/XrEO9e2pwD "
-
[ MalwareAnalysis ] [Blog] Spambot safari #1 - БОМБИЛА - БОТНЕТ. First article of a serie about spambot malware. https://benkowlab.blogspot.fr/2017/01/blog-post.html https://t.co/uXxq8Oqpct
"Bombila Spambot 分析: https://t.co/o8UIiTKNXU https://t.co/uXxq8Oqpct"
-
[ MalwareAnalysis ] My 100º blog post: https://zairon.wordpress.com/2017/02/05/from-rtf-to-cobalt-strike-passing-via-flash/
"RTF 恶意文档分析︰ https://t.co/tDy908XZjm"
-
[ OpenSourceProject ] The GNU C Library version 2.25 is now available https://sourceware.org/ml/libc-alpha/2017-02/msg00079.html
"GNU C Library 2.25 版本发布: https://t.co/SCFcx3zBB6"
-
[ Others ] Listing an executable’s IAT with VDB http://talesofacoldadmin.com/listing-an-executables-iat-with-vdb/
"利用 VDB 列出可执行 IAT : https://t.co/3OhNs5bSt5 "
-
[ Others ] One of my favorite references on .NET Reflection and Dynamic Types. I've used this a lot, thought I would share ;-) https://www.codeproject.com/Articles/121568/Dynamic-Type-Using-Reflection-Emit
"利用 Reflection.Emit 建立动态类型: https://t.co/7MeXslXonR"
-
[ Others ] Stealthy social network (Twitter / Facebook) based pentest drop box for red teams https://zone13.io/post/social-media-based-pentest-dropbox/
"利用 Twitter/Facebook 作 C&C 服务: https://t.co/UE13Nn7nz0"
-
[ Popular Software ] Writeup of my UAF bug in Google Hangouts ActiveX: http://pwnanisec.blogspot.be/2017/02/use-after-free-in-google-hangouts.html
"Google Hangouts 中使用的 Google Talk ActiveX 插件 UAF 漏洞分析︰ https://t.co/cPjdoJ1vXF"
-
[ Tools ] Sysmon DFIR Sources, configuration and how to detect evil things utilizing Microsoft Sysmon https://twitter.com/M_haggis/status/827691417128493056
"Sysmon 工具教程,利用 Sysmon 发现系统安全问题: https://github.com/MHaggis/sysmon-dfir"
-
[ Tools ] Just checked in Windows Intel PT Driver for Windows v0.5 from our presentation https://github.com/intelpt/WindowsIntelPT cc: @ aall86 @ reconbrx
"WindowsIntelPT -- 此驱动在 Intel Skylake 架构下实现了 Intel 处理器跟踪功能: https://t.co/Tjl03y9aTO "
-
[ Tools ] basicRAT - A Python Remote Access Trojan https://github.com/vesche/basicRAT
"basicRAT -- 用 Python 编写的远程控制工具: https://t.co/Ki8Z75uAKX"
-
[ Tools ] CPU emulator in web browser https://alexaltea.github.io/unicorn.js/index.html
"Unicorn.js -- 基于 JavaScript 的轻量级 CPU 模拟器框架: https://t.co/7fxARbtv0Y"
-
[ Virtualization ] [blog post] Hardening Win7 x64 on VirtualBox for Malware Analysis https://byte-atlas.blogspot.com/2017/02/hardening-vbox-win7x64.html https://t.co/hH03DARSAC
"加固 VirtualBox 上的 Win7 x64 来进行恶意软件分析: https://t.co/FHWjbf1qD3 https://t.co/hH03DARSAC"
-
[ Windows ] Pretty good reference here on Windows Scripting Components. [PDF] http://soliton.ae.gatech.edu/classes/ae6382/documents/MS_scripting/WindowsScriptingComponents.pdf
"Windows 脚本组件参考手册: https://t.co/zL5ZMy6tuL"
-
Xuanwu Spider via seebug[ MalwareAnalysis ] 深度分析使用高级反调试和反hook的Android Rootnik Malware,Part I:在Native层调试: http://paper.seebug.org/204/