腾讯玄武实验室安全动态推送
Tencent Xuanwu Lab Security Daily News
-
[ Crypto ] SEVered: Subverting AMD’s Virtual Machine Encryption(Paper): https://arxiv.org/pdf/1805.09604.pdf
-
[ Exploit ] SAP Internet Transaction Server 6200.x - 会话固定以及 XSS 漏洞 EXP: https://www.exploit-db.com/exploits/44755/
-
[ Mobile ] Beyond Root ,来自 腾讯科恩实验室: https://www.qualcomm.com/sites/ember/files/uploads/qpsi_summit_2018_keenlab_pub.pdf
-
[ Pentest ] 反序列化漏洞原理剖析与案例学习: https://www.exploit-db.com/docs/english/44756-deserialization-vulnerability.pdf
-
[ Pentest ] 在 Azure 云下搭建 SQL Server 作为 C2 服务以绕过防火墙限制: https://blog.netspi.com/databases-and-clouds-sql-server-as-a-c2/
-
[ Tools ] pypykatz - 纯 Python 实现的 Mimikatz: https://github.com/skelsec/pypykatz
-
-
[ Tools ] mimikatz 推出解密 SSH RSA keys 的功能: https://twitter.com/i/web/status/1000162256456441857
-
[ Tools ] HttpClientEcho - HTTP 自动化测试工具: https://www.nuget.org/packages/HttpClientEcho
