腾讯玄武实验室安全动态推送(Tencent Xuanwu Lab Security Daily News)

腾讯玄武实验室安全动态推送

Tencent Xuanwu Lab Security Daily News

[ Language ] 使用 Tree Shaking 技术减小 JavaScript 体积： https://developers.google.com/web/fundamentals/performance/optimizing-javascript/tree-shaking/
[ Linux ] The 101 of ELF files on Linux，详细的 ELF 文件格式学习入门教程： https://linux-audit.com/elf-binaries-on-linux-understanding-and-analysis/
[ MalwareAnalysis ] 针对 Uroburos 恶意软件的分析报告： https://exatrack.com/public/Uroburos_EN.pdf
[ ReverseEngineering ] 初学者的逆向工程学习网站： https://begin.re
[ Symbolic Execution ] 使用 Z3 求解器自动确定在汇编器中使用长跳转抑或短跳转： https://github.com/DennisYurichev/random_notes/blob/master/Z3/assembler_and_JMPs.py
[ Tools ] octopus - 区块链智能合约安全分析工具： https://github.com/quoscient/octopus
[ Tools ] python-registry - 读取 Windows 注册表信息的 Python 库： https://github.com/williballenthin/python-registry
[ Tools ] rogue - 无线网络攻击工具包： https://github.com/InfamousSYN/rogue
[ Windows ] 使用超长文件名让 Windows API 崩溃： http://www.hexacorn.com/blog/2018/07/01/win16-and-win32-api-bad-old-habits-call-back/

[ Linux ] 四两拨千斤：Ubuntu kernel eBPF 0day分析: http://www.freebuf.com/vuls/176094.html
[ MalwareAnalysis ] 抽丝剥茧：Agent Telsa最新变种脱壳分析: http://www.freebuf.com/articles/system/175716.html
[ ReverseEngineering ] 反调试及绕过: http://jmpews.github.io/2017/08/09/darwin/%E5%8F%8D%E8%B0%83%E8%AF%95%E5%8F%8A%E7%BB%95%E8%BF%87/
[ Tools ] burp-ntlm-challenge-decoder - 解析 NTLM SSP 头的 BurpSuite 插件: https://github.com/GoSecure/burp-ntlm-challenge-decoder
[ Tools ] h-encore - PS Vita 越狱程序，支持 3.65, 3.67 以及 3.68 固件版本： https://github.com/TheOfficialFloW/h-encore
[ Windows ] Windows 命令行系列 Part 2 之 Windows 命令行的演变: https://blogs.msdn.microsoft.com/commandline/2018/06/27/windows-command-line-the-evolution-of-the-windows-command-line/