腾讯玄武实验室安全动态推送
Tencent Xuanwu Lab Security Daily News
-
[ IoTDevice ] 物联网设备的固件模拟环境搭建: https://blog.attify.com/getting-started-with-firmware-emulation/
-
[ Malware ] HNS 物联网僵尸网络开始对跨平台数据库发起攻击: https://securityaffairs.co/wordpress/74256/malware/hns-botnet-improvement.html
-
[ Tools ] dangerous-methods - 用于检测 Javascript 中潜在危险方法的 Burpsuite 扩展: https://gitlab.com/technotame/dangerous-methods
-
-
[ Others ] 使用 Sysmon 和 ATT&CK 分类和完善 ELK 中的安全事件: https://cyberwardog.blogspot.com/2018/07/categorizing-and-enriching-security.html
-
-
[ Tools ] bucket-disclose.sh - S3 Bucket 安全检测脚本: https://gist.github.com/fransr/a155e5bd7ab11c93923ec8ce788e3368
-
[ Tools ] 从 Sysmon 事件日志中解析 LogonGUID 与 ProcessGUID 的 PS 脚本: https://gist.github.com/mattifestation/0102042160c9a60b2b847378c0ef70b4
-
[ Vulnerability ] Intel 处理器诊断工具的可执行安装程序本地提权漏洞披露(CVE-2018-3667, CVE-2018-3668 ) : http://seclists.org/fulldisclosure/2018/Jul/27