腾讯玄武实验室安全动态推送
Tencent Xuanwu Lab Security Daily News
-
[ iOS ] 作者尝试在 QEMU 中运行 iOS kernel: https://twitter.com/zhuowei/status/1018482104345157632
-
[ IoTDevice ] 针对 Raspberry Pi 的内核研究: http://blog.k3170makan.com/2018/07/reversing-bare-bones-raspberry-pi.html
-
[ Others ] 将 DLL 动态链接库文件转换为独立可执行文件的技巧: https://hshrzd.wordpress.com/2016/07/21/how-to-turn-a-dll-into-a-standalone-exe/
-
[ Popular Software ] phpMyAdmin 4.8.x RCE 漏洞 MSF 利用模块(CVE-2018-12613): https://www.exploit-db.com/exploits/45020/
-
[ ReverseEngineering ] 逆向 WipEout 游戏: http://phoboslab.org/log/2015/04/reverse-engineering-wipeout-psx
-
[ Tools ] ia32-doc - 将 IA32 的手册中的定义,转换为机器可读的版本(yaml): https://github.com/wbenny/ia32-doc
-
[ Tools ] htrace.sh - 调试 http/https 请求的 shell 脚本: https://github.com/trimstray/htrace.sh
-
[ Tools ] ibombshell - 基于 Powershell 实现的后渗透测试工具: https://github.com/ElevenPaths/ibombshell
-
-
[ Language ] Go代码审计 - gitea 远程命令执行漏洞链: https://www.leavesongs.com/PENETRATION/gitea-remote-command-execution.html
-
[ Linux ] linux-kernel-exploitation - Linux 内核漏洞利用方向的资源收集: https://github.com/xairy/linux-kernel-exploitation
-
-
-
-
-
-
[ Windows ] Windows 10 安全加固建议: https://www.scriptjunkie.us/2018/07/windows-10-decontamination-scripts/
-
[ Windows ] 如何用 c 写一段跟地址无关的 shellcode: https://modexp.wordpress.com/2018/07/12/process-injection-writing-payload/