腾讯玄武实验室安全动态推送
Tencent Xuanwu Lab Security Daily News
-
[ Android ] Android JSON反序列化内存损坏漏洞分析 Part 1: https://versprite.com/blog/json-deserialization-memory-corruption-vulnerabilities/
-
[ Attack ] 使用 VoLTE 攻击代理呼叫会话控制功能(P-CSCF): https://securityaffairs.co/wordpress/75878/hacking/compromising-proxy-call-session-control-function-p-cscf-using-volte.html
-
[ Browser ] Microsoft Edge Chakra OP_NewScObjArray Type Confusion 远程代码执行漏洞分析与利用: http://blogs.360.cn/post/Microsoft%20Edge%20Chakra%20OP_NewScObjArray%20Type%20Confusion%20%E8%BF%9C%E7%A8%8B%E4%BB%A3%E7%A0%81%E6%89%A7%E8%A1%8C%E6%BC%8F%E6%B4%9E%E5%88%86%E6%9E%90%E4%B8%8E%E5%88%A9%E7%94%A8.html
-
[ Tools ] JScriptToDotnet.js - 从 - 从 DotNetToJScript 生成的脚本中提取 Payload 的工具: https://gist.github.com/caseysmithrc/b752447067b6f099f08baefe00978fad
-
[ Tools ] Ps1jacker - 生成 COM 劫持 Payload 的工具: https://github.com/darkw1z/Ps1jacker
-
[ Tools ] ansible-os-hardening - Ansible 角色提供了许多与安全相关的配置,可以提供了全面的基本保护: https://github.com/dev-sec/ansible-os-hardening
-
[ Tools ] UACMe 3.0.0 版本发布,此版本进行了程序的重构并添加了更多基于 AutoElevated 的 COM 接口方法: https://github.com/hfiref0x/UACME/
-
[ Virtualization ] 虚拟化内部结构 Part 3 - Xen和半虚拟化 : https://saferwall.com/blog/virtualization-internals-part-3-xen-and-paravirtualization
-
[ Windows ] 滥用COM注册表结构(Part 2): 劫持加载技术: https://bohops.com/2018/08/18/abusing-the-com-registry-structure-part-2-loading-techniques-for-evasion-and-persistence/
-
-
[ Browser ] 深入理解V8引擎: 探究Smis类型的数值范围: https://medium.com/fhinkel/v8-internals-how-small-is-a-small-integer-e0badc18b6da
-
[ Browser ] GOOGLE WANTS TO KILL THE URL :https://www.wired.com/story/google-wants-to-kill-the-url/
-
[ Cloud ] 最新的CloudSecurity Research: 使用AWS帐户ID进行IAM用户枚举 : https://github.com/RhinoSecurityLabs/Security-Research/tree/master/tools/aws-pentest-tools/iam_user_enum
-
[ Fuzzing ] Fuzzing Counter-Strike(反恐精英): 通过AFL对全球攻势地图文件进行Fuzzing。RealWorldCTF 2018中的一道比赛题,介绍作者是如何查找并利用 CS:GO服务器所使用的地图文件加载器中的错误 : https://phoenhex.re/2018-08-26/csgo-fuzzing-bsp
-
[ MalwareAnalysis ] 使用 scdbg 分析 shellcode: https://isc.sans.edu/forums/diary/Another+quickie+Using+scdbg+to+analyze+shellcode/24058/
-
[ MalwareAnalysis ] OilRig 针对中东政府进行攻击并为其 OopsIE 木马增加了逃避查杀的技术: https://researchcenter.paloaltonetworks.com/2018/09/unit42-oilrig-targets-middle-eastern-government-adds-evasion-techniques-oopsie/
-
[ MalwareAnalysis ] WordPress 数据库更新钓鱼活动调查分析: https://blog.sucuri.net/2018/09/wordpress-database-upgrade-phishing-campaign.html
-
-
[ Pentest ] 渗透测试与红队对比:PCI合规性: https://medium.com/@malcomvetter/penetration-testing-vs-red-teaming-pci-edition-504e9b8125f9
-
[ Popular Software ] Word 文档内嵌 SVG 文档 ActiveX 控件 POC : https://twitter.com/harr0ey/status/1036087830752239618
-
-
[ Programming ] 提高正则表达性能的技术: https://www.loggly.com/blog/five-invaluable-techniques-to-improve-regex-performance/
-
-
[ Tools ] OSCPRepo - 作者所收集对 OSCP 认证的学习材料,包括命令、脚本、资源等 :https://github.com/rewardone/OSCPRepo
-
[ Tools ] python-dotnet-binaryformat - .NET Binaryformatter 序列化编码数据解析器: https://github.com/williballenthin/python-dotnet-binaryformat
-