腾讯玄武实验室安全动态推送
Tencent Xuanwu Lab Security Daily News
-
[ Attack ] 内核模式的实际威胁与防御,Part 2: https://www.endgame.com/blog/technical-blog/kernel-mode-threats-practical-defenses-part-2
-
[ Firmware ] 允许物理攻击者绕过 BootGuard 固件验证(CVE-2018-12169): https://edk2-docs.gitbooks.io/security-advisory/content/unauthenticated-firmware-chain-of-trust-bypass.html
-
[ iOS ] 从崩溃到 root:如何使用 abort() 逃出 ios 沙箱,来自 BeVxCon 大会: https://github.com/bazad/presentations/blob/master/beVX-2018-Crashing-to-root.pdf
-
[ macOS ] Apple 发布 macOS Mojave 10.14 的安全更新内容: https://support.apple.com/en-us/HT209139
-
[ Malware ] 针对招聘市场的 SMS 钓鱼攻击: https://blog.malwarebytes.com/cybercrime/2018/09/mobile-menace-monday-sms-phishing-attacks-target-the-job-market/
-
[ MalwareAnalysis ] . 恶意 AMI 镜像调查: https://summitroute.com/blog/2018/09/24/investigating_malicious_amis/
-
[ Others ] 从 VNC 会话中获取 qume 反向 Shell: https://blog.benjojo.co.uk/post/qemu-monitor-socket-rce-vnc
-
[ Pentest ] 在 Kali 上为 Windows 可执行文件签名: https://blog.didierstevens.com/2018/09/24/quickpost-signing-windows-executables-on-kali/
-
[ ReverseEngineering ] 针对东芝笔记本 BIOS 中的动态口令的软件和硬件逆向: https://badcyber.com/two-guys-one-laptop/
-
[ Side Channel ] PCB 板级的远程侧信道能耗分析攻击: https://eprint.iacr.org/2018/881.pdf
-
[ Tools ] 针对 Open Document Format(ODF) 的数字签名工具: https://github.com/vmiklos/odfsig
-
[ Tools ] Visual Studio Code 的 webhint 扩展,可以在开发中提供多种提示: https://medium.com/webhint/getting-hints-from-visual-studio-code-69118e48de1b
-
[ Tools ] halfempty - 一款快速并行的测试用例最小化工具: https://github.com/googleprojectzero/halfempty
-
[ Tools ] From Kekeo to Rubeus,及 Rubeus 工具详细介绍 : https://posts.specterops.io/from-kekeo-to-rubeus-86d2ec501c14Github : https://github.com/GhostPack/Rubeus
-
[ Tools ] DarthSidious - 域环境渗透测试实验室: https://github.com/chryzsh/DarthSidious/
-
[ Tools ] Malwoverview.py - 一款可以将恶意样本进行快速分类的简单工具: https://github.com/alexandreborges/malwoverview
-
[ Tools ] 通过 Binary Ninja 调试共享库: http://hwreblog.com/projects/so_debugging_binary_ninja.html
-
[ Vulnerability ] 在 GEARAspiWDM.sys 中导致 DOS 漏洞(CVE-2018-16712)的POC: https://github.com/DownWithUp/CVE-2018-16712/
-
[ Windows ] Windows Jet 数据库引擎越界写漏洞分析: https://blog.0patch.com/2018/09/outrunning-attackers-on-jet-database.html
-
[ Attack ] 在2层隧道中进行 Responder 攻击: https://ijustwannared.team/2017/05/27/responder-and-layer-2-pivots/
-
[ Browser ] 在 Hack2Win 比赛中,成功稳定攻破 Chrome 69 的演示:https://twitter.com/NedWilliamson/status/1043150732742946816
-
[ MalwareAnalysis ] 针对英国航空公司被插入记录用户隐私信息代码的 JavaScript 文件分析: https://medium.com/asecuritysite-when-bob-met-alice/the-british-airways-hack-javascript-weakness-pin-pointed-through-time-lining-dd0c2dbc7b50
-
-
-
[ Tools ] Hex-Rays 公布 2018 年 IDA 插件大赛获奖名单 :https://hex-rays.com/contests/2018/index.shtml
-
[ Tools ] 通过 PowerShell 获取所有入域计算机的 Windows Defender 状态 : https://sid-500.com/2018/08/27/powershell-getting-windows-defender-status-from-all-domain-joined-computers-get-antimalwarestatus/
-