腾讯玄武实验室安全动态推送
Tencent Xuanwu Lab Security Daily News
-
[ Attack ] 如何利用 Nero 工具进行持久化攻击: http://www.hexacorn.com/blog/2018/12/26/beyond-good-ol-run-key-part-97/
-
[ Attack ] 如何通过 Windows Alternate Data Streams (ADS) 将数据隐藏在文件和目录中: https://winitor.com/pdf/NtfsAlternateDataStreams.pdf
-
[ Conference ] ZeroNights 2018 大会议题材料放出: https://2018.zeronights.ru/en/materials/
-
[ Crypto ] 证书和 Public Key Infrastructure(PKI) 介绍: https://smallstep.com/blog/everything-pki.html
-
[ Linux ] Linux 发布 arm64 更新,添加多种保护机制: https://twitter.com/i/web/status/1077940843879849986
-
[ Mitigation ] 针对 Control-Flow Integrity(CFI)以及其评估过程 : https://nebelwelt.net/blog/20181226-CFIeval.html
-
[ Pentest ] 针对 Word 禁止创建子进程的保护机制 bypass: https://twitter.com/StanHacked/status/1075088449768693762
-
[ Tools ] Dwarf - 一款用于对 Android 进行逆向分析和破解的调试器 : https://github.com/iGio90/Dwarf
-
[ Tools ] 远程获取 BitLocker 加密类型的脚本,可用于帮助检测(CVE-2018-12038)漏洞: https://github.com/thom-s/remote-bitlocker-encryption-report
-
[ Tools ] ORADAD - 一款针对 Active Directory 的自动化数据恢复工具: https://github.com/ANSSI-FR/ORADAD
-
[ Android ] Android Apps 包含私钥时的安全问题介绍: https://resources.sei.cmu.edu/asset_files/Presentation/2018_017_101_517769.pdf
-
[ Exploit ] 任天堂 3DS 系统上的浏览器 Exploit : https://mrnbayoh.github.io/blog/exploiting-the-3ds-browsers-p1/
-
[ Windows ] Windows MsiAdvertiseProduct 的可以致本地提权的竞争条件漏洞介绍 : https://www.i-secure.co.th/2018/12/detecting-use-sandboxescapers-msiadvertiseproduct-0-day-poc/
-