腾讯玄武实验室安全动态推送
Tencent Xuanwu Lab Security Daily News
-
[ Linux ] Kernel memory randomization and trampoline page tables https://medium.com/@ mxatone/kernel-memory-randomization-and-trampoline-page-tables-9f73827270ab#.k2js6wito
" Linux 内核地址随机化特性早期启动过程一个关于页表的 Bug: https://t.co/whFYzwwydk"
-
[ Others ] I missed Witchcraft Compiler Collection @ Defcon. Glad I found it now. Tool & slides https://github.com/endrazine/wcc/blob/master/doc/presentations/Jonathan_Brossard_Witchract_Compiler_Collection_Defcon24_2016.pdf https://github.com/endrazine/wcc
" DefCon 会议关于 Witchcraft 编译器套件的演讲 PPT: https://t.co/JaqNSCg8dF "
-
[ ReverseEngineering ] Ha! Of course there is already a decoder plugin and it’s more complete than mine! … FML https://github.com/tandasat/WinIoCtlDecoder/blob/master/plugins/WinIoCtlDecoder.py Kudos to @ standa_t
" IDA Pro ioctl code 解码器插件: https://t.co/DT6un2QrP6 "
-
[ Virtualization ] 1.2.4 also added simple/dumb hypervisor agnostic hypercall fuzzer & initial release of Xen specific hypercall tool: https://github.com/chipsec/chipsec/tree/master/source/tool/chipsec/modules/tools/vmm
" CHIPSEC 框架中的一个子工具 vmm - HyperCall Fuzzer︰ https://t.co/7DHjWHxUeK"
-
[ Web Security ] State-Of-The-Art OAuth2 Homakov Edition - http://www.oauthsecurity.com/
" OAuth2 安全手册,一个专门关注 OAuth 安全的网站: https://t.co/RB4wTDqvV3"
-
[ Windows ] #PowerShell Attack Tools, Mitigation, & Detection including PowerShell attack indicators https://adsecurity.org/?p=2921 https://t.co/tmPOTgV2Wo
" PowerShell 攻击、缓解及攻击检测: https://t.co/G6PN8mRcEN "
