腾讯玄武实验室安全动态推送
Tencent Xuanwu Lab Security Daily News
-
[ Attack ] If you manage Internet facing Windows boxes, here are 7 pages of post-compromise actions by RDP brute forcers: https://twitter.com/JohnLaTwC/status/778011783466319872 #DFIR
"John Lambert 在 Azure 云上抓到的一段攻击代码︰ https://onedrive.live.com/view.aspx?resid=F32A9F4F1477E49!109&ithint=file%2cdocx&app=Word&authkey=!ANzQTrmsTXSK9FM "
-
[ Conference ] CB16 slides are released! Cb16資料公開! https://twitter.com/codeblue_jp/status/813302478322200576
"CODE BLUE 2016 大会 ppt 放出: https://t.co/puSgzqjJTB"
-
[ iOS ] Pegasus Exploits report updated - https://info.lookout.com/rs/051-ESQ-475/images/pegasus-exploits-technical-details.pdf
"Lookout 更新了 iOS Pegasus 的漏洞利用分析报告: https://t.co/ahg3sMZgNt"
-
[ iOS ] iOS kernel heap review https://razygon.github.io/2016/09/23/iOS-kernel-heap-review-5-10/
"重温 iOS 内核堆: https://t.co/o0CoyexvfL"
-
[ Linux ] Alpine Linux 3.5.0 released https://alpinelinux.org/posts/Alpine-3.5.0-released.html (http://bit.ly/2ixgbTa)
"Alpine Linux 3.5.0 发布: https://t.co/691vk1d3He "
-
[ Malware ] Creating an ELF Virus using Assembly : https://cranklin.wordpress.com/2016/12/26/how-to-create-a-virus-using-the-assembly-language/ , Demo : https://www.youtube.com/watch?v=x5IHfDHhXOs
"使用汇编语言来创建一个 ELF 病毒︰ https://t.co/DkVIaLM1jc,Demo︰ https://t.co/48Ijfmfwb1"
-
[ Pentest ] Pentesting Windows environments : Remote delivery of PowerShell payloads : https://akondrat.blogspot.in/2016/12/pentesting-windows-environments-remote.html https://t.co/lVBiqpm3Mi
"利用 PowerShell 对 Windows 环境进行远程渗透测试︰ https://t.co/tGFjxcl0D7 "
-
[ Pentest ] Controlling PC on ARM using Fault Injection @ #fdtc2016 https://goo.gl/zrxALi
"利用错误注入(Fault Injection)控制 PC(Paper): https://t.co/Xmk0z8qPnR "
-
[ ReverseEngineering ] ARM Reverse Engineering Exercises : https://github.com/rotlogix/arm_reverse_engineering_exercises/blob/master/README.md cc @ rotlogix
"ARM 逆向工程训练实例︰ https://t.co/Cb3wgXQZng "
-
[ Tools ] ksm : A really simple and lightweight x64 hypervisor written in C : https://github.com/asamy/ksm ,Details : https://asamy.github.io/ksm/
"ksm -- 一个轻量级的 x64 虚拟机管理程序︰ https://t.co/8UWEdTrnjt, 详细介绍︰ https://t.co/aXzVE890z7"
-
[ Tools ] FRAPL - framework created to simplify dynamic instrumentation with Frida. Based on IDAPython, Frida https://github.com/FriedAppleTeam/FRAPL
"FRAPL -- 一个为 IDA 和 Frida 搭起'友谊'之桥梁的逆向工具: https://t.co/DI9V9ZDXjo"
-
[ Vulnerability ] [CVE-2016-10033] PHPMailer - critical #0day #RCE (discovered by @ dawid_golunski). Patch & spread… https://t.co/9gH0srpLDL
"PHPMailer 被发现存在远程代码执行漏洞(CVE-2016-10033): https://t.co/9gH0srpLDL"
-
[ Windows ] Windows Shellcode: A PIC using 2048-bit key exchange, AES-256, SHA-3 https://modexp.wordpress.com/2016/12/26/windows-pic/ #infosec #security #crypto #shellcode
"用 C 语言来写 Shellcode: https://t.co/lRJGaY16ox "
-
[ WirelessSecurity ] SDR calibration via GSM FCCH using Kalibrate and LTE-Cell-Scanner on RTL-SDR and HackRF #SDR #HackRF #BladeRF https://medium.com/@ rxseger/sdr-calibration-via-gsm-fcch-using-kalibrate-and-lte-cell-scanner-on-rtl-sdr-and-hackrf-193a7fb8a3eb#.ycc5td48q
"SDR calibration via GSM FCCH using Kalibrate and LTE-Cell-Scanner on RTL-SDR and HackRF: https://t.co/Vtn9NIw895 "
-
[ WirelessSecurity ] Recording processing and playback of LTE signals using USRP devices. [PDF] #SDR #USRP http://web.eng.fiu.edu/~iguvenc/projects/LTE_Signal_Record_and_Playback%20(Nadisanka).pdf https://t.co/ZqqXhM4JdA
" 使用 USRP 设备来对 LTE 信号进行记录、处理和回放(PDF): https://t.co/rJxbQc6r0i"
