腾讯玄武实验室安全动态推送
Tencent Xuanwu Lab Security Daily News
-
[ Android ] [local] - Android - get_user/put_user Exploit (Metasploit) https://www.exploit-db.com/exploits/40975/
"Android get_user/put_user 内核提权 MSF Exp (CVE-2013-6282): https://t.co/DWccZY6HjB"
-
[ Hardware ] Dissecting HDMI (33c3) http://cdn.media.ccc.de/congress/2016/h264-hd/33c3-8057-fra-Dissecting_HDMI.mp4
"剖析 HDMI ,来自 33c3 2016 大会议题,Video: https://t.co/JMbxxvhUCo"
-
[ Hardware ] Samy Kamkar's Crash Course in How to Be a Hardware Hacker https://www.youtube.com/watch?v=tlwXmNnXeSY
"如何成为硬件 hacker(Video): https://t.co/yPdHD25kjw "
-
[ MachineLearning ] Machine Learning Crash Course (Part 1) : https://ml.berkeley.edu/blog/2016/11/06/tutorial-1/
"机器学习速成课 (Part 1): https://t.co/YA3v1r4A30"
-
[ MachineLearning ] Collection of Deep Learning Security Research Papers http://www.covert.io/deep-learning-security-papers/
"深度学习安全研究论文集: https://t.co/MS5aHULmBY "
-
[ Others ] Want to download all the info that Shodan has available for a list of IPs? Here's a Python script to do it: https://gist.github.com/achillean/f4bce0971b132f35d104a728d8d797f1
"基于 Python 编写的 Shodan IP 信息采集脚本︰ https://t.co/sBHySC02lt"
-
[ Popular Software ] [webapps] - Zend Framework / zend-mail < 2.4.11 - Remote Code Execution https://www.exploit-db.com/exploits/40979/
"PHP 开源框架 Zend Framework / zend-mail < 2.4.11 远程代码执行漏洞(CVE-2016-10034 ) : https://t.co/ISPC8exUtj"
-
[ Popular Software ] SwiftMailer <= 5.4.5-DEV Remote Code Execution (CVE-2016-10074) https://goo.gl/fb/TzpCG2 #FullDisclosure
"SwiftMailer <= 5.4.5-DEV 远程代码执行漏洞 (CVE-2016-10074): https://t.co/O3QE88WmGV "
-
[ SecurityProduct ] Technical report on DNC hack : https://www.us-cert.gov/sites/default/files/publications/JAR_16-20296A_GRIZZLY%20STEPPE-2016-1229.pdf (pdf)
"GRIZZLY STEPPE -- 关于俄罗斯针对美国的恶意网络活动的分析报告,来自美国国土安全部和联邦调查局联合发布(PDF)︰ https://t.co/UIBbKnQiGz "
-
[ Tools ] BrowserFS : In-browser filesystem that emulates Node JS fs API & supports storing/retrieving files from var backend: https://github.com/jvilk/BrowserFS
"BrowserFS -- 一个浏览器内文件系统,可以模拟 Node JS 文件系统 API,并支持从多种后端存储和检索文件︰ https://t.co/DN1FgkBNx9"
-
[ Tools ] List of hacking tools by @ jekil : https://awesomehacking.org/ #33c3
"hacking 工具集(Docker、Forensics、Intelligence、Malware、Penetration Testing、Social Engineering......): https://t.co/wi2PX28cRJ "
-
[ Tools ] 2007-2017 - Hibr2Bin - Windows hibernation file decompressor - is open-source again https://github.com/comaeio/Hibr2Bin ! Happy New Year !
"Windows 休眠文件解压工具: https://t.co/ZwdTFfbfo7 "
-
[ Tools ] IFuzzer : An evolutionary Interpreter fuzzer : https://github.com/vspandan/IFuzzer
"fuzz 工具:IFuzzer: https://t.co/JO2fo8H79o"
-
[ Windows ] Digging Into a Windows Kernel Privilege Escalation Vulnerability: CVE-2016-7255: https://securingtomorrow.mcafee.com/mcafee-labs/digging-windows-kernel-privilege-escalation-vulnerability-cve-2016-7255/
"McAfee 对 Windows 内核提权漏洞 CVE-2016-7255 的分析: https://t.co/B6rP7DcVzC"