腾讯玄武实验室安全动态推送
Tencent Xuanwu Lab Security Daily News
-
[ Others ] Brilliant writeup about hunting #Bloodhound inside corporate network https://community.hpe.com/t5/Security-Research/Where-s-wald0-Sniffing-out-the-Bloodhound/ba-p/6919030
"HP 这篇 Blog 介绍了一款威胁可视化工具 - Veris’s ATD: https://t.co/R5MqwsLH7T "
-
[ Others ] Detecting deserialization bugs with DNS exfiltration : http://gosecure.net/2017/03/22/detecting-deserialization-bugs-with-dns-exfiltration/
"借助 DNS 解析来检测 Java 反序列化漏洞︰ https://t.co/fDxoU1DBpK"
-
[ Tools ] Ostinato – A Network Traffic Generator and Analyzer : http://ostinato.org/ , Demo : https://youtu.be/On64lQYEFlY https://t.co/GKoycY5EVc
"Ostinato —— 一个网络流量生成与分析工具,同时也提供 Python API 以便自动化网络测试︰ https://t.co/yU1wIaTu6S,Demo︰ https://t.co/1g4aUgyf4Z https://t.co/GKoycY5EVc"
-
[ Tools ] hashview : A web front-end for password cracking and analytics : https://github.com/hashview/hashview ,More : http://www.hashview.io/
"hashview -- hashcat 密码破解的 Web 可视化和管理平台︰ https://t.co/zoay8x3wj7 更多︰ https://t.co/wgLprwVCGq"
-
[ Tools ] Security Patch Analysis for Binaries http://sist.shanghaitech.edu.cn/faculty/songfu/publications/icse17.pdf https://sites.google.com/site/binaryanalysisicse2017/home /cc @ Laughing_Mantis
"SPAIN - 这篇 Paper 介绍了一个针对二进制程序的大规模补丁分析框架: https://t.co/hnnqyBZXf4 "
-
[ Vulnerability ] NCC Group Advisory: D-LINK DIR-850L pre-auth web admin interface stack-based buffer overflow - https://www.nccgroup.trust/uk/our-research/d-link-dir-850l-web-admin-interface-vulnerable-to-stack-based-buffer-overflow/?research=Technical+advisories by @ zlowram_
"D-LINK DIR-850 L Web 管理界面存在栈溢出漏洞: https://t.co/US9IWvjq0g"