腾讯玄武实验室安全动态推送
Tencent Xuanwu Lab Security Daily News
-
[ Fuzzing ] 通过 BurpSuite 宏自动化 Fuzz Web 应用程序的输入点: http://blog.securelayer7.net/automating-web-apps-input-fuzzing-via-burp-macros/
-
[ Malware ] Fortinet 发现恶意 PowerPoint 文件使用 CVE-2017-0199 漏洞进行利用并加入了绕过 UAC 的功能: http://blog.fortinet.com/2017/09/01/powerpoint-file-armed-with-cve-2017-0199-and-uac-bypass
-
[ ReverseEngineering ] 《Windows for Reverse Engineers》,这篇 Paper 总结了很多 Windows 系统与逆向有关的机制和特性: http://www.cse.tkk.fi/fi/opinnot/T-110.6220/2014_Reverse_Engineering_Malware_AND_Mobile_Platform_Security_AND_Software_Security/luennot-files/T1106220.pdf
-
[ Sandbox ] 利用 Numpy v1.11.0 的整数溢出漏洞实现 Python 沙箱环境的逃逸: https://hackernoon.com/python-sandbox-escape-via-a-memory-corruption-bug-19dde4d5fea5
-
[ Windows ] 监视 Windows 终端活动 Part2: https://www.fireeye.com/blog/threat-research/2017/08/monitoring-windows-console-activity-part-two.html
-
-
-
[ Firmware ] Oracle M7 SPARC 处理器的 ADI (Application Data Integrity) 特性可以用于加固内存分配器: https://lazytyped.blogspot.com/2016/12/hardening-allocators-with-adi.html
-
[ Fuzzing ] 如何为 AFL 选择 Fuzzing 的种子文件: https://medium.com/fuzzstation/fuzz-testing-choosing-a-seed-file-for-afl-fee4a09753c2
-
[ IoTDevice ] Exploiting IoT enabled BLE smart bulb security: http://blog.attify.com/2017/01/17/exploiting-iot-enabled-ble-smart-bulb-security/
-
-
-
-
[ Windows ] Use COM Object hijacking to maintain persistence——Hijack explorer.exe: https://3gstudent.github.io/3gstudent.github.io/Use-COM-Object-hijacking-to-maintain-persistence-Hijack-explorer.exe/
-
[ Windows ] 利用 InstallUtil.exe 绕过应用白名单的文件禁止执行保护: http://subt0x10.blogspot.com/2017/09/banned-file-execution-via.html
-
[ Windows ] Windows 10 大版本更新 Fall Creators Update(RS3) 将于 10 月 17 号正式发布: https://blogs.windows.com/windowsexperience/2017/09/01/create-and-play-this-holiday-with-the-windows-10-fall-creators-update-coming-oct-17/#JIgsXujRUmCRc93t.97