腾讯玄武实验室安全动态推送
Tencent Xuanwu Lab Security Daily News
-
[ Challenges ] Web-CTF-Cheatsheet - CTF Web 方向的 CheatSheet: https://github.com/w181496/Web-CTF-Cheatsheet
-
[ Detect ] 检测 Powershell 以 Base64 编码命令启动的 Sigma 规则: https://github.com/Neo23x0/sigma/blob/master/rules/windows/builtin/win_susp_powershell_hidden_b64_cmd.yml
-
[ Linux ] Linux sudo 命令的滥用: http://touhidshaikh.com/blog/?p=790
-
[ Others ] 量化威胁狩猎: https://www.sans.org/summit-archives/file/summit-archive-1536351477.pdf
-
[ Pentest ] 12 种 OSINT 信息收集技巧: https://blog.appsecco.com/open-source-intelligence-gathering-201-covering-12-additional-techniques-b76417b5a544
-
[ Windows ] Windows 自动化提权脚本介绍: http://www.hackingarticles.in/window-privilege-escalation-via-automated-script/
-
[ MalwareAnalysis ] 利用了Office公式编辑器特殊处理逻辑的最新免杀技术分析(CVE-2017-11882): https://ti.360.net/blog/articles/cve-2017-11882-exploit-kit-sample/