点击阅读原文可点击链接
目前可支持win7,恢复WannaCry导致的加密文件,wanakiwi
内存中暴力搜索 WannaCry 勒索软件 RSA 密钥
https://github.com/gentilkiwi/wanakiwi
eternalrocks蠕虫(上周提到过的用了7种nsa的蠕虫)
样本:
https://github.com/stamparm/EternalRocks/find/master?q=
分析
https://www.bleepingcomputer.com/news/security/new-smb-worm-uses-seven-nsa-hacking-tools-wannacry-used-just-two/
https://github.com/stamparm/EternalRocks/
wanacry蠕虫的磁盘恢复工具开源版本
https://github.com/ElevenPaths/Telefonica-WannaCry-FileRestorer-Desktop
用Verizon 的短信内容做xss,DOM XSS 漏洞详情
https://randywestergren.com/xss-sms-hacking-text-messages-verizon-messages/
利用 Windows 系统提供的 RegisterApplicationRestart 应用重启功能,Bypass 沙盒检测环境
http://www.hexacorn.com/blog/2017/05/20/using-registerapplicationrestart-as-a-lame-sandbox-evasion/
Stegano Exploit Kit—一款图片漏洞利用工具包现在使用dh算法来进行CC通信
http://securityaffairs.co/wordpress/59284/malware/stegano-exploit-kit-diffie-hellman.html
通过操作注册表实现 Applocker Bypass
https://www.contextis.com//resources/blog/applocker-bypass-registry-key-manipulation/
漏洞:
CVE-2017-2516:macOS: raw frame pointers in stackshot,泄露内核原始栈指针
https://bugs.chromium.org/p/project-zero/issues/detail?id=1164
CVE-2017-4915: Linux 版本 VMware Workstation 的 Host 进程加载 ALSA 配置文件时存在一个 Root 用户虚拟机逃逸漏洞
https://bugs.chromium.org/p/project-zero/issues/detail?id=1142
安全技术与资源
OWASP 移动安全测试指南
https://github.com/OWASP/owasp-mstg
Android Testing Guide
Platform Overview
Android Security Testing Basics
Testing Data Storage
Testing Cryptography
Testing Authentication and Session Management
Testing Network Communication
Testing Platform Interaction
Testing Code Quality and Build Settings
Tampering and Reverse Engineering on Android
Testing Anti-Reversing Defenses
iOS Testing Guide
Platform Overview
iOS Security Testing Basics
Testing Data Storage
Testing Cryptography
Testing Authentication and Session Management
Testing Network Communication
Testing Platform Interaction
Testing Code Quality and Build Settings
Tampering and Reverse Engineering on iOS
Testing Anti-Reversing Defenses
恶意软件持久化驻留的技巧分析
https://drive.google.com/file/d/0Bzb5kQFOXkiSVEVMTy12dlhJcW8/view
2017补天沙龙成都站
PPT:l3m0n-渗透测试中的那点小事.pptx
muhe-pwn新司机如何快速上路.pptx
https://github.com/SycloverSecurity/papers/tree/master/2017%E8%A1%A5%E5%A4%A9%E6%B2%99%E9%BE%99%E6%88%90%E9%83%BD%E7%AB%99
Netcat 入门指南 nc
http://www.hackingarticles.in/netcat-tutorials-beginner/
pyfiscan:一会本地web应用扫描器
http://pentestit.com/pyfiscan-local-web-application-vulnerability-scanner/
Chrome CDM框架重大缺陷,DRM视频轻易复制。通过一些手段就可以轻松绕过DRM保护机制,从而把视频重新封装为未压缩的MP4等格式文件
http://www.52pojie.cn/thread-609243-1-1.html
利用 NSA 的量子插入(Quantum Insert)攻击实现绕过 IP 的限制
https://diablohorn.com/2017/05/21/quantum-insert-bypassing-ip-restrictions/
marcograss 在 BlackHat Asia 2017 会议的演讲视频 《Remotely Compromising iOS via Wi-Fi and Escaping the Sandbox》
https://www.youtube.com/watch?v=bP5VP7vLLKo
分析spora恶意软件(3月份)
推荐一下这个网站https://blog.malwarebytes.com/
https://blog.malwarebytes.com/threat-analysis/2017/03/spora-ransomware/
2119
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
