cnbird's blog

cnbird's blog

security ebooks

http://it-ebooks.info/

2014-11-27 20:39:54

阅读数 678

评论数 0

Advanced Log Parser Charts Part 1 - Working With Configuration Scripts

I recently had a situation where I wanted to customize the chart output from Log Parser, and after a bunch of research I eventually arrived at the co...

2014-11-23 18:58:16

阅读数 747

评论数 0

PHP Execute Command Bypass Disable_functions

http://zone.wooyun.org/content/16631

2014-11-18 16:42:01

阅读数 1446

评论数 0

Using Process Monitor to identify possible code injection

In the past, especially learnt from SANS FOR610, I use many tools in performing behavioural analysis of malware. It is good to have all kinds of ...

2014-11-18 12:36:07

阅读数 781

评论数 0

TWC: Malware Hunting with Mark Russinovich and the Sysinternals Tools

http://channel9.msdn.com/Events/TechEd/NorthAmerica/2014/DCIM-B368#fbid=

2014-11-12 09:34:37

阅读数 752

评论数 0

注册表取证

一.注册表查看导出工具 1. a

2014-11-11 22:15:50

阅读数 1253

评论数 0

ProcDOT, a new way of visual malware analysis.

http://www.procdot.com/index.htm

2014-11-11 09:17:46

阅读数 781

评论数 0

Scaling the NetScaler

A few months ago I noticed that Citrix provides virtual appliances to test their applications, I decided to pull down an appliance and take a peek. F...

2014-11-10 20:17:59

阅读数 810

评论数 0

ISAKMP hacking – How much should we trust our tools?

During a VPN testing project we looked a bit deeper into the security vulnerability caused by ISAKMP aggressive mode. To put things simple, the imp...

2014-11-10 14:26:59

阅读数 795

评论数 0

WebLogic undocumented hacking

During an external pentest – what a surprise – I found a WebLogic server with no interesting contents. I searched papers and tutorials about WebLogic...

2014-11-10 14:25:39

阅读数 805

评论数 0

How to get root access on FireEye OS

1. Background A couple of months ago we had the opportunity to take a closer look at a FireEye AX 5400malware analysis appliance. The systems of...

2014-11-10 14:20:06

阅读数 1080

评论数 0

网络设备中限制用户命令交互的逃逸

在实际渗透场景中,有很多网络设备我们拿到了root权限后ssh登陆发现有命令执行限制,这是因为ssh接口提供了一个特殊的受限制的命令外壳程序,类似busybox的感觉,他可以允许root用户对设备进行配置处理,但是不允许进行命令交互,所以相当于我们拿到的只是一个鸡肋的root用户,为了突破这种限制...

2014-11-10 14:18:19

阅读数 785

评论数 0

js 判断是否安装qq msn等

http://lcx.cc/?i=3065 http://www.w3.org/TR/html4/loose.dtd">     New Document                checkInstalled = functio...

2014-11-10 14:17:23

阅读数 2204

评论数 1

Breakout detection in the wild

https://blog.twitter.com/2014/breakout-detection-in-the-wild

2014-11-07 17:31:14

阅读数 727

评论数 0

smarty3: CVE-2014-8350: secure mode bypass

Package: smarty3 Version: All below 3.1.21 Severity: important Smarty secure mode should allow untrusted users to write templates, without allowing ...

2014-11-07 17:20:45

阅读数 936

评论数 0

firmware analysis

binwalk

2014-11-06 12:48:10

阅读数 729

评论数 0

win7 和 win8的电子书

http://blogs.msdn.com/b/mssmallbiz/archive/2014/07/07/largest-collection-of-free-microsoft-ebooks-ever-including-windows-8-1-windows-8-windows-7-offi...

2014-11-05 15:32:57

阅读数 640

评论数 0

Hack turns the Cisco phone on your desk into a remote bugging device

http://arstechnica.com/security/2013/01/hack-turns-the-cisco-phone-on-your-desk-into-a-remote-bugging-device/

2014-11-04 17:57:55

阅读数 701

评论数 0

My Threat Intelligence and Threat Assessment Research Papers Publish

http://blogs.gartner.com/anton-chuvakin/2014/05/15/my-threat-intelligence-and-threat-assessment-research-papers-publish/ by Anton Chuvakin  |  M...

2014-11-03 00:04:02

阅读数 1092

评论数 0

Speaking at Gartner Catalyst Conference 2014

http://blogs.gartner.com/anton-chuvakin/2014/06/12/speaking-at-gartner-catalyst-conference-2014/

2014-11-02 23:33:43

阅读数 747

评论数 0

提示
确定要删除当前文章?
取消 删除