cnbird's blog

cnbird's blog

Investigating A Malicious Attachment Without Reversing

http://blog.malwaremustdie.org/2015/04/mmd-0031-2015-what-is-netwire-rat.html https://labs.opendns.com/2015/03/04/investigating-a-malicious-attachme...

2015-05-30 16:14:10

阅读数 1775

评论数 0

Real world examples of malware using DNS for exfiltration and C&C channels

https://www.youtube.com/watch?v=UVYnVELzJk4 使用的工具: dns2tcp dnscat iodine NSTX Ozymandns loopcVPN PsUDP TUNS

2015-05-30 12:45:46

阅读数 1949

评论数 0

Using Machine Learning to Name Malware

http://lqdc.github.io/using-machine-learning-to-name-malware.html

2015-05-30 11:39:52

阅读数 1778

评论数 0

opendns安全研究成果

https://twitter.com/dhialite

2015-05-30 11:39:23

阅读数 1835

评论数 0

malware自动化分析

http://www.mal-content.org/blog/automating-malware-analysis-with-cuckoo-sandbox-part-2-setup https://www.trustwave.com/Resources/SpiderLabs-Blog/Mal...

2015-05-29 18:25:22

阅读数 1827

评论数 0

mahout类似的开源项目

http://www.oschina.net/search?scope=project&q=mahout spark mllab

2015-05-29 18:21:35

阅读数 2302

评论数 0

SX 4th meetup – Hunting Rootkit From the Dark Corners Of Memory

http://securitytrainings.net/hunting-rootkit-dark-corners-memory/

2015-05-27 21:31:34

阅读数 1307

评论数 0

hwclock(8) SUID privilege escalation

Hello, During a recent assessment I have stumbled across a system which had hwclock(8) setuid root hwclock is a part of util-linux, all versions af...

2015-05-27 21:28:13

阅读数 845

评论数 0

RSA Conference 2015 video

https://www.youtube.com/user/RSAConference/playlists

2015-05-27 21:15:21

阅读数 809

评论数 0

apt成熟度模型

【参考:攻击分析模型】 1. 初期规模 1) 意外打开事前知道已感染的文件 2) 数字设备感染 3) 随机发生的浏览器被攻击事件 4) 因使用社交网络SNS而被感染 5) 服务器端遭受攻击 6) 针对性某个公司指定设计的攻击方式 7) 内部的感染事件 8) 利用邮件附件等手段发起...

2015-05-22 21:00:32

阅读数 1482

评论数 0

SANS FOR572 Logstash

http://sourceforge.net/p/sansfor572logstash/wiki/Home/ https://www.elastic.co/ https://www.elastic.co/webinars/introduction-elk-stack

2015-05-21 21:50:19

阅读数 1388

评论数 0

Finding Bad Guys with 35 million Flows, 2 Analysts, 5 Minutes and 0 Dollars

讲解的是NSM http://www.irongeek.com/i.php?page=videos/bsidesknoxville2015/103-finding-bad-guys-with-35-million-flows-2-analysts-5-minutes-and-0-dollars-...

2015-05-21 21:13:13

阅读数 938

评论数 0

Five must-know open source SDN controllers

We've rounded up five open source SDN controllers to get to know. 1. OpenDaylight open-source SDN controller. OpenDaylight announced the release o...

2015-05-21 19:20:07

阅读数 1383

评论数 0

802.11 Network Forensic Analysis

http://www.sans.org/reading-room/whitepapers/wireless/80211-network-forensic-analysis-33023

2015-05-20 22:10:29

阅读数 786

评论数 0

Lessons Learned from Building and Running MHN, the World's Largest Crowdsourced Honeynet

http://www.irongeek.com/i.php?page=videos/bsidessf2015/112-lessons-learned-from-building-and-running-mhn-the-worlds-largest-crowdsourced-honeynet-jas...

2015-05-20 19:26:49

阅读数 840

评论数 0

opendns security blog

https://labs.opendns.com/blog/page/2/

2015-05-20 18:41:32

阅读数 826

评论数 0

rekall内存分析演示

http://memory-analysis.rekall-forensic.com/www/TOC/

2015-05-20 18:38:28

阅读数 1504

评论数 0

Detecting and Defending against PowerShell Shells

http://hackerhurricane.blogspot.com/2015/05/defending-against-powershell-shells.html So much of our industry focuses at Red Team P0wnage.  I read ...

2015-05-20 09:32:32

阅读数 1030

评论数 0

整理的小工具

1. bypass waf https://github.com/CoolerVoid/payloadmask 2.shell静态分析 http://www.digitalmunition.me/2015/05/shellcheck-v0-3-7-shell-script-sta...

2015-05-19 18:54:13

阅读数 1001

评论数 0

New Tool: The PenTesters Framework (PTF) Released

http://www.trustedsec.com/may-2015/new-tool-the-pentesters-framework-ptf-released/ New Tool: The PenTesters Framework (PTF) Released TrustedS...

2015-05-19 18:52:07

阅读数 1226

评论数 0

提示
确定要删除当前文章?
取消 删除
关闭
关闭