【知识】8月29日 - 每日安全知识热点

http://p6.qhimg.com/t017313015b51e6034e.png

热点概要:WireX DDoS僵尸网络: 大量被黑Android智能设备构成的DDoS之军、Adwind: 一个跨平台的远控工具(RAT)、Sarahah app 泄露用户隐私、安卓DDOS僵尸网络:The WireX Botnet大量android恶意软件样本集、安全相关的优秀演讲集合、Domain Analyzer:自动发现并报告与给定域名相关的信息、Web安全学习资料汇总

资讯类:

WireX DDoS僵尸网络: 大量被黑Android智能设备构成的DDoS之军

http://thehackernews.com/2017/08/android-ddos-botnet.html

Adwind: 一个跨平台的远控工具(RAT)

https://abuse.ch/blog/adwind-a-cross-plattform-rat/

Sarahah app 泄露用户隐私

https://www.bishopfox.com/blog/2017/08/hot-new-anonymous-chat-app-hijacks-millions-contact-data/

http://thehackernews.com/2017/08/sarahah-privacy.html


技术类:

【样本分析】安卓DDOS僵尸网络:The WireX Botnet

http://bobao.360.cn/learning/detail/4323.html

大量android恶意软件样本集

https://github.com/fs0c131y/Android-Malwares

https://github.com/ashishb/android-malware

安全相关的优秀演讲集合

https://github.com/PaulSec/awesome-sec-talks

一款android app的通用脱壳工具

https://github.com/CheckPointSW/android_unpacker

【视频】Black Hat USA 2017上的PowerShell混淆检测技术分享

https://www.youtube.com/watch?v=x97ejtv56xw

Schools Alert Management Script – Authentication Bypass

https://www.exploit-db.com/exploits/42578/

Intel ME : 静态分析之道

https://www.troopers.de/downloads/troopers17/TR17_ME11_Static.pdf

Domain Analyzer:自动发现并报告与给定域名相关的信息

https://github.com/eldraco/domain_analyzer

Web安全学习资料汇总

https://github.com/CHYbeta/Web-Security-Learning

UPX – the Ultimate Packer for eXecutables

https://github.com/upx/upx

PowerShell tool that uses WMI to extract saved session information for remote access

https://github.com/fireeye/SessionGopher

Android通用反混淆工具

https://github.com/CalebFenton/simplify

(完)