热点概要:MS16-145:Edge浏览器TypedArray.sort UAF漏洞分析(CVE-2016-7288)、WHID:基于WiFi的HID Attacks (人机接口攻击)、PowerShell注入技巧:无盘持久性和绕过技术、利用 Event Viewe(事件查看器)bypass UAC、shodan新推出的用于发现c2服务器的服务、PWN2OWN 2017 Linux 内核提权漏洞分析、Fastjson 远程反序列化程序验证的构造和分析、你的数字签名会被撞破么?安全Hash的攻与防
资讯类:
shodan新推出的用于发现c2服务器和恶意软件的服务
http://thehackernews.com/2017/05/shodan-malware-hunter.html
技术类:
MS16-145:Edge浏览器TypedArray.sort UAF漏洞分析(CVE-2016-7288)
检测网站的header安全的小家脚本
https://github.com/m3liot/shcheck
一个Android 勒索app的PoC,仅供学习使用
https://github.com/alepacheco/AndroRW
terminal emulators' processing of escape sequences
http://www.openwall.com/lists/oss-security/2017/05/01/13
BSidesCharm 2017 Videos
http://www.irongeek.com/i.php?page=videos/bsidescharm2017/mainlist
WHID:基于WiFi的HID Attacks (人机接口攻击)
https://whid-injector.blogspot.lt/2017/04/whid-injector-how-to-bring-hid-attacks.html
Google Chrome列表项标记类型混淆远程执行代码漏洞
http://www.zerodayinitiative.com/advisories/ZDI-17-314/
对基于UDP的DDoS攻击记录的1000天
https://www.repository.cam.ac.uk/bitstream/handle/1810/263925/1000-days-udp%20%281%29.pdf
PowerShell注入技巧:无盘持久性和绕过技术
http://www.binarydefense.com/powershell-injection-diskless-persistence-bypass-techniques/
shodan新推出的用于发现c2服务器的服务
https://malware-hunter.shodan.io/
利用 Event Viewe(事件查看器)bypass UAC
https://pentestlab.blog/2017/05/02/uac-bypass-event-viewer/
twitter XSS + CSP绕过
http://www.paulosyibelo.com/2017/05/twitter-xss-csp-bypass.html
QuickZip V4.60缓冲区溢出漏洞
Java Deserialization Scanner v0.5:新增DNS和CPU检测引擎
https://github.com/federicodotta/Java-Deserialization-Scanner/releases
PWN2OWN 2017 Linux 内核提权漏洞分析
https://zhuanlan.zhihu.com/p/26674557
Fastjson 远程反序列化程序验证的构造和分析
http://blog.nsfocus.net/fastjson-remote-deserialization-program-validation-analysis/
你的数字签名会被撞破么?安全Hash的攻与防