2月5日安全热点 - ADB.Miner / SandBlast

资讯类

 

ADB.Miner：恶意代码正在利用开放了ADB 接口的安卓设备挖矿

https://www.anquanke.com/post/id/97422

 

恶意软件利用Spectre & Meltdown漏洞进行攻击

https://borncity.com/win/2018/02/04/malware-using-meltdown-and-spectre-attacks-under-develoment-windows-defender-quarantines-poc-tools/

 

SandBlast可以抵御Flash 0 day 漏洞

https://blog.checkpoint.com/2018/02/04/sandblast-protects-flash-zero-day-vulnerability/

 

技术类

脚本和渗透测试工具漫谈

https://howucan.gr/scripts-tools/2833-dorkbot-command-line-tool-to-scan-google-search-results-for-vulnerabilities

https://howucan.gr/scripts-tools/2578-phantom-evasion-python-av-evasion-tool-capable-to-generate-fud-executable-even-with-the-most-common-32-bit-metasploit-payload-exe-elf-dmg-apk

 

Android Hook技术防范漫谈

https://tech.meituan.com/android_anti_hooking.html

 

量化Symantec证书

https://arkadiyt.com/2018/02/04/quantifying-untrusted-symantec-certificates/

 

通过Tor Onion执行远程Shell

Quickpost: Remote Shell On Windows Via Tor Onion Service

 

Getting cozy with exploit development

https://0x00sec.org/t/getting-cozy-with-exploit-development/5311

 

Writeup – BaskinRobins31

https://advancedpersistentjest.com/2018/02/04/writeup-baskinrobins31-codegate/

 

保护Linux服务器的常用方法

https://medium.com/@ageis/common-approaches-to-securing-linux-servers-and-what-runs-on-them-dadcacc5388b

 

关于DCOM的讨论

https://www.cybereason.com/blog/new-lateral-movement-techniques-abuse-dcom-technology

 

Deemon:自动化CSRF安全检测框架

Deemon:自动化CSRF安全检测框架

 

【企业安全】企业安全项目-测试环境内网化

https://mp.weixin.qq.com/s?__biz=MzI3Njk2OTIzOQ==&mid=2247483912&idx=1&sn=4bad6208297bc08d07149cf78d891407&chksm=eb6c2070dc1ba966486f844b87dfaf0803112b6d808ba702ceb3d303127e0675e82ece0316d3#rd

 

Sickle是一个shellcode开发工具，用于加速创建正常运行的shellcode所需的各个步骤

https://github.com/wetw0rk/Sickle

 

APT模拟器

https://github.com/Neo23x0/APTSimulator

 

Kaggle 网站流量预测工具

https://github.com/sjvasquez/web-traffic-forecasting