【知识】8月21日 - 每日安全知识热点

热点概要：内网主机发现技巧、使用SpiderFoot与SHODAN识别目标操作系统及开放端口、Pentest Cheat Sheets、Kronos恶意软件分析、混淆的Locky勒索软件下载者分析、Xshellghost后门事件分析、CVE-2017-6327: 赛门铁克 <= 10.6.3-2远程代码执行漏洞、NSA无人机袭击目标致数百平民丧生、FBI 警告私营部门停止使用卡巴斯基

国内热词(以下内容部分摘自http://www.solidot.org/ )：

FBI 警告私营部门停止使用卡巴斯基

Chrome 将会对 HTTP Web 表单显示不安全警告

资讯类：

NSA无人机袭击目标致数百平民丧生

http://thehackernews.com/2017/08/nsa-spying-australia.html 

暗网新闻：

Valhalla Market 也被查,初期已有200+用户信息被芬兰海关获取到,目测已经被采取强制措施 

https://www.deepdotweb.com/2017/08/18/valhalla-market-seized-finnish-customs-allegedly-identified-hundreds-valhalla-users/ 

技术类：

使用SpiderFoot与SHODAN识别目标操作系统及开放端口

https://asciinema.org/a/127601 

逆向工程家庭安全系统：解码固件更新

https://markclayton.github.io/reverse-engineering-my-home-security-system-decompiling-firmware-updates.html 

Kronos恶意软件分析（part 1 ）

https://blog.malwarebytes.com/cybercrime/2017/08/inside-kronos-malware/ 

Bug Bounty：如何使用Shodan和Golang扫描多个组织

https://medium.com/@woj_ciech/scan-multiple-organizations-with-shodan-and-golang-bug-bounty-example-d994ba6a9587 

udp2raw tunnel:通过raw socket给UDP包加上TCP或ICMP header，进而绕过UDP屏蔽或QoS，或在UDP不稳定的环境下提升稳定性。可以有效防止在使用kcptun或者finalspeed的情况下udp端口被运营商限速。

https://github.com/wangyu-/udp2raw-tunnel 

Pentest Cheat Sheets

https://github.com/coreb1t/awesome-pentest-cheat-sheets 

混淆的Locky勒索软件下载者分析

http://www.ringzerolabs.com/2017/08/analyzing-several-layers-of-obfuscation.html 

信息收集：内网主机发现技巧

https://mp.weixin.qq.com/s?__biz=MzI5MDQ2NjExOQ==&mid=2247484689&idx=1&sn=67433d76467ed12fcd86981a1b2e32c2&chksm=ec1e3539db69bc2f2f7f9095b2bde41e21096179fcd3cabf20f149b2814c442fc42d78ef5e1e&scene=21#wechat_redirect 

https://mp.weixin.qq.com/s/l-Avt72ajCIo5GdMEwVx7A 

Xshellghost后门事件分析

360追日团队：http://bobao.360.cn/learning/detail/4280.html 

360天眼实验室：http://bobao.360.cn/learning/detail/4278.html 

通过加密Payload实现杀软绕过（C#实现）

https://www.linkedin.com/pulse/bypass-all-anti-viruses-encrypted-payloads-c-damon-mohammadbagher?trk=v-feed 

使用VENOM工具加密payload绕过杀软

https://www.linkedin.com/pulse/bypass-anti-virus-detection-encrypted-payloads-using-venom-james-ceh?trk=v-feed 

cansina：基于Python的目录扫描器

https://github.com/deibit/cansina/ 

dockerscan：docker安全分析工具

https://github.com/cr0hn/dockerscan 

沙盒攻击面分析工具v1.0.9

https://github.com/google/sandbox-attacksurface-analysis-tools/releases/tag/v1.0.9 

CVE-2017-6327: 赛门铁克 <= 10.6.3-2远程代码执行漏洞

http://seclists.org/fulldisclosure/2017/Aug/28 

Scanning Effectively Through a SOCKS Pivot with Nmap and Proxychains

https://cybersyndicates.com/2015/12/nmap-and-proxychains-scanning-through-a-socks-piviot/ 

如何一步一步解码复杂恶意软件

https://blog.sucuri.net/2017/08/malware-decoding-step-step-guide.html?utm_source=Twitter&utm_medium=Social&utm_campaign=Blog&utm_term=EN&utm_content=Malware-Decoding-Step-by-Step 

Secrets and LIE-abilities: The State of Modern Secret Management (2017)

https://medium.com/on-docker/secrets-and-lie-abilities-the-state-of-modern-secret-management-2017-c82ec9136a3d 

Chainspace: A Sharded Smart Contracts Platform

https://www.benthamsgaze.org/2017/08/18/chainspace-a-sharded-smart-contracts-platform/ 

RETGUARD, the OpenBSD next level in exploit mitigation, is about to debut 

http://undeadly.org/cgi?action=article&sid=20170819230157 

CLKSCREW: Exposing the Perils of Security-Oblivious Energy Management

https://www.usenix.org/system/files/conference/usenixsecurity17/sec17-tang.pdf