資安制度:
1.唯品會全方位的信息安全培訓體系 by 唯品會安全
資安趨勢:
1.機器學習對抗性攻擊報告 by 百度安全實驗室
SCADA安全:
1.烏克蘭Ukrenergo斷電事件技術分析與防護方案 by 蘇少博
防禦姿勢:
1.如何讓家用路由器不變成殭屍機器,接收指令進行網路犯罪? by TREND LABS
PT姿勢:
1.GeniXCMS審計之旅 by l3m0n
2.ApachePOI的XXE漏洞本地調試 by sanwenkit
3.Web Application Penetration Testing Local File Inclusion (LFI) Testing Techniques by Aptive
4.Cracking 12 Character & Above Passwords Combo & Hybrid Password Attacks by Netmux
漏洞分析:
1.discourse by joernchen
2.e107 CMS <=2.1.2 權限提升漏洞分析 by 西風微雨
3.Webkit URL by Erling Ellingsen
4.PHPMailer命令執行漏洞(CVE-2016-10033)分析 by 長亭科技
惡意軟體分析:
1.一款惡性Rootkit木馬分析——“狼人殺”木馬潛伏數十萬台電腦 by 騰訊電腦管家
2.En Route with Sednit Part 2: Observing the Comings and Goings by ESET
3.Exposing an AV-Disabling Driver Just in Time for Lunch by Lior Keshet
4.Analyzing a variant of the GM Bot Android malware by Pierluigi Paganini
工具:
1.oxml_xxe - A tool for embedding XXE/XML exploits into different filetypes by BuffaloWill
2.KickThemOut - Kick Devices Off Your Network by Nikolaos Kamarinakis
3.CyberCrowl - Python Web path scanner tool by chamli mohamed
4.DyMerge - A dynamic dictionary merger for successful dictionary based attacks by Nikolaos Kamarinakis
5.The Introductory IoT Hardware Hacking Tool Box by Sam Levin
6.ShellCheck - A static analysis tool for shell scripts by koalaman
沒有留言:
張貼留言