1.針對人事部的勒索病毒: GoldenEye (黃金眼) ,夾帶 PDF 或 Excel假履歷誘點擊 by TREND LABS
2.Dark•Mobile•Bank跟踪分析報告 by 安天
3.新晉漏洞攻擊套件Sundown Exploit Kits分析 by 亞信安全
4.方程式組織 EQUATION DRUG 平台解析(提綱) ——方程式組織系列分析報告之四 by 安天
硬體安全:
1.Intel debugger interface open to hacking via USB by PT Security
軟體開發安全:
1.SDL-軟件安全設計初窺 by Cryin
PT姿勢:
1.facebook命令執行 by Adrain
漏洞分析:
1.在Python中重構vsFTPd後門漏洞 by zusheng
2.Multiple RCE in ZyXEL / Billion / TrueOnline routers by Pedro Ribeiro
3.Apple (iTunes Notify) - Bypass & Persistent Vulnerability by Benjamin Kunz Mejri
惡意軟體分析:
1.Graftor Variant Leveraging Signed Microsoft Executable by The Cylance Threat Guidance Team
2.CARBANAK GROUP USES GOOGLE FOR MALWARE COMMAND-AND-CONTROL by Nicholas Griffin
基礎概念教學:
1.以擼代碼的形式學習Python by xianhu
學習資源:
1.List of awesome penetration testing resources, tools and other shiny things by KaliTut
工具:
1.哈勃分析系統(HaboMalHunter) - 用於在Linux系統上自動惡意軟件分析和安全性評估 by Tencent
2.commix-系統命令注入自動化測試實例 by Z3r0yu
沒有留言:
張貼留言