资讯类
Janus漏洞(CVE-2017-13156): 修改安卓app而不影响签名
https://www.anquanke.com/post/id/89979
https://www.guardsquare.com/en/blog/new-android-vulnerability-allows-attackers-modify-apps-without-affecting-their-signatures
PoC:https://github.com/V-E-O/PoC/tree/master/CVE-2017-13156
CVE-2017-15708:Apache Synapse 代码执行漏洞
http://www.openwall.com/lists/oss-security/2017/12/10/4
https://commons.apache.org/proper/commons-collections/security-reports.html
多种流行解释型语言(JavaScript, Perl, PHP, Python, and Ruby)存在严重漏洞
技术类
[漏洞]Android平台漏洞的PoC/EXP集合(含漏洞分析)
https://github.com/ele7enxxh/poc-exp
[教程]什么是壳?以及教你如何用C语言写一个简单的壳
https://0x00sec.org/t/packers-executable-compression-and-data-obfuscation/847
[教程]教你写一个反射型的DLL注入
https://0x00sec.org/t/reflective-dll-injection/3080
[教程]Sysinternals Sysmon活动监控使用指南
https://blogs.technet.microsoft.com/motiba/2017/12/07/sysinternals-sysmon-suspicious-activity-guide/
[Tools] Black Hat官方军火库项目
https://github.com/toolswatch/blackhat-arsenal-tools
[Tools] Bootloader内存损坏漏洞和状态存储漏洞发现工具
https://www.kitploit.com/2017/12/bootstomp-bootloader-vulnerability.html
https://github.com/ucsb-seclab/BootStomp
[Tools]xwaf : 一个python写的waf自动绕过工具,上一个版本是bypass_waf,xwaf相比bypass_waf更智能,可无人干预,自动暴破waf
https://github.com/3xp10it/bypass_waf
[Tools]使用RC4加密流量的基于Powershell的RAT
https://github.com/Mr-Un1k0d3r/ThunderShell
[Tools]检测恶意软件/文件的12,805 个Yara规则集合
https://github.com/SupportIntelligence/Icewater
[Tools]从Credential Manager dump Windows凭据的Powershell脚本
https://github.com/peewpw/Invoke-WCMDump
PS>Import-Module .\Invoke-WCMDump.ps1
PS>Invoke-WCMDump
[Tools]Spinner:不需要主机名验证的半自动化的certificate pinning检测
http://www.cs.bham.ac.uk/~garciaf/publications/spinner.pdf
An analysis of the Warbird virtual-machine protection for the CI!g_pStore
评论