漏洞 Vulnerability
CVE-2019-18660: Linux内核powerpc缺少Spectre-RSB缓解措施
https://lkml.org/lkml/2019/11/27/1599
安全工具 Security Tools
XXE注入Payload List
http://feedproxy.google.com/~r/PentestTools/~3/eAuCIbT3oBk/xml-external-entity-xxe-injection.html
安全资讯 Security Information
attack.mitre.org网站开源
https://github.com/mitre-attack/attack-website
安全研究 Security Research
通过windows API调用检测注入
https://malwareanalysis.co/wp-content/uploads/2019/11/Hunting-Process-Injection-by-Windows-API-Calls.pdf
project zero:grub2-set-bootflag中的漏洞
https://bugs.chromium.org/p/project-zero/issues/detail?id=1955
开发一个Windows Reverse TCP Shellcode
https://0x00sec.org/t/developing-a-custom-windows-reverse-tcp-stager-shellcode/17731/1
Apache solr 命令执行(Velocity模版注入)分析
https://cert.360.cn/report/detail?id=6125d7f75170c309de1ffdde11f86355
恶意软件 Malware
微软跟踪了一年的攻击活动
https://www.microsoft.com/security/blog/2019/11/26/insights-from-one-year-of-tracking-a-polymorphic-threat/
版权声明
本站原创文章转载请注明文章出处及链接,谢谢合作!
评论