首页
课程
问答
CTF
社区
招聘
峰会
发现
排行榜
知识库
工具下载
看雪20年
看雪商城
证书查询
登录
注册
首页
社区
课程
招聘
发现
问答
CTF
排行榜
知识库
工具下载
峰会
看雪商城
证书查询
社区
茶余饭后
发新帖
20
0
[分享]国外最新安全推文整理(第0期)
发表于: 2016-9-27 15:05
4160
[分享]国外最新安全推文整理(第0期)
BDomne
5
2016-9-27 15:05
4160
有些可能需要VPN访问,安全性方面自己多留意。小伙伴们就当学英文了,有时间的可以翻译一些,不会的单词多查几遍慢慢会有感觉的。能够聚在这里说明大家身上一定有什么相似的地方,一起努力吧!
RETracer: Triaging Crashes by Reverse Execution from Partial Memory Dumps
http://softsec.kaist.ac.kr/~sangkilc/papers/cui-icse16.pdf
MSI ntiolib.sys/winio.sys local privilege escalation
http://blog.rewolf.pl/blog/?p=1630
Windows 10 has an undocumented certificate pinning feature
http://hexatomium.github.io/2016/09/24/hidden-w10-pins/
An advanced memory forensics framework
https://github.com/volatilityfoundation/volatility
The winners of Hex-Rays Plugin Contest 2016: 1) Ponce, 2) VMAttack, 3) Keypatch. Congrats!!
https://www.hex-rays.com/contests/2016/index.shtml
Platform Security Assessment Framework
https://github.com/chipsec/chipsec
Our technical analysis of Tofsee, modular spam botnet
https://www.cert.pl/en/news/single/tofsee-en/
A Virtual Machine For Assessing Android applications, Reverse Engineering and Malware Analysis
https://github.com/sh4hin/Androl4b
tool to inspect, dump, modify, search and inject libraries into Android processes
https://github.com/evilsocket/androswat
Hex-Rays Decompiler plugin for better code navigation
https://github.com/REhints/HexRaysCodeXplorer
Arybo: cleaning obfuscation by playing with mixed boolean and arithmetic operations
http://blog.quarkslab.com/arybo-cleaning-obfuscation-by-playing-with-mixed-boolean-and-arithmetic-operations.html
Repository of various public white-box cryptographic implementations and their practical attacks
https://github.com/SideChannelMarvels/Deadpool
New paper: Behavioural Detection and Prevention of Malware on OS X
https://www.virusbulletin.com/virusbulletin/2016/september/behavioural-detection-and-prevention-malware-os-x/
Just published my article "Deep-Dive in WoW64" about WoW64 internals and 64b VEH in 32b process.
http://esec-lab.sogeti.com/posts/2016/09/12/deep-dive-wow64.html
Backdooring a DLL (part 4)
http://www.gironsec.com/blog/2016/09/backdooring-a-dll-part-4/
caveats for authenticode code signing
https://blogs.msdn.microsoft.com/ieinternals/2014/09/04/caveats-for-authenticode-code-signing/
Our technical analysis of Necurs, one of the biggest spam botnets in the world
https://www.cert.pl/en/news/single/necurs-hybrid-spam-botnet/
Practical Firmware Reversing and Exploit Development for AVR-based Embedded Devices
http://rada.re/get/avrworkshops2016.pdf
Exploit Two Xen Hypervisor Vulnerabilities
https://drive.google.com/file/d/0B8fYwUY8ZRTtZHVfRWNGbHFiRzA/view?usp=sharing
Want sample of the 'sophisticated OS X backdoor' discovered by Kaspersky? Here ya go!
https://objective-see.com/downloads/malware/Mokes.zip
(pw: infect3d)
First post on our brand new blog: Samsung baseband RE tools release
https://comsecuris.com/blog/posts/shannon
Frida.re based RunPE (and MapViewOfSection) extraction tool
https://github.com/OALabs/frida-extract
Project Zero dropped what is effectively a root/kernel exec bug on most Androids
https://googleprojectzero.blogspot.com/2016/09/return-to-libstagefright-exploiting.html
x64dbg now supports asmjit as a new assembler engine!
https://github.com/asmjit
Database of a complete X86/X64 instruction set
https://github.com/asmjit/asmdb
Multi-Architecture GDB Enhanced Features for Exploiters & Reverse-Engineers
https://github.com/hugsy/gef
Understanding PLT and GOT in dynamic libraries
https://www.technovelty.org/linux/plt-and-got-the-key-to-code-sharing-and-dynamic-libraries.html
I have talked about ,Advanced Exploitation Techniques: Breaking AV-Emulator on XCon2016
http://www.vxjump.net/files/seccon/BAVE_xcon2016.pdf
We are also publishing our intern's Android lib code matching plugin for JEB
https://www.pnfsoftware.com/blog/jeb-library-code-matching-for-android/
RottenPotato local privilege escalation from service account to SYSTEM
https://github.com/foxglovesec/RottenPotato
Bypassing User Account Control (UAC) using TpmInit.exe
https://github.com/Cn33liz/TpmInitUACAnniversaryBypass
Empire is a pure PowerShell post-exploitation agent
https://github.com/adaptivethreat/Empire
A quick analysis of MS16-107 / CVE-2016–3363
https://medium.com/@steventseeley/ms16-107-microsoft-office-excel-eof-record-type-confusion-remote-code-execution-vulnerability-1105d52764ff
Detecting analysts before installing the malware. CVE-2016-3351 Patch bypass and analysis
https://www.brokenbrowser.com/detecting-apps-mimetype-malware/
Bypass-UAC, PowerShell framework for UAC attacks (no injecting dll's into explorer!)
https://github.com/FuzzySecurity/PowerShell-Suite/tree/master/Bypass-UAC
Use CVE-2016-3308 corrupt win32k desktop heap
https://github.com/55-AA/CVE-2016-3308
Analysing and repurposing Spartan's CVE-2015-7645
http://contextis.com/resources/blog/analysing-and-repurposing-spartans-cve-2015-7645/
CVE-2016-0137 / MS-2016-0137
http://blog.ensilo.com/findadetour-the-tool-that-tests-for-vulnerable-microsofts-detours
CVE-2016-3351 was exploited by AdGholas and GooNky Malvertising Groups
https://www.proofpoint.com/us/threat-insight/post/Microsoft-Patches-Zero-Day-Exploited-By-AdGholas-GooNky-Malvertising
LAVA: Large-scale Automated Vulnerability Addition
http://www.ieee-security.org/TC/SP2016/papers/0824a110.pdf
Anti-analysis techniques to weaken author classification accuracy in compiled executables
https://kth.diva-portal.org/smash/get/diva2:927549/FULLTEXT01.pdf
Do #ifdefs Influence the Occurrence of Vulnerabilities? An Empirical Study of the Linux Kernel
http://arxiv.org/pdf/1605.07032.pdf
Android Security Analysis: Final Report
https://www.mitre.org/sites/default/files/publications/pr-16-0202-android-security-analysis-final-report.pdf
Security Analysis and Exploitation of Arduino devices in the Internet of Things
http://www.seg.inf.uc3m.es/~guillermo-suarez-tangil/papers/2016mal-iot.pdf
“Your favorite Memory Toolkit is back !”
https://blog.comae.io/your-favorite-memory-toolkit-is-back-f97072d33d5c
[培训]内核驱动高级班,冲击BAT一流互联网大厂工作,每周日13:00-18:00直播授课
收藏
・
20
免费
・
0
支持
分享
分享到微信
分享到QQ
分享到微博
赞赏记录
参与人
雪币
留言
时间
查看更多
赞赏
×
1 雪花
5 雪花
10 雪花
20 雪花
50 雪花
80 雪花
100 雪花
150 雪花
200 雪花
支付方式:
微信支付
赞赏留言:
快捷留言
感谢分享~
精品文章~
原创内容~
精彩转帖~
助人为乐~
感谢分享~
最新回复
(
7
)
FadeTrack
雪 币:
70
活跃值:
(72)
能力值:
( LV4,RANK:50 )
在线值:
发帖
1
回帖
84
粉丝
1
关注
私信
FadeTrack
1
2
楼
Mark 慢慢看
2016-9-27 15:32
0
空空飞飞
雪 币:
2829
活跃值:
(995)
能力值:
( LV2,RANK:10 )
在线值:
发帖
3
回帖
110
粉丝
4
关注
私信
空空飞飞
3
楼
看起来很高大上,但是看着头大
2016-9-27 15:50
0
BlackTrace
雪 币:
1305
活跃值:
(228)
能力值:
( LV5,RANK:75 )
在线值:
发帖
4
回帖
160
粉丝
0
关注
私信
BlackTrace
5
楼
mark
2016-9-27 18:55
0
我是谁!
雪 币:
115
活跃值:
(23)
能力值:
(RANK:20 )
在线值:
发帖
45
回帖
420
粉丝
1
关注
私信
我是谁!
6
楼
mark
2016-9-27 19:12
0
zjjhszs
雪 币:
6
活跃值:
(1509)
能力值:
( LV2,RANK:10 )
在线值:
发帖
8
回帖
308
粉丝
0
关注
私信
zjjhszs
7
楼
唉,老外的环境就是不一样,这些内容如果到中国就成了大牛的**神器了,连出书源码都不齐全,还在论坛打广告,唉,回头一看看雪出了N年的书源码还在纠错,在这说声惭愧,看雪的正版书还真没买过。。。。。
2016-9-27 20:04
0
QuebecJY
雪 币:
281
活跃值:
(11)
能力值:
( LV2,RANK:10 )
在线值:
发帖
3
回帖
86
粉丝
0
关注
私信
QuebecJY
8
楼
虽然看不懂,但还是mark一下,以后也许就看得懂了
2016-10-28 23:42
0
luskyc
雪 币:
248
活跃值:
(3789)
能力值:
( LV2,RANK:10 )
在线值:
发帖
25
回帖
938
粉丝
11
关注
私信
luskyc
9
楼
路过留个mark
2016-10-28 23:44
0
游客
登录
|
注册
方可回帖
回帖
表情
雪币赚取及消费
高级回复
返回
BDomne
5
53
发帖
157
回帖
270
RANK
关注
私信
他的文章
[推荐]CTF『Pwn』版块精选帖分类索引
54994
[原创]20周年征文 | 那些年,我们一起看雪
5764
[原创]小窥安全研究方向在今后的一些发展趋势
6938
关于我们
联系我们
企业服务
看雪公众号
专注于PC、移动、智能设备安全研究及逆向工程的开发者社区
看原图
赞赏
×
雪币:
+
留言:
快捷留言
为你点赞!
返回
顶部