首页
社区
课程
招聘
[分享]国外最新安全推文整理(第0期)
发表于: 2016-9-27 15:05 4160

[分享]国外最新安全推文整理(第0期)

2016-9-27 15:05
4160
有些可能需要VPN访问,安全性方面自己多留意。小伙伴们就当学英文了,有时间的可以翻译一些,不会的单词多查几遍慢慢会有感觉的。能够聚在这里说明大家身上一定有什么相似的地方,一起努力吧!

RETracer: Triaging Crashes by Reverse Execution from Partial Memory Dumps
http://softsec.kaist.ac.kr/~sangkilc/papers/cui-icse16.pdf

MSI ntiolib.sys/winio.sys local privilege escalation 
http://blog.rewolf.pl/blog/?p=1630

Windows 10 has an undocumented certificate pinning feature
http://hexatomium.github.io/2016/09/24/hidden-w10-pins/

An advanced memory forensics framework
https://github.com/volatilityfoundation/volatility

The winners of Hex-Rays Plugin Contest 2016: 1) Ponce, 2) VMAttack, 3) Keypatch. Congrats!!
https://www.hex-rays.com/contests/2016/index.shtml

Platform Security Assessment Framework
https://github.com/chipsec/chipsec

Our technical analysis of Tofsee, modular spam botnet
https://www.cert.pl/en/news/single/tofsee-en/

A Virtual Machine For Assessing Android applications, Reverse Engineering and Malware Analysis
https://github.com/sh4hin/Androl4b

tool to inspect, dump, modify, search and inject libraries into Android processes
https://github.com/evilsocket/androswat

Hex-Rays Decompiler plugin for better code navigation
https://github.com/REhints/HexRaysCodeXplorer

Arybo: cleaning obfuscation by playing with mixed boolean and arithmetic operations
http://blog.quarkslab.com/arybo-cleaning-obfuscation-by-playing-with-mixed-boolean-and-arithmetic-operations.html

Repository of various public white-box cryptographic implementations and their practical attacks
https://github.com/SideChannelMarvels/Deadpool

New paper: Behavioural Detection and Prevention of Malware on OS X
https://www.virusbulletin.com/virusbulletin/2016/september/behavioural-detection-and-prevention-malware-os-x/

Just published my article "Deep-Dive in WoW64" about WoW64 internals and 64b VEH in 32b process. 
http://esec-lab.sogeti.com/posts/2016/09/12/deep-dive-wow64.html

Backdooring a DLL (part 4)
http://www.gironsec.com/blog/2016/09/backdooring-a-dll-part-4/

caveats for authenticode code signing
https://blogs.msdn.microsoft.com/ieinternals/2014/09/04/caveats-for-authenticode-code-signing/

Our technical analysis of Necurs, one of the biggest spam botnets in the world
https://www.cert.pl/en/news/single/necurs-hybrid-spam-botnet/

Practical Firmware Reversing and Exploit Development for AVR-based Embedded Devices 
http://rada.re/get/avrworkshops2016.pdf

Exploit Two Xen Hypervisor Vulnerabilities
https://drive.google.com/file/d/0B8fYwUY8ZRTtZHVfRWNGbHFiRzA/view?usp=sharing

Want sample of the 'sophisticated OS X backdoor' discovered by Kaspersky? Here ya go! 
https://objective-see.com/downloads/malware/Mokes.zip (pw: infect3d)

First post on our brand new blog: Samsung baseband RE tools release 
https://comsecuris.com/blog/posts/shannon

Frida.re based RunPE (and MapViewOfSection) extraction tool
https://github.com/OALabs/frida-extract

Project Zero dropped what is effectively a root/kernel exec bug on most Androids 
https://googleprojectzero.blogspot.com/2016/09/return-to-libstagefright-exploiting.html

x64dbg now supports asmjit as a new assembler engine! 
https://github.com/asmjit

Database of a complete X86/X64 instruction set
https://github.com/asmjit/asmdb

Multi-Architecture GDB Enhanced Features for Exploiters & Reverse-Engineers
https://github.com/hugsy/gef

Understanding PLT and GOT in dynamic libraries
https://www.technovelty.org/linux/plt-and-got-the-key-to-code-sharing-and-dynamic-libraries.html

I have talked about ,Advanced Exploitation Techniques: Breaking AV-Emulator on XCon2016 
http://www.vxjump.net/files/seccon/BAVE_xcon2016.pdf

We are also publishing our intern's Android lib code matching plugin for JEB
https://www.pnfsoftware.com/blog/jeb-library-code-matching-for-android/

RottenPotato local privilege escalation from service account to SYSTEM
https://github.com/foxglovesec/RottenPotato

Bypassing User Account Control (UAC) using TpmInit.exe
https://github.com/Cn33liz/TpmInitUACAnniversaryBypass

Empire is a pure PowerShell post-exploitation agent
https://github.com/adaptivethreat/Empire

A quick analysis of MS16-107 / CVE-2016–3363
https://medium.com/@steventseeley/ms16-107-microsoft-office-excel-eof-record-type-confusion-remote-code-execution-vulnerability-1105d52764ff

Detecting analysts before installing the malware. CVE-2016-3351 Patch bypass and analysis
https://www.brokenbrowser.com/detecting-apps-mimetype-malware/

Bypass-UAC, PowerShell framework for UAC attacks (no injecting dll's into explorer!) 
https://github.com/FuzzySecurity/PowerShell-Suite/tree/master/Bypass-UAC

Use CVE-2016-3308 corrupt win32k desktop heap
https://github.com/55-AA/CVE-2016-3308

Analysing and repurposing Spartan's CVE-2015-7645 
http://contextis.com/resources/blog/analysing-and-repurposing-spartans-cve-2015-7645/

CVE-2016-0137 / MS-2016-0137
http://blog.ensilo.com/findadetour-the-tool-that-tests-for-vulnerable-microsofts-detours

CVE-2016-3351 was exploited by AdGholas and GooNky Malvertising Groups 
https://www.proofpoint.com/us/threat-insight/post/Microsoft-Patches-Zero-Day-Exploited-By-AdGholas-GooNky-Malvertising

LAVA: Large-scale Automated Vulnerability Addition 
http://www.ieee-security.org/TC/SP2016/papers/0824a110.pdf

Anti-analysis techniques to weaken author classification accuracy in compiled executables 
https://kth.diva-portal.org/smash/get/diva2:927549/FULLTEXT01.pdf

Do #ifdefs Influence the Occurrence of Vulnerabilities? An Empirical Study of the Linux Kernel 
http://arxiv.org/pdf/1605.07032.pdf

Android Security Analysis: Final Report
https://www.mitre.org/sites/default/files/publications/pr-16-0202-android-security-analysis-final-report.pdf

Security Analysis and Exploitation of Arduino devices in the Internet of Things 
http://www.seg.inf.uc3m.es/~guillermo-suarez-tangil/papers/2016mal-iot.pdf

“Your favorite Memory Toolkit is back !”
https://blog.comae.io/your-favorite-memory-toolkit-is-back-f97072d33d5c

[培训]内核驱动高级班,冲击BAT一流互联网大厂工作,每周日13:00-18:00直播授课

收藏
免费 0
支持
分享
最新回复 (7)
雪    币: 70
活跃值: (72)
能力值: ( LV4,RANK:50 )
在线值:
发帖
回帖
粉丝
2
Mark 慢慢看
2016-9-27 15:32
0
雪    币: 2829
活跃值: (995)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
3
看起来很高大上,但是看着头大
2016-9-27 15:50
0
雪    币: 1305
活跃值: (228)
能力值: ( LV5,RANK:75 )
在线值:
发帖
回帖
粉丝
5
mark
2016-9-27 18:55
0
雪    币: 115
活跃值: (23)
能力值: (RANK:20 )
在线值:
发帖
回帖
粉丝
6
mark
2016-9-27 19:12
0
雪    币: 6
活跃值: (1509)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
7
唉,老外的环境就是不一样,这些内容如果到中国就成了大牛的**神器了,连出书源码都不齐全,还在论坛打广告,唉,回头一看看雪出了N年的书源码还在纠错,在这说声惭愧,看雪的正版书还真没买过。。。。。
2016-9-27 20:04
0
雪    币: 281
活跃值: (11)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
8
虽然看不懂,但还是mark一下,以后也许就看得懂了
2016-10-28 23:42
0
雪    币: 248
活跃值: (3789)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
9
路过留个mark
2016-10-28 23:44
0
游客
登录 | 注册 方可回帖
返回
//