首页
社区
课程
招聘
[分享]国外最新安全推文整理(第4期)
发表于: 2016-12-18 12:19 4147

[分享]国外最新安全推文整理(第4期)

2016-12-18 12:19
4147
有些可能需要VPN访问,安全性方面自己多留意 

Find/Extract processes, hypervisors (including nested) in memory dumps
https://github.com/ShaneK2/inVtero.net

Slide of NextGen Office Malware
https://github.com/glinares/OfficeMalware

A tool for tracing execution of binaries on Windows
https://github.com/K2/EhTrace

Trident exploit for iOS 9.3.4 iPad3,1
https://github.com/benjamin-42/Trident

An implementation of a generic unpacker based on Intel PIN
https://github.com/PinDemonium/PinDemonium

A repository of LIVE malwares for your own joy and pleasure
https://github.com/ytisf/theZoo

Collection of high value information on specific mobile application penetration testing topics
https://github.com/tanprathan/MobileApp-Pentest-Cheatsheet

Abusing File Processing in Malware Detectors for Fun and Profit
https://www.cs.cornell.edu/~shmat/shmat_oak12av.pdf

ARMv8 Shellcodes from 'A' to 'Z' 
https://arxiv.org/pdf/1608.03415.pdf

Windows 10 Segment Heap Internals
https://www.blackhat.com/docs/us-16/materials/us-16-Yason-Windows-10-Segment-Heap-Internals-wp.pdf

ARTist: The Android Runtime Instrumentation and Security Toolkit
https://arxiv.org/pdf/1607.06619.pdf

An In-Depth Analysis of Disassembly on Full-Scale x86/x64 Binaries
https://syssec.flux.re/papers/sec-2016.pdf

Toy decompiler for x86-64 written in Python
https://yurichev.com/writings/toy_decompiler.pdf

Security Analysis of Encrypted Virtual Machines
https://arxiv.org/pdf/1612.01119v1.pdf

Taking your first steps into 64-bit Windows exploitation
https://labs.mwrinfosecurity.com/assets/BlogFiles/hello-ms08-067-my-old-friend.pdf

X86 Disassembly
https://upload.wikimedia.org/wikipedia/commons/5/53/X86_Disassembly.pdf

Intel XED open sourced
https://intelxed.github.io/

Understanding disassembly of large routines
http://codeplusplus.blogspot.com.mt/2016/12/understanding-larger-disassembly.html

How to create a x86 polymorphic encryption engine in C++
https://www.pelock.com/articles/polymorphic-encryption-algorithms

Tetris heap spraying: spraying the heap on a budget
http://blog.skylined.nl/20161118001.html

An introduction of Use-After-Free detection in binary code by static analysis
http://blog.amossys.fr/intro-to-use-after-free-detection.html

Fldbg, a Pykd script to debug FlashPlayer
https://www.offensive-security.com/vulndev/fldbg-a-pykd-script-to-debug-flashplayer/

Patch Analysis of MS16-063 (JSCRIPT9.DLL)
http://theori.io/research/jscript9_typed_array

GoGoGadget – kernel exploitation helper class
http://blog.rewolf.pl/blog/?p=1739

Chakra JIT CFG Mitigation Bypass
http://theori.io/research/chakra-jit-cfg-bypass

Bypassing UAC on Windows 10 using Disk Cleanup
https://enigma0x3.net/2016/07/22/bypassing-uac-on-windows-10-using-disk-cleanup/

Generic VBA Instrumentation for Microsoft Office Documents
http://blog.joesecurity.org/2016/11/generic-vba-instrumentation-for.html

One Bit To Rule A System: Analyzing CVE-2016-7255 Exploit In The Wild
http://blog.trendmicro.com/trendlabs-security-intelligence/one-bit-rule-system-analyzing-cve-2016-7255-exploit-wild/

Writing a Hypervisor for Kernel Mode Code Analysis and Fun
http://standa-note.blogspot.com/2015/08/writing-hypervisor-for-kernel-mode-code.html

Simple userland rootkit – a case study
https://blog.malwarebytes.com/threat-analysis/2016/12/simple-userland-rootkit-a-case-study/

Shamoon 2.0 Malware Analysis
http://codeandsec.com/Sophisticated-CyberWeapon-Shamoon-2-Malware-Analysis

Analysis of FlokiBot, Zeus-based banking trojan
https://www.arbornetworks.com/blog/asert/flokibot-flock-bots/

Best IDA Plugins
https://n0where.net/best-ida-plugins/

Analysis of multiple vulnerabilities in AirDroid
https://blog.zimperium.com/analysis-of-multiple-vulnerabilities-in-airdroid/

Using Android's ashmem to escalate privileges from any context
https://googleprojectzero.blogspot.com/2016/12/bitunmap-attacking-android-ashmem.html

Announcing OSS-Fuzz: Continuous fuzzing for open source software
https://opensource.googleblog.com/2016/12/announcing-oss-fuzz-continuous-fuzzing.html

Using PLCs as a payload/shellcode distribution system
http://www.shelliscoming.com/2016/12/modbus-stager-using-plcs-as.html

Neutralize ME firmware on SandyBridge and IvyBridge platforms
http://hardenedlinux.org/firmware/2016/11/17/neutralize_ME_firmware_on_sandybridge_and_ivybridge.html

Digging Through the Firmware
http://jcjc-dev.com/2016/12/14/reversing-huawei-5-reversing-firmware/

Overview of MAC Algorithms, Fuzzing TLS and Finally Exploiting CVE-2016-7054
https://www.silverf0x00.com/overview-of-mac-algorithms-fuzzing-tls-and-finally-exploiting-cve-2016-7054-part-1/

Microsoft Windows "LoadUvsTable()" Heap-based Buffer Overflow Vulnerability
http://blogs.flexerasoftware.com/secunia-research/2016/12/microsoft_windows_loaduvstable_heap_based_buffer_overflow_vulnerability.html

Microsoft Word OneTableDocumentStream Underflow
http://srcincite.io/blog/2016/12/13/word-up-microsoft-word-onetabledocumentstream-underflow.html

CVE-2016-7259: An empty file into the blue
http://blog.quarkslab.com/cve-2016-7259-an-empty-file-into-the-blue.html

[注意]传递专业知识、拓宽行业人脉——看雪讲师团队等你加入!

收藏
免费 0
支持
分享
最新回复 (4)
雪    币: 1746
活跃值: (227)
能力值: ( LV9,RANK:210 )
在线值:
发帖
回帖
粉丝
2
支持一下,有翻译过就更好了。
2016-12-18 20:54
0
雪    币: 26
活跃值: (10)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
3
makr
2016-12-19 12:41
0
雪    币: 226
活跃值: (15)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
4
支持一下
2016-12-22 01:36
0
雪    币: 5
活跃值: (1131)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
5
mark
2016-12-22 07:05
0
游客
登录 | 注册 方可回帖
返回
//