-
-
[分享]国外最新安全推文整理(第4期)
-
发表于: 2016-12-18 12:19
-
Find/Extract processes, hypervisors (including nested) in memory dumps
https://github.com/ShaneK2/inVtero.net
Slide of NextGen Office Malware
https://github.com/glinares/OfficeMalware
A tool for tracing execution of binaries on Windows
https://github.com/K2/EhTrace
Trident exploit for iOS 9.3.4 iPad3,1
https://github.com/benjamin-42/Trident
An implementation of a generic unpacker based on Intel PIN
https://github.com/PinDemonium/PinDemonium
A repository of LIVE malwares for your own joy and pleasure
https://github.com/ytisf/theZoo
Collection of high value information on specific mobile application penetration testing topics
https://github.com/tanprathan/MobileApp-Pentest-Cheatsheet
Abusing File Processing in Malware Detectors for Fun and Profit
https://www.cs.cornell.edu/~shmat/shmat_oak12av.pdf
ARMv8 Shellcodes from 'A' to 'Z'
https://arxiv.org/pdf/1608.03415.pdf
Windows 10 Segment Heap Internals
https://www.blackhat.com/docs/us-16/materials/us-16-Yason-Windows-10-Segment-Heap-Internals-wp.pdf
ARTist: The Android Runtime Instrumentation and Security Toolkit
https://arxiv.org/pdf/1607.06619.pdf
An In-Depth Analysis of Disassembly on Full-Scale x86/x64 Binaries
https://syssec.flux.re/papers/sec-2016.pdf
Toy decompiler for x86-64 written in Python
https://yurichev.com/writings/toy_decompiler.pdf
Security Analysis of Encrypted Virtual Machines
https://arxiv.org/pdf/1612.01119v1.pdf
Taking your first steps into 64-bit Windows exploitation
https://labs.mwrinfosecurity.com/assets/BlogFiles/hello-ms08-067-my-old-friend.pdf
X86 Disassembly
https://upload.wikimedia.org/wikipedia/commons/5/53/X86_Disassembly.pdf
Intel XED open sourced
https://intelxed.github.io/
Understanding disassembly of large routines
http://codeplusplus.blogspot.com.mt/2016/12/understanding-larger-disassembly.html
How to create a x86 polymorphic encryption engine in C++
https://www.pelock.com/articles/polymorphic-encryption-algorithms
Tetris heap spraying: spraying the heap on a budget
http://blog.skylined.nl/20161118001.html
An introduction of Use-After-Free detection in binary code by static analysis
http://blog.amossys.fr/intro-to-use-after-free-detection.html
Fldbg, a Pykd script to debug FlashPlayer
https://www.offensive-security.com/vulndev/fldbg-a-pykd-script-to-debug-flashplayer/
Patch Analysis of MS16-063 (JSCRIPT9.DLL)
http://theori.io/research/jscript9_typed_array
GoGoGadget – kernel exploitation helper class
http://blog.rewolf.pl/blog/?p=1739
Chakra JIT CFG Mitigation Bypass
http://theori.io/research/chakra-jit-cfg-bypass
Bypassing UAC on Windows 10 using Disk Cleanup
https://enigma0x3.net/2016/07/22/bypassing-uac-on-windows-10-using-disk-cleanup/
Generic VBA Instrumentation for Microsoft Office Documents
http://blog.joesecurity.org/2016/11/generic-vba-instrumentation-for.html
One Bit To Rule A System: Analyzing CVE-2016-7255 Exploit In The Wild
http://blog.trendmicro.com/trendlabs-security-intelligence/one-bit-rule-system-analyzing-cve-2016-7255-exploit-wild/
Writing a Hypervisor for Kernel Mode Code Analysis and Fun
http://standa-note.blogspot.com/2015/08/writing-hypervisor-for-kernel-mode-code.html
Simple userland rootkit – a case study
https://blog.malwarebytes.com/threat-analysis/2016/12/simple-userland-rootkit-a-case-study/
Shamoon 2.0 Malware Analysis
http://codeandsec.com/Sophisticated-CyberWeapon-Shamoon-2-Malware-Analysis
Analysis of FlokiBot, Zeus-based banking trojan
https://www.arbornetworks.com/blog/asert/flokibot-flock-bots/
Best IDA Plugins
https://n0where.net/best-ida-plugins/
Analysis of multiple vulnerabilities in AirDroid
https://blog.zimperium.com/analysis-of-multiple-vulnerabilities-in-airdroid/
Using Android's ashmem to escalate privileges from any context
https://googleprojectzero.blogspot.com/2016/12/bitunmap-attacking-android-ashmem.html
Announcing OSS-Fuzz: Continuous fuzzing for open source software
https://opensource.googleblog.com/2016/12/announcing-oss-fuzz-continuous-fuzzing.html
Using PLCs as a payload/shellcode distribution system
http://www.shelliscoming.com/2016/12/modbus-stager-using-plcs-as.html
Neutralize ME firmware on SandyBridge and IvyBridge platforms
http://hardenedlinux.org/firmware/2016/11/17/neutralize_ME_firmware_on_sandybridge_and_ivybridge.html
Digging Through the Firmware
http://jcjc-dev.com/2016/12/14/reversing-huawei-5-reversing-firmware/
Overview of MAC Algorithms, Fuzzing TLS and Finally Exploiting CVE-2016-7054
https://www.silverf0x00.com/overview-of-mac-algorithms-fuzzing-tls-and-finally-exploiting-cve-2016-7054-part-1/
Microsoft Windows "LoadUvsTable()" Heap-based Buffer Overflow Vulnerability
http://blogs.flexerasoftware.com/secunia-research/2016/12/microsoft_windows_loaduvstable_heap_based_buffer_overflow_vulnerability.html
Microsoft Word OneTableDocumentStream Underflow
http://srcincite.io/blog/2016/12/13/word-up-microsoft-word-onetabledocumentstream-underflow.html
CVE-2016-7259: An empty file into the blue
http://blog.quarkslab.com/cve-2016-7259-an-empty-file-into-the-blue.html
[注意]传递专业知识、拓宽行业人脉——看雪讲师团队等你加入!
|
|
|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
