-
-
[分享]国外最新安全推文整理(第5期)
-
发表于: 2017-1-7 13:20
-
Project Wycheproof tests crypto libraries against known attacks
https://github.com/google/wycheproof
FRAPL is a reverse engineering framework created to simplify dynamic instrumentation with Frida
https://github.com/FriedAppleTeam/FRAPL
Plasma is an interactive disassembler for x86/ARM/MIPS
https://github.com/plasma-disassembler/plasma
An evolutionary knowledge-based fuzzer
https://github.com/CENSUS/choronzon
Enables users to uncompress Windows hibernation file
https://github.com/comaeio/Hibr2Bin
Microsoft Mitigation Bounty Bypass proof-of-concepts
https://github.com/mxatone/mitigation-bounty
Have fun with the LowFragmentationHeap
https://github.com/saaramar/Deterministic_LFH
An awesome collection of hacking tools
https://github.com/jekil/awesome-hacking
Linux anti-reverse engineering techniques
https://github.com/antire-book/dont_panic
DriveCrypt Dcr.sys vulnerability exploit for bypassing x64 DSE
https://github.com/subTee/DriveCrypt
Intel CPU security features
https://github.com/huku-/research/wiki/Intel-CPU-security-features
Hardware-based buffer overflow defenses compared: SSM/ADI vs MPX
https://lazytyped.blogspot.it/2016/12/hardware-buffer-overflow-defenses.html
A Survey of Symbolic Execution Techniques
https://arxiv.org/pdf/1610.00502v1.pdf
An Evil Copy: How the Loader Betrays You
https://nebelwelt.net/publications/files/17NDSS.pdf
DieHarder: Securing the Heap
https://people.cs.umass.edu/~emery/pubs/ccs03-novark.pdf
Learning from Simulated and Unsupervised Images through Adversarial Training
https://arxiv.org/pdf/1612.07828v1.pdf
ZeroNights 2016 Slides
https://2016.zeronights.org/conference-materials/presentations/
HITCON Pacific 2016 Slides
http://hitcon.org/2016/pacific/en/agenda.htm
Basics of Making a Rootkit: From syscall to hook! (Linux)
https://d0hnuts.com/2016/12/21/basics-of-making-a-rootkit-from-syscall-to-hook/
MiKey - A Linux keylogger
http://www.morphick.com/resources/lab-blog/mikey-linux-keylogger
How to Create a Virus Using the Assembly Language
https://cranklin.wordpress.com/2016/12/26/how-to-create-a-virus-using-the-assembly-language
Writing a Tiny x86 Bootloader
http://joebergeron.io/posts/post_two.html
Kernel 201 - Let's write a Kernel with keyboard and screen support
http://arjunsreedharan.org/post/99370248137/kernel-201-lets-write-a-kernel-with-keyboard
A practical guide to writing your own x86 operating system
http://feederio.com/files/book/14827085210811_30667265cfdc32b3f8f4a1305d3eff90.pdf
Mac Malware of 2016
https://objective-see.com/blog/blog_0x16.html
How to analyze simple scam PDFs
https://blog.nviso.be/2016/12/28/pdf-analysis-back-to-basics/
Project FIRST: Share Knowledge, Speed up Analysis
http://blog.talosintel.com/2016/12/project-first-share-knowledge-speed-up.html
A Tourist's Guide to the LLVM Source Code
http://blog.regehr.org/archives/1453
RSA signature test-suite includes tests for BERserk vulns
http://www.intelsecurity.com/advanced-threat-research/berserk.html
Differential fault analysis on whitebox crypto with open source tools
http://blog.quarkslab.com/differential-fault-analysis-on-white-box-aes-implementations.html
Shellcode: A Windows PIC using RSA-2048 key exchange, AES-256, SHA-3
https://modexp.wordpress.com/2016/12/26/windows-pic/
Great summary & examples of Control Flow Guard's current capabilities
https://blog.trailofbits.com/2016/12/27/lets-talk-about-cfi-microsoft-edition/
First Dip Into the Kernel Pool : MS10-058
http://doar-e.github.io/blog/2014/03/11/first-dip-into-the-kernel-pool-ms10-058/
Understanding Pool Corruption Part 3 – Special Pool for Double Frees
https://blogs.msdn.microsoft.com/ntdebugging/2013/12/31/understanding-pool-corruption-part-3-special-pool-for-double-frees/
Exploiting MS16-098 RGNOBJ Integer Overflow on Windows 8.1 x64 bit by abusing GDI objects
https://sensepost.com/blog/2017/exploiting-ms16-098-rgnobj-integer-overflow-on-windows-8.1-x64-bit-by-abusing-gdi-objects/
MSIE 11 MSHTML CSpliceTreeEngine::RemoveSplice use-after-free
http://blog.skylined.nl/20161220001.html
In Flight Hacking System
http://blog.ioactive.com/2016/12/in-flight-hacking-system.html
Die photos of the vintage Intel 8008 microprocessor, ancestor of the processor you're probably using now
http://www.righto.com/2016/12/die-photos-and-analysis-of_24.html
Slides: How Do I Crack Satellite and Cable Pay TV?
https://fahrplan.events.ccc.de/congress/2016/Fahrplan/system/event_attachments/attachments/000/003/101/original/33C3_-_How_Do_I_Crack_Satellite_and_Cable_Pay_TV_slides.pdf
JTAG Explained: Why "IoT", Software Security Engineers, and Manufacturers Should Care
http://blog.senr.io/blog/jtag-explained
|
|
|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
