首页
社区
课程
招聘
[分享]国外最新安全推文整理(第6期)
发表于: 2017-1-28 11:05 5823

[分享]国外最新安全推文整理(第6期)

2017-1-28 11:05
5823
有些可能需要VPN访问,安全性方面自己多留意:D

PowerShell Obfuscator
https://github.com/danielbohannon/Invoke-Obfuscation

Fancy Bear Source Code
https://github.com/rickey-g/fancybear

List of awesome reverse engineering resources
https://github.com/wtsxDev/reverse-engineering

List of Windows Exploitation resources
https://github.com/enddo/awesome-windows-exploitation

List of really interesting open source projects
https://github.com/lk-geimfari/awesomo

ELF, Mach-O and PE (SVG and PDF available)
https://github.com/corkami/pics

No-meaning Assembly Omitter for IDA pro
https://github.com/tkmru/nao

WOW64Ext is a helper library for x86 programs that runs under WOW64 layer on x64 versions
https://github.com/rwfpl/rewolf-wow64ext

DRAKVUF is a virtualization based agentless black-box binary analysis system
https://github.com/tklengyel/drakvuf

LibVMI is a virtual machine introspection library
https://github.com/libvmi/libvmi

Windows support for Intel Processor Trace
https://github.com/talos-vulndev/WindowsIntelPT

VUzzer: Application-aware Evolutionary Fuzzing
http://www.cs.vu.nl/~giuffrida/papers/vuzzer-ndss-2017.pdf

What Else is Revealed by Order-Revealing Encryption
https://eprint.iacr.org/2016/786.pdf

The JTAG Interface: An Attacker's Perspective
https://optivstorage.blob.core.windows.net/web/file/55e86eae3f04450d9bafcbb3a94559ca/JTAG.Whitepaper.pdf

Intel debugger interface open to hacking via USB
http://blog.ptsecurity.com/2017/01/intel-debugger-interface-open-to.html

Attacking UEFI Runtime Services and Linux
http://blog.frizk.net/2017/01/attacking-uefi-and-linux.html

Set up a Global Descriptor Table in Unicorn-Engine
https://scoding.de/setting-global-descriptor-table-unicorn

Exploiting services and readers that support the ePub book format
https://s1gnalcha0s.github.io/epub/2017/01/25/This-book-reads-you.html

PDF - How to steal PDFs by injecting JavaScript
http://insert-script.blogspot.com/2016/10/pdf-how-to-steal-pdfs-by-injecting.html

Reversing C++ Virtual Functions: Part 2
https://alschwalm.com/blog/static/2017/01/24/reversing-c-virtual-functions-part-2-2/

Part 17: Kernel Exploitation -> GDI Bitmap Abuse (Win7-10 32/64bit)
https://www.fuzzysecurity.com/tutorials/expDev/21.html

Bypassing Control Flow Guard in Windows 10 - Part II
https://improsec.com/blog//bypassing-control-flow-guard-on-windows-10-part-ii

Manual Control Flow Guard in C
http://nullprogram.com/blog/2017/01/21/

5-Level Paging and 5-Level EPT
https://software.intel.com/sites/default/files/managed/2b/80/5-level_paging_white_paper.pdf

Harmful prefetch on Intel
http://blog.ioactive.com/2017/01/harmful-prefetch-on-intel.html

Virtual Memory, Page Tables, and One Bit - CVE-2016-7255
http://ricklarabee.blogspot.com/2017/01/virtual-memory-page-tables-and-one-bit.html

Hardening Windows 10 with zero-day exploit mitigations
https://blogs.technet.microsoft.com/mmpc/2017/01/13/hardening-windows-10-with-zero-day-exploit-mitigations/

Abusing GDI for ring0 exploit primitives
https://www.coresecurity.com/blog/abusing-gdi-for-ring0-exploit-primitives

Windows 10 Anniversary Update "GDI kernel memory addresses disclosure" is back
https://www.coresecurity.com/system/files/publications/2016/10/Abusing-GDI-Reloaded-ekoparty-2016_0.pdf

The Unpatched LSASS Remote Denial of Service (MS16-137)
https://www.coresecurity.com/blog/unpatched-lsass-remote-denial-service-ms16-137

Effective Patch Analysis for Microsoft Updates
http://powerofcommunity.net/poc2016/brian.pdf

WinDbg commands
http://expdev-kiuhnm.rhcloud.com/2015/05/17/windbg/

On the Forensic Trail - Guid Partition Table (GPT)
http://www.invoke-ir.com/2015/06/ontheforensictrail-part3.html

Anti-Debug Protection Techniques: Implementation and Neutralization
https://www.codeproject.com/articles/1090943/anti-debug-protection-techniques-implementation-an

Art of Anti Detection 2 – PE Backdoor Manufacturing
https://pentest.blog/art-of-anti-detection-2-pe-backdoor-manufacturing/

Wingbird rootkit analysis
http://artemonsecurity.blogspot.com/2017/01/wingbird-rootkit-analysis.html

Finfisher rootkit analysis
http://artemonsecurity.blogspot.com/2017/01/finfisher-rootkit-analysis.html

Remote Exploit, Shellcode without Sockets
https://0x00sec.org/t/remote-exploit-shellcode-without-sockets/1440

Practical Android Debugging Via KGDB
http://blog.trendmicro.com/trendlabs-security-intelligence/practical-android-debugging-via-kgdb/

Solving an Android Crackme with a Little Symbolic Execution
http://www.vantagepoint.sg/blog/81-solving-an-android-crackme-with-a-little-symbolic-execution

[招生]科锐逆向工程师培训(2024年11月15日实地,远程教学同时开班, 第51期)

收藏
免费 0
支持
分享
最新回复 (5)
雪    币: 33
活跃值: (14)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
2
pretty helpful. could u share the original RSS link?
感谢分享, 请问可不可以分享下RSS的链接?打算长期订阅关注下
2017-1-28 12:53
0
雪    币: 33
活跃值: (14)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
3
btw, Happy Chinese new year!! 新年快乐
2017-1-28 12:56
0
雪    币: 4230
活跃值: (1435)
能力值: (RANK:270 )
在线值:
发帖
回帖
粉丝
4
内容整理自关注的twitter,觉得有用就记录下来了。
2017-1-28 13:52
0
雪    币: 33
活跃值: (14)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
5
有心人啊,赞一个。
如果有RSS就更好了。
2017-1-28 14:49
0
雪    币: 58
活跃值: (1130)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
6
BDomne 内容整理自关注的twitter,觉得有用就记录下来了。
不错
2018-1-15 21:25
0
游客
登录 | 注册 方可回帖
返回
//