首页
社区
课程
招聘
[分享]国外最新安全推文整理(第12期)
发表于: 2017-7-2 10:30 7510

[分享]国外最新安全推文整理(第12期)

2017-7-2 10:30
7510

有些可能需要VPN访问,安全性方面自己多留意:P


Code Coverage Explorer for IDA Pro

https://github.com/gaasedelen/lighthouse


RECon 2017 IDA skin & color scheme

https://github.com/tmr232/RECon2017


Pocs for Antivirus Software's Kernel Vulnerabilities

https://github.com/bee13oy/AV_Kernel_Vulns


A virtualization based agentless black-box binary analysis system

https://github.com/tklengyel/drakvuf


History of symbolic execution

https://github.com/enzet/symbolic-execution


Telecom Signaling Exploitation Framework

https://github.com/SigPloiter/SigPloit


USB armory: open source flash-drive-sized computer

https://github.com/inversepath/usbarmory


REcon MTL 2017 Schedule

https://recon.cx/2017/montreal/schedule/


DEFCON 25 Abstract

https://www.defcon.org/html/defcon-25/dc-25-speakers.html


Bochspwn Reloaded: Detecting Kernel Memory Disclosure with x86 Emulation and Taint Tracking

http://j00ru.vexillium.org/?p=3295


NTFS: Forensics, malwares and vulnerabilities

https://drive.google.com/file/d/0B3P18M-shbwrM1E2V24tTVFUU3M/view


Deobfuscation of VM based software protection

http://shell-storm.org/talks/SSTIC2017_Deobfuscation_of_VM_based_software_protection.pdf


Moniker Magic: Running Scripts Directly in Microsoft Office

https://sites.google.com/site/zerodayresearch/Moniker_Magic_final.pdf


Universally Bypassing CFG Through Mutability Abuse

http://alex-ionescu.com/publications/euskalhack/euskalhack2017-cfg.pdf


GhostHook – Bypassing PatchGuard with Processor Trace Based Hooking

https://www.cyberark.com/threat-research-blog/ghosthook-bypassing-patchguard-processor-trace-based-hooking/


An Inside Look at CVE-2017-0199 – HTA and Scriptlet File Handler Vulnerability

http://blog.fortinet.com/2017/06/04/an-inside-look-at-cve-2017-0199-hta-and-scriptlet-file-handler-vulnerability


From crash to exploit - The story of CVE-2015-6086

http://payatu.com/from-crash-to-exploit/


Eternal Champion Exploit Analysis

https://blogs.technet.microsoft.com/srd/2017/06/29/eternal-champion-exploit-analysis/


PLATINUM continues to evolve, find ways to maintain invisibility

https://blogs.technet.microsoft.com/mmpc/2017/06/07/platinum-continues-to-evolve-find-ways-to-maintain-invisibility/


A look at Longhorn Trojan and Black Lambert spying backdoor

http://adelmas.com/blog/longhorn.php


EternalPetya, another stolen piece in the package

https://blog.malwarebytes.com/threat-analysis/2017/06/eternalpetya-yet-another-stolen-piece-package/


Unpack Locky "Osiris" Ransomware

http://www.vkremez.com/2017/06/lets-learn-how-to-unpack-locky-osiris.html


Reflective DLL Injection Using SetThreadContext() and NtContinue()

https://zerosum0x0.blogspot.com/2017/07/threadcontinue-reflective-injection.html


Hunting In Memory

https://www.endgame.com/blog/technical-blog/hunting-memory


Sandbox Best Practices Cheat Sheet

http://unprotect.tdgt.org/images/2/23/Sandbox-Cheatsheet-1.1.pdf


An informative guide on using AFL and libFuzzer

http://labsblog.f-secure.com/2017/06/22/super-awesome-fuzzing-part-one/


Kernel driver unpacking

http://x64dbg.com/blog/2017/06/08/kernel-driver-unpacking.html


Google CTF Writeup Food.apk static+dynamic analysis

http://pwning.re/2017/06/25/google-ctf-food/


IDA series, part 1: the Hex-Rays decompiler

https://qmemcpy.github.io/post/ida-series-1-hex-rays


Cryptography, Slides

https://2017.pqcrypto.org/school/schedule.html


ReactOS 0.4.5 Released

https://reactos.org/project-news/reactos-045-released


Some Qemu images to play with

https://blahcat.github.io/2017/06/25/qemu-images-to-play-with/


Hardware is the new software

https://www.sigops.org/hotos/hotos17/papers/hotos17-final78.pdf


DeepDriving: Learning Affordance for Direct Perception in Autonomous Driving

http://deepdriving.cs.princeton.edu/


Firmware Analysis for IoT Devices

https://www.peerlyst.com/posts/firmware-analysis-for-iot-devices-aditya-gupta


Hacking the Virgin Media Super Hub

https://www.contextis.com/resources/blog/hacking-virgin-media-super-hub/



[注意]传递专业知识、拓宽行业人脉——看雪讲师团队等你加入!

收藏
免费 1
支持
分享
最新回复 (3)
雪    币: 58
活跃值: (1130)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
2
支持。
2017-8-4 21:18
0
雪    币: 249
活跃值: (11)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
3
good
2017-9-24 10:44
0
雪    币: 6112
活跃值: (1212)
能力值: (RANK:30 )
在线值:
发帖
回帖
粉丝
4
感谢分享!
2017-9-25 09:53
0
游客
登录 | 注册 方可回帖
返回
//