[技术]
[CTF] Flare-On 5 CTF WriteUp (Part 9)
https://blog.attify.com/flare-on-5-writeup-part9/
[Link] 逆向ESP8266固件
https://boredpentester.com/reversing-esp8266-firmware-part-1/
[Link] 通过端口扫描工具Masscan学习Tcp/Ip
https://blog.erratasec.com/2018/10/masscan-as-lesson-in-tcpip.html
[漏洞]
[Link] Signal桌面App将信息解密key以明文形式存放在磁盘上
https://twitter.com/nathanielrsuchy/status/1054720111330951168
[Link] 研究人员SandboxEscaper发布了利用dssvc.dll实现沙箱逃逸的PoC, 已被多位研究员验证在全补丁的Win10系统下有效
https://twitter.com/SandboxEscaper/status/1054744201244692485
[Link] Heap Feng Shader: 利用Chrome中的SwiftShader
https://googleprojectzero.blogspot.com/2018/10/heap-feng-shader-exploiting-swiftshader.html
[Link] CVE-2018-8414: 负责任的漏洞披露案例研究
https://medium.com/p/ff74c39615ba
[Link] WebExec漏洞技术详解
https://blog.skullsecurity.org/2018/technical-rundown-of-webexec
[Link] CVE-2018-4338: MacOS Broadcom AirPort 驱动信息泄漏漏洞
https://www.zerodayinitiative.com/blog/2018/10/24/cve-2018-4338-triggering-an-information-disclosure-on-macos-through-a-broadcom-airport-kext
[Link] CVE-2018-4282: AppleT8015PPM.kext越界读取漏洞
https://blog.zimperium.com/cve-2018-4282-bounds-read-vulnerability-applet8015ppm-kext/
[恶意软件]
[Link] 勒索软件投递技巧的进化过程
https://blog.checkpoint.com/2018/10/23/ransomware-stopped-working-harder-started-working-smarter-botnets-phishing/
[Link] 针对巴西的恶意软件攻击, 利用Windows内置组件wmic.exe和certutil.exe下载Payload
https://blog.trendmicro.com/trendlabs-security-intelligence/malware-targeting-brazil-uses-legitimate-windows-components-wmi-and-certutil-as-part-of-its-routine/
[Link] 通过SSH爆破传播的新型IoT僵尸网络Chalubo
https://news.sophos.com/en-us/2018/10/22/chalubo-botnet-wants-to-ddos-from-your-server-or-iot-device/
[Link] 恶意软件Magecart使用多个0day
https://gwillem.gitlab.io/2018/10/23/magecart-extension-0days/
[Link] Mac平台恶意软件SearchAwesome, 拦截加密的网络流量并注入广告
https://blog.malwarebytes.com/threat-analysis/2018/10/mac-malware-intercepts-encrypted-web-traffic-for-ad-injection/
[代码/工具]
[Github] goDoH: C&C框架, 利用DNS-over-HTTPS(DoH)传输数据
https://github.com/sensepost/godoh
[介绍]
https://sensepost.com/blog/2018/waiting-for-godoh/
[Github] PESecInfo: 查看DLL文件的某些重要的属性, 并修改, 例如禁用DEP/ASLR
https://github.com/osandamalith/pesecinfo
[介绍]
https://osandamalith.com/2018/10/24/pe-sec-info-a-simple-tool-to-manipulate-aslr-and-dep-flags/
[Github] SharpAttack: C#编写的攻击工具, 功能包括域名枚举、代码执行等
https://github.com/jaredhaight/SharpAttack
[Github] Github-Hunter: 从Github repo中搜索敏感信息
https://github.com/Hell0W0rld0/Github-Hunter
[其他]
[Link] Abandoned Web Applications: Achilles' Heel of FT 500 Companies
https://www.htbridge.com/blog/FT500-application-security.html
[Link] 2018年秋季漏洞利用工具包回顾
https://blog.malwarebytes.com/threat-analysis/2018/10/exploit-kits-fall-2018-review/
