首页 >> 网络安全 >>网络周态 >> 每日安全动态推送(07-27)
详细内容

每日安全动态推送(07-27)

时间:2020-07-27     作者:腾讯玄武实验室【转载】   阅读

• In Memory Cobalt Strike Shellcode Beacon decoding to evade AVs:

https://shells.systems/in-memory-shellcode-decoding-to-evade-avs/

   ・ 如何通过内存解码的方式加载CobaltStrike的Beacon马并不被杀软和EDR检测 – Schwarrzz



• [Malware] Zero2Automated Advanced Malware RE Course — Custom Sample Analysis:

https://medium.com/@ReversingMagic/zero2automated-advanced-malware-re-course-custom-sample-analysis-40e14ddca78d

   ・ 定制的高级恶意样本分析教程 – Schwarrzz



• [Tools, Malware] Qiling For Malware Analysis: Part 1:

https://n1ght-w0lf.github.io/tutorials/qiling-for-malware-analysis-part-1/

   ・ 恶意软件分析Qiling:第1部分 – lanying37



• [Malware] Crimson RAT Malware Analysis:

http://malwr-analysis.com/2020/07/24/crimson-rat-malware-analysis/

   ・ Crimson RAT 恶意样本的新技术分析 – Schwarrzz



• [Tools] Asynchronous task processing in Node.js with Bull - LogRocket Blog:

https://blog.logrocket.com/asynchronous-task-processing-in-node-js-with-bull/

   ・ 如何利用Node.js的Bull库处理异步任务 – Schwarrzz



• [macOS, Tools] Frida 12.11 Released:

https://frida.re/news/2020/07/24/frida-12-11-released/

   ・ Frida 12.11 版本发布,新增对 macOS 11 Beta 3 版本的兼容性支持 – Jett



• GraphQL — Common vulnerabilities & how to exploit them:

https://link.medium.com/oiEg6EG6v5

   ・ GraphQL 工具的常见错误配置以及如何被利用 – Jett



• [Virtualization] Hunting for bugs in VirtualBox (First Take):

http://blog.paulch.ru/2020-07-26-hunting-for-bugs-in-virtualbox-first-take.html

   ・ 探索VirtualBox中内部的错误安全问题(优先)。 – lanying37



• InfoSec Handlers Diary Blog:

https://isc.sans.edu/diary/rss/26390

   ・ 如何处理带密码保护的VBA代码 – Schwarrzz



• [Reverse Engineering] How To Sinkhole A Botnet:

https://www.youtube.com/watch?v=FAFuSO9oAl0

   ・ IRC僵尸网络分析-视频教程 – Schwarrzz



• [Android] Android Applications Pentesting:

https://book.hacktricks.xyz/mobile-apps-pentesting/android-app-pentesting

   ・ Android Applications Pentesting – Jett



• [Windows] Seeing (Sig)Red:

https://sensepost.com/blog/2020/seeing-sigred/

   ・ 编写 Suricata 开源 IDS 规则,检测 Windows DNS Server 最近被爆出的 SigRed (CVE-2020-1350) 漏洞 – Jett



• Write up for CVE id CVE-2020-15778.:

https://github.com/cpandya2909/CVE-2020-15778

   ・ OpenSSH 8.3p1 CVE-2020-15778 eval 注入漏洞分析 – Jett

技术支持: 建站ABC | 管理登录