首页 >> 网络安全 >>漏洞预警 >> 每日安全动态推送(08-04)
详细内容

每日安全动态推送(08-04)

时间:2020-08-04     作者:腾讯玄武实验室【转载】   阅读

• [Tools] Mistica - An Open Source Swiss Army Knife For Arbitrary Communication Over Application Protocols:
https://ift.tt/39OCWhl

   ・ 开源的协议封装工具Mistica – Schwarrzz


• [Tools] BlackBerry releases new security tool for reverse-engineering PE files | ZDNet:
https://www.zdnet.com/article/blackberry-releases-new-security-tool-for-reverse-engineering-pe-files/

   ・ BlackBerry发布了用于对PE文件进行逆向的新安全工具PEtree  – Schwarrzz


• Reverse Engineering Starling Bank (Part II): Jailbreak & Debugger Detection, Weaknesses & Mitigations:
https://hot3eed.github.io/2020/08/02/starling_p2_detections_mitigations.html

   ・ 逆向工程Starling Bank(第二部分):越狱和调试器检测,弱点和缓解措施。  – lanying37


• [Pentest] FlutterApp Penetration Testing (Another Way to Bypass SSL Pinning):
https://link.medium.com/e0wN9RbZC8

   ・ 如何通过flutter进行SSL Pinning绕过 – Schwarrzz


• [iOS] sockaddr->sa_len的痛:
https://blog.pangu.io/?p=195

   ・ 盘古对 Ian Beer 发现的 XNU 内核 mptcp 模块 sockaddr 相关漏洞的分析 – Jett


• [Malware] SANS ISC: InfoSec Handlers Diary Blog InfoSec Handlers Diary Blog:
https://isc.sans.edu/diary/26420

   ・ 具有多个C2协议的powershell bot分析 – Schwarrzz


• Blue Team Rust: What is "Memory Safety", really?:
https://tiemoko.com/blog/blue-team-rust/

   ・ 从蓝队角度介绍内存安全 – Schwarrzz


• [Tools] WMCTF 2020 Writeup - CTFするぞ:
https://ptr-yudai.hatenablog.com/entry/2020/08/03/120153

   ・ WMCTF 2020 Writeup – Schwarrzz


• 使用Ghidra P-Code对OLLVM控制流平坦化进行反混淆:
https://galaxylab.com.cn/%e4%bd%bf%e7%94%a8ghidra-p-code%e5%af%b9ollvm%e6%8e%a7%e5%88%b6%e6%b5%81%e5%b9%b3%e5%9d%a6%e5%8c%96%e8%bf%9b%e8%a1%8c%e5%8f%8d%e6%b7%b7%e6%b7%86/

   ・ 使用 Ghidra P-Code 对 OLLVM 控制流平坦化进行反混淆  – Jett


• [Browser] Technical analysis: CVE-2020-15654 and a history of Firefox “Browser Lock” bugs:
https://news.sophos.com/en-us/2020/08/03/technical-analysis-cve-2020-15654-and-a-history-of-firefox-browser-lock-bugs/?cmp=30728

   ・ 浏览器漏洞CVE-2020-15654技术分析 – Schwarrzz


• [Android] Exploiting Android Messengers with WebRTC: Part 1:
https://googleprojectzero.blogspot.com/2020/08/exploiting-android-messengers-part-1.html

   ・ Exploiting Android Messengers with WebRTC: Part 1 – Jett


• Exploiting SKYSEA Activity Monitor:
https://acru3l.github.io/2020/08/03/exploiting-activity-monitor-driver/

   ・ Exploiting SKYSEA Activity Monitor  – Jett


• [Tools, Fuzzing] nautilus-fuzz/nautilus:
https://github.com/nautilus-fuzz/nautilus

   ・ 基于 NDSS 2019 一篇 Paper 实现的一个基于 Grammar、Coverage Guided 的 Fuzzer – Jett


• [Web] InCTF-2020 GoSQLv3 challenge writeup:
https://spyclub.tech/2020/08/02/inctf2020-gosqlv3-challenge-writeup/

   ・ InCTF2020-GoSQLv3 Writeup – Schwarrzz


• [Windows] Critical, Protected, DUT Processes in Windows 10:
https://windows-internals.com/dut-processes-in-windows-10/

   ・ Windows 10 build 20161 版本 EPROCESS 结构体新增了一个 DisallowUserTerminate flag,用于保护进程不被用户强制 Kill – Jett


• [Tools] arieljt/VTCodeSimilarity-YaraGen:
https://github.com/arieljt/VTCodeSimilarity-YaraGen

   ・ 使用VirusTotal代码相似性功能的Yara规则生成器 – Schwarrzz


• [Tools, Windows] Telemetry Sourcerer:
https://github.com/jthuraisamy/TelemetrySourcerer

   ・ 红队开源工具Telemetry Sourcerer可以枚举和禁用Windows上的AV / EDR  – Schwarrzz


• [Android, Reverse Engineering] Android App Reverse Engineering 101:
https://maddiestone.github.io/AndroidAppRE/app_fundamentals.html

   ・ Android App逆向工程101 – lanying37


• MPTCP Integer Overflow Vulnerability:
https://blog.pangu.io/?p=213

   ・ MPTCP整数溢出漏洞概要分析 – Schwarrzz

.
更多

1589982338979126.png


ots网络社区

www.ots-sec.cn

猜你喜欢
更多
联系方式
更多

投稿邮箱:1481840992@qq.com

交流群2群:622534175

ots网络社区3群:1078548359

关注我们
更多
技术支持: 建站ABC | 管理登录