首页 >> 网络安全 >>网络周态 >> 每日安全动态推送(12-24)
详细内容

每日安全动态推送(12-24)

时间:2020-12-25        阅读

Tencent Security Xuanwu Lab Daily News


• Resources:
https://github.com/ze0r/cve-2020-17057//

   ・ Windows Win32k CVE-2020-17057 漏洞 PoC  – Jett


• Table of Contents:
https://github.com/ClementTsang/bottom

   ・ bottom - 一款跨平台的系统资源监控工具 – Jett


• Fault Oriented Debugging:
https://calabi-yau.space/blog/triple-fault-debugging.html

   ・ Fault Oriented Debugging – Jett


• Make Memcpy Safe Again: CodeQL:
https://www.cyberark.com/resources/threat-research-blog/make-memcpy-safe-again-codeql

   ・ Make Memcpy Safe Again: CodeQL – Jett


• 2096 - Windows: splWOW64 Elevation of Privilege - project-zero:
https://bugs.chromium.org/p/project-zero/issues/detail?id=2096

   ・ Windows splWOW64 本地提权漏洞,由于超过 90 天未修复,Project Zero 已公开漏洞细节 – Jett


• GitHub - PaloAltoNetworks/research-notes:
https://github.com/PaloAltoNetworks/research-notes

   ・ Palo Alto 安全团队的公开 Papers 与会议 PPT – Jett


• Finding Software Bugs Using Symbolic Execution:
https://sasnauskas.eu/finding-software-bugs-using-symbolic-execution/

   ・ 利用 KLEE 符号执行引擎挖掘软件漏洞 – Jett


• [PDF] https://securephones.io/main.pdf:
https://securephones.io/main.pdf

   ・ 手机设备的数据安全现状分析报告 paper – Jett


• Extending the Exploration and Analysis of Windows RPC Methods Calling other Functions with Ghidra…:
https://medium.com/threat-hunters-forge/extending-the-exploration-and-analysis-of-windows-rpc-methods-calling-other-functions-with-ghidra-e4cdaa9555bd

   ・ 利用数据分析与展示的方法研究 Windows RPC 的安全性 – Jett


ots网络logo

OTS网络安全门户主要提供网络信息安全教程、文章、工具,让更多的小伙伴加入我们的社区一起学习。

技术支持: 建站ABC | 管理登录