首页 >> 网络安全 >>网络周态 >> 腾讯玄武每日安全动态推送(12-28)
详细内容

腾讯玄武每日安全动态推送(12-28)

时间:2020-12-28     作者:腾讯玄武实验室   阅读

• GitHub - TralahM/blackhat-go: As hackers, we put a premium on function over elegance as time is always scarce. When you need to quickly create a solution to a problem, style concerns come secondary.:
https://github.com/TralahM/blackhat-go

   ・ Go语言黑帽子系列教程资源。 – lanying37


• Examining CVE-2020-27932 on macOS 10.15.7:
https://worthdoingbadly.com/specialreply/

   ・ macOS 10.15.7 CVE-2020-27932 内核越界写漏洞分析 – Jett


• Vulnerable Kext:
https://github.com/ant4g0nist/Vulnerable-Kext

   ・ Vulnerable-Kext - 用于学习 macOS/iOS 驱动漏洞利用的扩展 – Jett


• Detection and Hunting of Golden SAML Attack:
https://www.sygnia.co/golden-saml-advisory

   ・ Detection and Hunting of Golden SAML Attack – Jett


• Antivirus-Artifacts/AntivirusArtifacts2.pdf:
https://github.com/D3VI5H4/Antivirus-Artifacts/blob/main/AntivirusArtifacts2.pdf

   ・ 前段时间推送的 Antivirus Artifacts,作者写了 Part2 – Jett


• Direct Syscalls in Beacon Object Files:
https://outflank.nl/blog/2020/12/26/direct-syscalls-in-beacon-object-files/

   ・ Direct Syscalls in Beacon Object Files – Jett


• Fuzzing with Grammars:
https://www.fuzzingbook.org/html/Grammars.html

   ・ Fuzzing with Grammars – Jett


• A place where all your bugs will be disclosed: Oh, so you have an antivirus… name every bug:
https://halove23.blogspot.com/2020/12/oh-so-you-have-antivirus-nameevery-bug.html

   ・ Avast、McAfee 等杀软的 8 个0Day 漏洞分析 – Jett


• Pentest - Everything SMTP:
https://luemmelsec.github.io/Pentest-Everything-SMTP/

   ・ 针对 SMTP 协议的渗透测试 – Jett


• clairvoyance:
https://github.com/0vercl0k/clairvoyance

   ・ 可视化查看进程内存地址空间的工具 – Jett


• SUNBURST Additional Technical Details:
http://www.fireeye.com/blog/threat-research/2020/12/sunburst-additional-technical-details.html

   ・ FireEye SolarWinds 供应链攻击事件 SUNBURST 后门的细节 – Jett


• Resmack: Part 4: Grammar Mutations · ▖▚▜ ƞäɼľұ.me ▙▚▝:
https://narly.me/posts/resmack-grammar-fuzz-thoughts-4/

   ・ resmack-rust - Feedback-driven Grammar Fuzzing – Jett


• [Tools, Fuzzing] FormatFuzzer:
https://uds-se.github.io/FormatFuzzer/

   ・ FormatFuzzer - 基于模板的二进制文件 Parsing Fuzzer – Jett


• Windows_Kernel_Programming:
https://github.com/XShar/Windows_Kernel_Programming

   ・ Windows内核编程书籍 – lanying37


.
更多

1589982338979126.png


ots网络社区

www.ots-sec.cn

联系方式
更多

投稿邮箱:1481840992@qq.com

交流群2群:622534175

ots网络社区3群:1078548359

关注我们
更多
技术支持: 建站ABC | 管理登录