每日攻防资讯简报[Sept.1th]

1.对一次网络攻击的分析，攻击者从通过RDP登陆到在所有域主机上投递NetWalker勒索软件，共计花费1小时

https://thedfirreport.com/2020/08/31/netwalker-ransomware-in-1-hour/

2.苹果的公证服务无意间公证了伪装成Adobe Flash Player更新的Shlayer恶意软件

https://objective-see.com/blog/blog_0x4E.html

1.rbcd-attack：使用Impacket从外部进行基于Kerberos资源的受限委托攻击

https://github.com/tothi/rbcd-attack

2.Evil_DLL：可以测试各种注入方法的简单的DLL

https://github.com/theflakes/Evil_DLL

1.通过Metasploit加载器实现免杀

https://medium.com/securebit/bypassing-av-through-metasploit-loader-64-bit-9abe55e3e0c8

https://medium.com/securebit/bypassing-av-through-metasploit-loader-32-bit-6d62930151ad

2.开发一个游戏服务器的仿真器

https://krystalgamer.github.io/avengers-emulator/

3.恶意代码开发，Part1：Go中的动态模块加载

https://posts.specterops.io/malware-development-pt-1-dynamic-module-loading-in-go-1121f07f3a5a

4.Web应用程序渗透测试的来龙去脉

https://www.codementor.io/@seanhiggins550/the-ins-and-outs-of-penetration-testing-for-web-apps-19jhhqsexo

5.分析QText锁定的文档和对DOS程序进行逆向的过程

https://pipornithology.dev/2020/08/25/qtext.html

6.Certulitis – one tool that keeps on giving

https://www.hexacorn.com/blog/2020/08/30/certulitis-one-tool-that-keeps-on-giving/

7.DogByte Attack: Playing Red Team for Eth2.0 VDF

https://medium.com/zengo/dogbyte-attack-playing-red-team-for-eth2-0-vdf-ea2b9b2152af

8.谷歌商店核心库中自动发现的持久性代码执行

https://blog.oversecured.com/Oversecured-automatically-discovers-persistent-code-execution-in-the-Google-Play-Core-Library/

9.关于LoRa模块P2P标准的一个教训(或缺乏)

https://davywybiral.blogspot.com/2020/08/a-lesson-in-lora-module-p2p-standards.html

10.针对智能锁的SpiKey攻击：记录来自智能手机的点击，通过识别咔嗒声之间的时间间隔，来识别键脊之间的距离，使用此信息创建几个可能的密钥

https://www.comp.nus.edu.sg/~junhan/papers/SpiKey_HotMobile20_CamReady.pdf