- A+
Tencent Security Xuanwu Lab Daily News
• Persisting in svchost.exe with a Service DLL:
https://www.ired.team/offensive-security/persistence/persisting-in-svchost.exe-with-a-service-dll-servicemain
・ 使用服务DLL文件加载到系统进程svchost.exe中方法。
– lanying37
• GitHub - HenryHoggard/awesome-arm-exploitation: A collection of awesome videos, articles, books and resources about ARM exploitation.:
https://github.com/HenryHoggard/awesome-arm-exploitation
・ Awesome ARM Exploitation
– Jett
• [Web] How I hacked redbus [An online bus-ticketing application]:
https://medium.com/bugbountywriteup/how-i-hacked-redbus-an-online-bus-ticketing-application-24ef5bb083cd?source=rss----7b722bfd1b8d---4
・ How I hacked redbus
– Jett
• [Tools] Creating patched binaries for pentesting purposes:
https://isc.sans.edu/diary/rss/26560
・ 创建修补二进制文件进行渗透测试.
– lanying37
• [Fuzzing, Tools] Microsoft announces new Project OneFuzz framework, an open source developer tool to find and fix bugs at scale:
https://www.microsoft.com/security/blog/2020/09/15/microsoft-onefuzz-framework-open-source-developer-tool-fix-bugs/
・ 微软宣布开源 OneFuzz 框架,帮助开发者在开发测试过程中发现安全漏洞
– Jett
• CVE-2020-16171: Exploiting Acronis Cyber Backup for Fun and Emails:
https://www.rcesecurity.com/2020/09/CVE-2020-16171-Exploiting-Acronis-Cyber-Backup-for-Fun-and-Emails/
・ Acronis Cyber Backup 组件 SSRF 漏洞的利用
– Jett
• IBM Spectrum Protect Plus Security Open to RCE:
https://threatpost.com/ibm-flaws-spectrum-protect-plus/159268/
・ IBM Spectrum Protect Plus 数据存储解决方案产品被发现 RCE 漏洞
– Jett
• Interesting Attack on the EMV Smartcard Payment Standard:
https://www.schneier.com/blog/archives/2020/09/interesting-attack-on-the-emv-smartcard-payment-standard.html
・ 针对EMV智能卡支付标准的有趣测试研究。
– lanying37
• [Mitigation, Windows] GitHub - yardenshafir/MitigationFlagsCliTool:
https://github.com/yardenshafir/MitigationFlagsCliTool
・ Windows 进程 Mitigation 策略枚举工具
– Jett
• GitHub - autoguard/awesome-vehicle-security-and-safety: 🚗 A curated list of resources for learning about vehicle security and safety.:
https://github.com/autoguard/awesome-vehicle-security-and-safety
・ 汽车安全研究方向的 Paper 收集
– Jett
• [Conference] Schedule:
https://llvm.org/devmtg/2020-09/schedule/
・ LLVM 2020 开发者大会的议题列表
– Jett
• [Virtualization] slirp: tftp: restrict relative path access (14ec36e1) · Commits · slirp / libslirp:
https://gitlab.freedesktop.org/slirp/libslirp/commit/14ec36e107a8c9af7d0a80c3571fe39b291ff1d4
・ QEMU slirp 组件路径穿越漏洞补丁
– Jett
• [Tools] Spyre : Simple YARA-Based IOC Scanner:
https://kalilinuxtutorials.com/spyre/
・ Spyre:基于YARA的简单IOC扫描器
– Schwarrzz
• [Exploit] SharpZeroLogon:
https://github.com/nccgroup/nccfsas/tree/main/Tools/SharpZeroLogon
・ NCC Group 为 Zerologon CVE-2020-1472 漏洞编写的 .NET 版本的 Exploit
– Jett
• Announcing REVEN version 2.6:
https://blog.tetrane.com/2020/Announcing-REVEN-Version-2-6.html
・ 提供 Trace 和 Replay 功能的自动化逆向分析框架 REVEN 更新 2.6 版本
– Jett
• [Pentest, Tools] Docker for Pentester: Abusing Docker API:
https://www.hackingarticles.in/docker-for-pentester-abusing-docker-api/
・ Docker for Pentester: Abusing Docker API
– Jett
* 查看或搜索历史推送内容请访问:
https://sec.today
* 新浪微博账号:腾讯玄武实验室
https://weibo.com/xuanwulab