每日安全动态推送(01-26)

  • A+
所属分类:安全新闻
Tencent Security Xuanwu Lab Daily News


• Requirements:
https://github.com/knqyf263/dnspooq

   ・ dnspooq 缓存污染漏洞 Exploit(CVE-2020-25686, CVE-2020-25684, CVE-2020-25685) – Jett


• Android Pentest: Deep Link Exploitation:
https://www.hackingarticles.in/android-pentest-deep-link-exploitation/

   ・ Android Pentest: Deep Link Exploitation – Jett


• VisualDoor: SonicWall SSL-VPN Exploit – Darren Martyn:
https://darrenmartyn.ie/2021/01/24/visualdoor-sonicwall-ssl-vpn-exploit/

   ・ VisualDoor: SonicWall SSL-VPN Exploit  – Jett


• New campaign targeting security researchers:
https://blog.google/threat-analysis-group/new-campaign-targeting-security-researchers/

   ・ Google 发 Blog:朝鲜黑客在 Twitter 通过伪装账户社工安全研究员 – Jett


• GitHub - S1ckB0y1337/Cobalt-Strike-CheatSheet: Some notes and examples for cobalt strike's functionality:
https://github.com/S1ckB0y1337/Cobalt-Strike-CheatSheet

   ・ Cobalt-Strike 相关的一些工具以及使用 Tips – Jett


• Creating Security Decision Trees With Graphviz | Kelly Shortridge:
https://swagitda.com/blog/posts/security-decision-trees-with-graphviz/

   ・ Creating Security Decision Trees With Graphviz – Jett


• Catching Debuggers with Section Hashing – Malware and Stuff:
https://malwareandstuff.com/catching-debuggers-with-section-hashing/

   ・ Catching Debuggers with Section Hashing – Jett


• [Tools] ffuf/ffuf:
https://github.com/ffuf/ffuf

   ・ Fast web fuzzer written in Go – Jett


• HackerOne:
https://hackerone.com/reports/1001255

   ・ Windows 版本 NordVPN 消息 Handler RCE 漏洞分析 – Jett


* 查看或搜索历史推送内容请访问:
https://sec.today

* 新浪微博账号:腾讯玄武实验室
https://weibo.com/xuanwulab


本文始发于微信公众号(腾讯玄武实验室):每日安全动态推送(01-26)

发表评论

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen: