每日安全动态推送(04-01)

  • A+
所属分类:安全新闻
Tencent Security Xuanwu Lab Daily News


• ldsview:
https://github.com/kgoins/ldsview

   ・ ldsview:用于离线检索 LDIF 的工具。 – 土豆豆


• SharpProxyLogon:
https://github.com/Flangvik/SharpProxyLogon

   ・ SharpProxyLogon:C# 实现的 ProxyLogon RCE,用于 Microsoft Exchange Server 的 CVE-2021-26855 的利用。 – 土豆豆


• BitsParser:
https://github.com/fireeye/BitsParser

   ・ FIREEYE 发布一个用于解析 Windows 后台智能传输服务(BITS)的 Python 工具。 – 土豆豆


• HowTo: intercept mutually-authenticated TLS communications of a Java thick client:
https://offsec.almond.consulting/java-tls-intercept.html

   ・ How To intercept mutually-authenticated TLS communications of a Java thick client – autobots


• Update on campaign targeting security researchers:
https://blog.google/threat-analysis-group/update-campaign-targeting-security-researchers/

   ・ Google 发表关于针对安全研究人员攻击的最新活动进展。 – 土豆豆


• on ios binary protections:
https://sensepost.com/blog/2021/on-ios-binary-protections/

   ・ iOS 开源工具 objection ios info binary 输出信息的分析 – autobots


• Yet Another Cobalt Strike Stager: GUID Edition:
https://www.guidepointsecurity.com/yet-another-cobalt-strike-loader-guid-edition/

   ・ 在 Cobalt Strike 工具中,使用 GUID 完成对 shellcode 混淆。 – 土豆豆


• FuzzOS: Writing an ACPI SPCR parser + serial driver:
https://youtu.be/Pw1SiVF7wjU

   ・ FuzzOS:编写ACPI SPCR解析器+串行驱动程序视频。 – lanying37


• [Tools] BC-SECURITY/Starkiller:
https://github.com/BC-SECURITY/Starkiller/releases

   ・ Starkiller:1.7.0 版本发布。基于 Electron 实现的 Powershell Empire 可视化工具。 – 土豆豆


• Setting Up a Kernel Debugging Environment:
https://pwning.systems/posts/setting-up-a-kernel-debugging-environment/

   ・ 如何搭建一个 Linux 内核调试环境。 – 土豆豆


* 查看或搜索历史推送内容请访问:
https://sec.today

* 新浪微博账号:腾讯玄武实验室
https://weibo.com/xuanwulab


本文始发于微信公众号(腾讯玄武实验室):每日安全动态推送(04-01)

发表评论

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen: