每日攻防资讯简报[Jan.11th]

1.发现和利用Chrome漏洞CVE-2020-15999

https://starlabs.sg/blog/2021/01/chrome-1-day-hunting-uncovering-and-exploiting-cve-2020-15999/

1.BsodSurvivor：辅助调试Windows内核驱动程序

https://github.com/ykfre/BsodSurvivor

2.s3viewer：查看可公开访问的亚马逊AWS S3 Bucket

https://github.com/SharonBrizinov/s3viewer

3.tamperchrome：浏览器扩展，拦截和编辑HTTP/HTTPS请求和响应，而无需代理

https://tamper.dev/

https://github.com/google/tamperchrome

4.ruffle：Rust编写的Flash Player仿真器

https://github.com/ruffle-rs/ruffle

https://ruffle.rs/

5.MyJWT：JWT漏洞破解、测试工具

https://github.com/mBouamama/MyJWT

6.Static：用于移动应用程序的软件包分析工具

https://github.com/evilpenguin/Static

7.longtongue：根据目标信息，自定义生成密码、密码列表

https://github.com/edoardottt/longtongue

8.uroboros：一个GNU /Linux监视和概要分析工具，专注于单个进程

https://github.com/evilsocket/uroboros

9.emp3r0r：Linux后渗透工具

https://github.com/jm33-m0/emp3r0r

10.从存储在数据集中的图像文件中解析GeoLocation数据，可以生成CSV文件和HTML Google Maps中的输出

https://github.com/monishmonish/exif-gps-tracer

11.scilla：信息收集工具

https://github.com/edoardottt/scilla

12.LadonGo：开源内网渗透扫描器框架

https://github.com/k8gege/LadonGo

1.针对国防承包商Leonardo SpA的数据泄露操作中使用的恶意软件Fujinama

https://reaqta.com/2021/01/fujinama-analysis-leonardo-spa/

2.TeamTNT僵尸网络，能够窃取DockerAPI登录信息以及AWS凭证

https://webcache.googleusercontent.com/search?q=cache:J9og7yMUdG0J:https://www.trendmicro.com/en_us/research/21/a/malicious-shell-script-steals-aws-docker-credentials.html+&cd=1&hl=it&ct=clnk&gl=it

1.VMProtect脱壳教程

https://www.youtube.com/watch?v=aoa89Khfgr0

2.详细研究MS-NRPC协议（Zerologon），并逐步介绍如何利用它

https://sidb.in/2021/01/06/Zerologon-Paper.html

3.在Microsoft Cloud环境中检测被攻破后的威胁活动

https://us-cert.cisa.gov/ncas/alerts/aa21-008a

4.应用程序级配置文件语义（APLS）是什么，如何工作，如何理解这些定义以及如何被滥用

https://niemand.com.ar/2021/01/08/exploiting-application-level-profile-semantics-apls-from-spring-data-rest/

5.Ruby 2.x-3.x的通用反序列化Gadget

https://devcraft.io/2021/01/07/universal-deserialisation-gadget-for-ruby-2-x-3-x.html

6.讨论Steam登录用户的独特方法，并深入探讨迷人的实现细节

https://owlspace.xyz/cybersec/steam-login/

7.逆向低功率LED闪光灯芯片

http://www.righto.com/2021/01/reverse-engineering-low-power-led.html

8.渗透中Burp的使用：软件漏洞扫描与Retire.js

https://www.hackingarticles.in/burp-suite-for-pentester-software-vulnerability-scanner/

9.Omni HacktheBox Walkthrough

https://www.hackingarticles.in/omni-hackthebox-walkthrough/

10.C&C流量模式：私人笔记

https://marcoramilli.com/2021/01/09/c2-traffic-patterns-personal-notes/

11.Hacking planes indirectly

https://www.pentestpartners.com/security-blog/hacking-planes-indirectly/

12.剖析Apple M1 GPU，Part1

https://rosenzweig.io/blog/asahi-gpu-part-1.html

13.通过BMP图像像素隐藏Payload

https://damonmohammadbagher.github.io/Posts/ebookBypassingAVsByCsharpProgramming/index.htm?page=Chapter%2011%20-%20Part%201.html

14.电子书：使用C# .NET编程实现免杀

https://github.com/DamonMohammadbagher/Videos-BypassingAVsByCSharp

15.恶意代码脱壳私人笔记

https://marcoramilli.com/2020/10/09/how-to-unpack-malware-personal-notes