每日攻防资讯简报[Feb.7th]

1.Ossf：为行业如何考虑开源代码和具体领域中的漏洞提出的一个框架

https://github.com/ossf

https://openssf.org/

https://opensource.googleblog.com/2021/02/know-prevent-fix-framework-for-shifting-discussion-around-vulnerabilities-in-open-source.html

2.supercookie：使用favicons为网站访问用户分配唯一ID，作为识别网站用户的指纹

https://github.com/jonasstrehle/supercookie

3.rust-windows-shellcode：使用Rust编写Windows Shellcode

https://github.com/b1tg/rust-windows-shellcode

4.GPOZaurr：PowerShell模块，可用于收集有关组策略的信息, 修复可能在其中发现的问题

https://github.com/EvotecIT/GPOZaurr

5.geacon：使用GoLang编写CobaltStrike Beacon

https://github.com/darkr4y/geacon

6.cornershot：从其他主机的多个POV放大网络可见性

https://github.com/zeronetworks/cornershot

1.使用DHCP注入恶意DNS记录

https://www.trustedsec.com/blog/injecting-rogue-dns-records-using-dhcp/

2.一个justCTF挑战：PDF isBroken

https://blog.trailofbits.com/2021/02/02/pdf-is-broken-a-justctf-challenge/

3.为什么安全漏洞在代码审计期间不会被发现? ChromiumOS项目的案例对照研究

http://amiangshu.com/papers/paul-ICSE-2021.pdf

4.讨论对于云原生安全特别重要的Secret管理

https://medium.com/deepfence-cloud-native-security/detecting-secrets-to-reduce-attack-surface-3405ee6329b5

5.Doctor HackTheBox Walkthrough

https://www.hackingarticles.in/doctor-hackthebox-walkthrough/

6.逆向摩托罗拉1976年推出的1位处理器MC14500B

http://www.righto.com/2021/02/a-one-bit-processor-explained-reverse.html

7.使用MacroPack Pro VBA有效负载启动shellcode并绕过杀软

https://blog.sevagas.com/Launch-shellcodes-and-bypass-Antivirus-using-MacroPack-Pro-VBA-payloads

8.Plex的启动过程将启用了PlexUPnP的服务注册响应程序暴露给互联网，可被滥用以产生反射/放大DDoS攻击

https://www.netscout.com/blog/asert/plex-media-ssdp-pmssdp-reflectionamplification-ddos-attack

9.针对不同攻击目标来定制Cobalt Strike Beacon

https://blog.xpnsec.com/tailoring-cobalt-strike-on-target/

10.什么是Stack Canaries，编译器是如何添加的，以及如何绕过

https://www.sans.org/blog/stack-canaries-gingerly-sidestepping-the-cage/

11.攻击Kerberos 101

https://m0chan.github.io/2019/07/31/How-To-Attack-Kerberos-101.html

12.SwagShop HackTheBox Walkthrough

https://www.hackingarticles.in/swagshop-hackthebox-walkthrough/