secwiki weekly (193)

Posted by millikan at 2020-03-30

Safety technology

[tools] burpsuite Pro 1.7.27 Pro cracked version

[document] summary Manual of offline CTF thinking E7% Ba% BF% E4% B8% 8b% E8% B5% 9b% E6% 80% 9D% E8% B7% AF% E6% 80% BB% E7% BB% 93% E6% 89% 8b% E5% 86% 8c.pdf

[data mining] featuretools: open source framework of Automatic Feature Engineering

Http:// From = sec

[web security] XSS filtering bypass quick reference table

[operation and maintenance security] Apache server security configuration

[web security] blackmail software hacker From = sec

[malicious analysis] t-pot 17.10 - Multi honeypot platform reevolution / / mediator / feature / 2017 / 11 / 07 / t-pot-17.10.html

[web security] auxblog CMS 1.0.6 audit record -% E5% AE% A1% E8% AE% A1% E8% AE% B0% E5% BD% 95/

[vulnerability analysis] arm assembly basics cheatsheet v1-1920x1080.png

[vulnerability analysis] advanced methods and thinking for vulnerability mining (part. 1)

[competition] traffic analysis of the third Shanghai university student network security competition writeup

[competition] EIS CTF 2017 web write-up

[other] on CSV injection attack

[Web security] essences webshell research in PHP direction From=sec

[point of view] my infiltrative learning journey Ubiz = mzi5mdq2njexoq = = & mid = 2247485275 & IDX = 1 & Sn = 1f292e69938c5f6b037e06d8e5236764 & chksm = ec1e3773db69be65af3edf8132893053da612c997718c51e24509b4a13831653f9a3dff8aaca3 Rd

[web security] CMS vulnerability detection tool written by Python 3 (including 300poc)

[operation and maintenance security] black mirror investigation: the truth behind the Abyss: report on "the wool industry"

[vulnerability analysis] node.js + Postgres from injection to getshell

[device security] arm Exhibition for IOT – episod 3

[web security] some nmap NSE scripts recommended

[web security] Xiaobai's process of thinking about a simple anti SQL question /% E4% BB% 8e% E4% B8% 80% E9% 81% 93anti SQL% E9% A2% 98% E8% AE% B2% E8% B5% B7/

[equipment safety] geekpwn industrial control CTF writeup

[malicious analysis] NTT security 2017 Threat Intelligence Report interpretation Group ﹐ id = 911984549982990336

[web security] fingerscan: website service identification tool

[operation and maintenance security] system security monitoring DIY: do it yourself osquery agent

[malicious analysis] analysis of the exploitation details of eternalblue tool - g2bjw05xacx16pigszaa

[data mining] domain name association model: let malware self expose

[device security] build an industrial system virtualization test platform

[forensic analysis] kill the BillGates Trojan under Linux

[web security] multiple ways of using Metasploit to penetrate MySQL From = sec

[competition] hitcon2017-writer:

[web security] a PHP rasp implementation

[operation and maintenance security] principle and example of local DNS attack 6520; biz = mzi5mdq2njexoq = = & mid = 2247485308 & IDX = 1 & Sn = 35ef757470ec4057babfb898c5ec5c19 & chksm = ec1e3754db69be42b44976d6841842c7a42afc227d7dcd6c50bdbf4edcda028ae7cf90ada9a9 ʍ Rd

[web security] summary of PHP shell bypass ideas (for beginners still confused about bypass) From = sec

[malicious analysis] fame: malware analysis platform fame

[other] what is counter attack?


[device security] Research on TP-LINK wr941n router

[malicious analysis] implanting backdoor /% E5% 88% A9% E7% 94% a8bdf% E5% 90% 91exe% E6% 96% 87% E4% BB% B6% E6% A4% 8D% E5% 85% a5% E5% 90% 8e% E9% 97% A8/

[web security] php_bugs: PHP code audit section explanation

[mobile security] "blind" reverse: IOS application blind trace

[malicious analysis] DNS persist: remote control communication using DNS protocol

[web security] windows server2012 hide user creation (PowerShell)

[tool] cert-bdf / cortex: powerful observable analysis engine

[mobile security] Android blackmail research - malware one click generator ﹣ of ﹣ mobile ﹣ malware ﹣ factories/

[malicious analysis] scan_kill_php_shell: regular killing for PHP nethorse

[malicious analysis] a CTF question get s a new pose ᥤ biz = mzi5mdq2njexoq = = & mid = 2247485297 & IDX = 1 & Sn = b9d5f80bcd37d1ce0596e1a2c251d9fb & chksm = ec1e3759db69be4f84913826e4b4b4e5d79461061e0f61a4eb8889aa65909e2ab314391d94f87c C ᦇ Rd

[malicious analysis] creating a simple free malware analysis environment | malwaretec

[malicious analysis] Introduction to hive of vault8 series of CIA cyber weapons

[operation and maintenance security] using FreeRADIUS and Django two factor authentication, quickly build a unified authentication platform guide

[malicious analysis] use BDF to plant backdoor /% E5% 88% A9% E7% 94% a8bdf% E5% 90% 91dll% E6% 96% 87% E4% BB% B6% E6% A4% 8D% E5% 85% a5% E5% 90% 8e% E9% 97% A8/

[malicious analysis] software gene extraction tool, principle, implementation and application

[magazine] sec wiki weekly (issue 192)