漏洞 Vulnerability
CVE-2019-17026:Firefox JIT漏洞,双星漏洞之一Exp
https://github.com/maxpl0it/CVE-2019-17026-Exploit/
chrome 一个1day的exp,影响版本:<= 83.0.4103.61
https://github.com/r4j0x00/exploits
CVE-2020-8218:Pulse Secure RCE PoC
https://github.com//withdk//pulse-gosecure-rce-poc
恶意软件 Malware
疑似摩诃草组织利用边境争端问题为诱饵针对周边地区的攻击活动分析
https://mp.weixin.qq.com/s/iFM0ZZDrqqWFki3hB5h5_w
QNAP NAS在野漏洞攻击事件
https://blog.netlab.360.com/in-the-wild-qnap-nas-attacks/
对恶意软件Gozi演变的跟踪和分析
https://research.checkpoint.com/2020/gozi-the-malware-with-a-thousand-faces/
安全研究 Security Research
linux Shellcode 注入教程
https://pwn.college/modules/shellcode
物联网安全之MQTT渗透实战
https://www.anquanke.com/post/id/216074
利用Metasploit Loader 64-Bit 生成可以绕过杀毒软件的程序
https://medium.com/securebit/bypassing-av-through-metasploit-loader-64-bit-9abe55e3e0c8
Slack + Zomato,HTTP请求走私导致用户接管
https://www.youtube.com/watch?v=gzM4wWA7RFo&feature=youtu.be
Windows 利用编写相关资源
https://github.com/FULLSHADE/WindowsExploitationResources
使用 CodeQL 分析闭源 Java 程序
https://paper.seebug.org/1324/
Fuzzing Linux kernel (x86) entry code, Part 1 of 3
https://blogs.oracle.com/linux/fuzzing-the-linux-kernel-x86-entry-code%2c-part-1-of-3
一步步用iPhone搭建iOS研究环境
https://www.mac4n6.com/blog/2020/8/23/step-by-step-iphone-setup-for-ios-research-via-bizzybarney
安全工具 Security Tools
Speakeasy:fireeye出品的恶意样本仿真框架
https://www.fireeye.com/blog/threat-research/2020/08/emulation-of-malicious-shellcode-with-speakeasy.html
版权声明
本站原创文章转载请注明文章出处及链接,谢谢合作!
评论