30
10月

Tittle: 2017.10.31

0 作者:admin

VirtualApp技术黑产利用研究报告

IoTroop(a.k.a IoT_Reaper) Botnet: The Full Investigation

Evasive Sage 2.2 Ransomware Variant Targets More Countries

Chrome pdfium Use-After-Free report(CVE-2017-5111)

Windows 10 Creators Update 32-bit execution of ring-0 code from NULL page via NtQuerySystemInformation (class 185, Warbird functionality)

Extracting and decoding malicious macros

Using the DDE Attack with PowerShell Empire

基于异常行为的未知勒索软件检测

A Guide to Attacking Domain Trusts

using machine account passwords during an engagemen(mimikatz&Bloodhound)

Extending BloodHound for Red Teamers

Chrome OS基于EXT4 Encryption的用户数据安全保护机制

Adversarial Machine Learning:Approaches & defences

Radare2 Explorations:This book aims to cover the practical aspects of using the extensive reverse engineering framework, radare2.

SecWiki周刊(2017/10/23-2017/10/29)

Messing with the Google Buganizer System for $15,600 in Bounties

tools deepo: a Docker image containing almost all popular deep learning frameworks

tools kernelpop is a framework for performing automated kernel exploit enumeration on Linux, Mac, and Windows hosts.

tools IFR Extractor LS v0.2:Utility to extract the internal forms representation from both EFI and UEFI drivers/applications into human readable text file.

tools Ropper:display information about files in different file formats and you can find gadgets to build rop chains for different architectures (x86/x86_64, ARM/ARM64, MIPS, PowerPC).

tools suscan:Channel scanner based on sigutils library

tools Office-DDE-Payloads:Collection of scripts and templates to generate Office documents embedded with the DDE, macro-less command execution technique.

tools gocrack:manage password cracking tasks across multiple GPU servers,easy-to-use, web-based UI

tools heads- A minimal Linux that runs as a coreboot ROM payload to provide a secure, flexible boot environment for laptops and servers.

tools VolatilityBot is an automation tool for researchers cuts all the guesswork and manual tasks out of the binary extraction phase, or to help the investigator in the first steps of performing a memory analysis investigation.

tools bgpflowspectool:BGP flowspec (RFC 5575) tool for DDoS mitigation

tools WeReport:渗透报告生成助手


评论


当前没有评论,快来评论吧!





来说点什么吧