30
3月

Tittle: 2018.3.31

0 作者:admin

境外黑客组织'白象'于三月上旬 对我国发起攻击

CVE-2018-7160 - Pwning (NodeJS) Developers

Jailbreaking iOS 11 And All Versions Of iOS 10

Jwt == insecurity?(the security of JSON Web Token. Covers patterns, CVE-2018-0114, example of issues in usage of JOSE libraries)

Open Redirect in Oracle EBS (CVE-2017-3528)

Monitoring macOS, Part I: Monitoring Process Execution via MACF

Monitoring macOS, Part II: Monitoring File System Events and Dylib Loading via MACF

Monitoring macOS, Part III: Monitoring Network Activities Using Socket Filters

using Cobalt Strike’s ExternalC2 interface to create a custom C2 channel

PHP-FPM源码分析

修改安卓源码:Art模式下的通用脱壳方法

越狱 iOS 全局开启 WebView 远程调试

Tweak 全局开启任意 App 的 WebView 调试

Debugging across pipes and sockets with strace

Detect Password Spraying With Windows Event Log Correlation

The purpose of ransomware

How Google sees container security: Infrastructure (RBAC, logging, secrets, networking), Software supply chain (image validation, Grafeas), Runtime (container runtime, PodSecurityPolicy, forensics)

腾讯2017年度传销态势感知白皮书

How I Could Have Promoted Any Facebook Page For Free.

tools A stealthier method of loading a .NET PE in memory - via the Assembly.LoadModule method

tools Invoke-ADLabDeployer - Automated deployment of Windows and Active Directory test lab networks. Useful for red and blue teams.

tools Azure AD lab:a set of Azure Resource Manager Templates that generates an Active Directory lab consisting of a Domain Controller, two Windows servers and a Linux server.

tools TPM Genie is capable of intercepting and modifying all traffic that is sent across the I2C channel between the host machine and a discrete TPM chip.

tools Invoke-BSOD:A PowerShell script to Blue Screen Windows without admin privileges

tools 洞察-宜信集应用系统资产管理、漏洞全生命周期管理、安全知识库管理三位一体的平台


评论


当前没有评论,快来评论吧!





来说点什么吧