看雪论坛
发新帖
4

[分享]国外最新安全推文整理(第13期)

BDomne 2017-8-6 18:23 2047

有些可能需要VPN访问,安全性方面自己多留意:P


The x86 processor fuzzer

https://github.com/xoreaxeaxeax/sandsifter


A New Paradigm For Full System Analysis

https://github.com/fireeye/rvmi


Detecting Host-Based Code Injection Attacks in Memory Dumps

https://github.com/tbarabosch/quincy


A Free and Open Source program diffing tool

https://github.com/joxeankoret/diaphora


A .NET Class Library for processing ShellLink (LNK) files

https://github.com/securifybv/ShellLink


A categorized list of C++ resources

https://github.com/MattPD/cpplinks


Security Research from the Microsoft Security Response Center

https://github.com/Microsoft/MSRC-Security-Research


Hitch a free ride to Ring 0 on Windows

https://github.com/zerosum0x0/puppetstrings


IRPMon: An improved version of IrpTracker

https://github.com/MartinDrab/IRPMon


REcon Montreal 2017 slides

https://recon.cx/2017/montreal/slides/


DEFCON 25 slides

https://media.defcon.org/DEF%20CON%2025/DEF%20CON%2025%20presentations/


Abusing GDI Objects for ring0 Primitives Revolution

https://sensepost.com/blog/2017/abusing-gdi-objects-for-ring0-primitives-revolution/


Data Only Attacks Are Still Alive

https://improsec.com/blog//data-only-attacks-are-still-alive


EnglishmansDentist Exploit Analysis

https://blogs.technet.microsoft.com/srd/2017/07/20/englishmansdentist-exploit-analysis/


Firefox DEP and ASLR Bypass Using JIT-Spray

https://rh0dev.github.io/blog/2017/the-return-of-the-jit/


CVE-2017-0190: WMF Flaws Can Lead to Data Theft, Code Execution

https://securingtomorrow.mcafee.com/mcafee-labs/analyzing-cve-2017-0190-wmf-flaws-can-lead-data-theft-code-execution/


Analyzing a Patch of a Virtual Machine Escape on VMware

https://securingtomorrow.mcafee.com/mcafee-labs/analyzing-patch-of-a-virtual-machine-escape-on-vmware/


Pythonizing the VMware Backdoor

https://www.zerodayinitiative.com/blog/2017/8/1/pythonizing-the-vmware-backdoor


CVE-2017-8570: "Bypassing" Microsoft's Patch for CVE-2017-0199

http://justhaifei1.blogspot.com/2017/07/bypassing-microsofts-cve-2017-0199-patch.html


Analysis of a "new" RTF malware obfuscation method

https://furoner.wordpress.com/2017/07/06/analysis-of-new-rtf-malware-obfuscation-method/


Zeus Panda: Down To The Roots

https://cyberwtf.files.wordpress.com/2017/07/panda-whitepaper.pdf


Living off the land and fileless attack techniques

https://www.symantec.com/content/dam/symantec/docs/security-center/white-papers/istr-living-off-the-land-and-fileless-attack-techniques-en.pdf


A list of tools to work with malware

http://malwareanalysis.tools/


A Technical Survey Of Common And Trending Process Injection Techniques

https://www.endgame.com/blog/technical-blog/ten-process-injection-techniques-technical-survey-common-and-trending-process


Inject All the Things

http://blog.deniable.org/blog/2017/07/16/inject-all-the-things/


Hyper-V debugging for beginners

http://hvinternals.blogspot.com/2015/10/hyper-v-debugging-for-beginners.html


Elliptic Curve Cryptography Tutorial

https://www.johannes-bauer.com/compsci/ecc/


Vellvm: Verifying the LLVM

http://www.cis.upenn.edu/~stevez/vellvm/


PyDial: Multi-domain Statistical Dialogue System Toolkit

http://www.camdial.org/pydial/


How To Develop Your Own Boot Loader

https://www.apriorit.com/dev-blog/66-develop-boot-loader


BootStomp: On the Security of Bootloaders in Mobile Devices

http://cs.ucsb.edu/~yanick/publications/2017_sec_bootstomp.pdf


Vulnerabilities in High Assurance Boot of NXP i.MX microprocessors

https://blog.quarkslab.com/vulnerabilities-in-high-assurance-boot-of-nxp-imx-microprocessors.html


Emulation and Exploration of BCM WiFi Frame Parsing using LuaQEMU

https://comsecuris.com/blog/posts/luaqemu_bcm_wifi/


本主题帖已收到 1 次赞赏,累计¥2.00
最新回复 (2)
MaYil 2017-8-6 19:09
2
感谢分享
yangya 2017-8-7 20:55
3
不错
返回



©2000-2017 看雪学院 | Based on Xiuno BBS | 域名 加速乐 保护 | SSL证书 又拍云 提供 | 微信公众号:ikanxue
Time: 0.013, SQL: 10 / 京ICP备10040895号-17