3月8日-每日安全知识热点

1.Inspeckage:android Package Inspector,下载地址https://github.com/ac-pm/Inspeckage

http://blog.tempest.com.br/antonio-martins/inspeckage-android-package-inspector.html

2.Nexus 三月android安全公告，包含多个严重的漏洞，其中有一个从WEB浏览器可触发的远程代码执行漏洞 

https://source.android.com/security/bulletin/2016-03-01.html

3.TCP/IP栈编程实践：第一部分：以太网桢格式与ARP 

http://www.saminiir.com/lets-code-tcp-ip-stack-1-ethernet-arp

4.proofpoint发布的针对印度外交和军事资源的ＡＰＴ攻击报告 

https://www.proofpoint.com/sites/default/files/proofpoint-operation-transparent-tribe-threat-insight-en.pdf

5.CVE 2015-7547 glibc getaddrinfo() DNS 漏洞分析，对比这个可以参考国内的drops上的http://drops.wooyun.org/papers/13040 

https://labs.jumpsec.com/2016/03/07/cve-2015-7547-glibc-getaddrinfo-dns-vulnerability/

6.BKP CTF: pwnable writeups 

http://vulph.com/2016/03/05/Boston-Key-Party-writeups.html

7.在.apk文件中嵌入metasploit payload第二部分，第一部分在https://techkernel.wordpress.com/2015/12/11/embed-metasploit-payload-in-apk-easily/ 

https://techkernel.wordpress.com/2015/12/19/embed-metasploit-payload-in-apk-manually/

8.Malwarebytes 2.2.0.1024 DLL 劫持漏洞 

https://packetstormsecurity.com/files/136107/mbam-dllhijack.txt

9.通过siri饶过ios v9.0, v9.1 & v9.2.1,也有人评论说不是通过SIRI饶过的，是在按IPHONE键的时候，指纹解锁的 

https://blog.slowb.ro/new-apple-ios-v9-0-v9-1-v9-2-1-passkey-bypass/

10.使用unpack.py分析cryptoLocker第一部分 

http://malwaremusings.com/2016/03/08/analysing-cryptolocker-with-unpack-py-initial-analysis-part-1/

11.讲解win10上的mac地址随机化是如何工作的 

http://www.mathyvanhoef.com/2016/03/how-mac-address-randomization-works-on.html

12.climber:一款检测unix/linux系统提权漏洞的脚本 

https://github.com/raffaele-forte/climber

13.微软拥抱开源世界：sql server开始支持linux 

https://blogs.microsoft.com/blog/2016/03/07/announcing-sql-server-on-linux/

14.通过 InstallUtil 饶过applocker的msf模块 

https://github.com/rapid7/metasploit-framework/blob/6406fa4c87196f7e9a51afd9f819f0c5e498dc02/modules/exploits/windows/local/applocker_bypass.rb

15.我如何黑了你的facebook账号，一个价值1W5千刀的漏洞 

http://www.anandpraka.sh/2016/03/how-i-could-have-hacked-your-facebook.html

16.通过DOCKER容器进行事件处理，这篇是在容器中运行REMnux镜像https://remnux.org/docs/containers/run-apps/ 

https://blog.rootshell.be/2016/02/22/incident-handling-docker-to-the-rescue/

17.Apple iOS v9.2.1 – 多个 PassCode 饶过漏洞 

http://seclists.org/fulldisclosure/2016/Mar/15

18.fortinet网站登陆页面发现xss漏洞 

http://www.scmagazineuk.com/reflected-xss-vuln-found-on-fortinet-login-page/article/481106/

19.安全/事件响应cheatsheet和URL参考连接 

https://8ack.de/firstaidkit/

20.bkpctf中qwn2own的exploit 

https://github.com/kitctf/writeups/blob/master/bkp2016/qwn2own/index.html