技术类:
文档和非文档的:添加CFG异常
http://breakingmalware.com/documentation/documenting-undocumented-adding-control-flow-guard-exceptions/
一个在线分析打包的andorid恶意软件系统
https://github.com/CvvT/AppTroy
checkpoint防火墙可视化审计工具
http://m57.github.io/Checkpoint-Firewall-Auditor-myCVT/
安全你的服务器,通过monit配置入侵检测
https://dzone.com/articles/intrusion-detection
metasploit侦察脚本
https://github.com/bcoffey218/msf_rc
介绍Sysdig Falco
https://komunity.komand.com/learn/featured/introduction-to-sysdig-falco/
android恶意软件能够秘密的root你的手机然后安装程序
http://www.networkworld.com/article/3087091/this-android-malware-can-secretly-root-your-phone-and-install-programs.html?utm_source=dlvr.it&utm_medium=twitter#tk.rss_security
PS>Attack 更新到1.2版
https://github.com/jaredhaight/PSAttack/releases/tag/v1.2
可以扫描wifi访问点的app
https://github.com/ankitbabbar89/WifiScanner
BadUSB 2.0 USB-HID MiTM POC
https://github.com/withdk/badusb2-mitm-poc
可注入恶意payload到barcodes, QRcodes, earn13, datamatrix的工具
https://github.com/huntergregal/scansploit
免费的计算机取证书籍
https://forensiccontrol.com/resources/free-software/
firefox/jemalloc堆利用工具
https://github.com/CENSUS/shadow
CryptXXX 字符串解码脚本
https://bitbucket.org/snippets/Alexander_Hanel/gxMxq
可分析移动电话元数据的开源python工具包
https://github.com/yvesalexandre/bandicoot
如何安全实现IOT设备的加密更新机制
https://down.dsg.cs.tcd.ie/iotsu/subs/IoTSU_2016_paper_16.pdf
使用ARM性能监控单元缓解Stagefright攻击
https://www.endgame.com/blog/mitigating-stagefright-attacks-arm-performance-monitoring-unit
资讯类:
fbi完全有能力hack Tor和VPN用户
http://www.theregister.co.uk/2016/06/21/google_paypal_and_hide_my_ass_vpn_join_fight_against_rule_41_change/?utm_content=buffera4342&utm_medium=social&utm_source=twitter.com&utm_campaign=buffer
黑客使用社会工程学绕过双因子验证
http://tech.firstpost.com/news-analysis/hackers-using-social-engineering-to-bypass-two-factor-authentication-321121.html
以太币的开发者在被黑后hacking黑客
http://qz.com/713078/the-developers-behind-ethereum-are-hacking-the-hacker-that-hacked-it/
攻击者使用百万IP破解金融服务
http://news.softpedia.com/news/attackers-used-nearly-one-million-ips-to-brute-force-a-financial-institution-505413.shtml
数据泄露消息:
guccifer继续放出从DNC服务器中的希拉里克林顿的资料
巴基斯坦高级教育委员会数据泄漏
发表评论
您还未登录,请先登录。
登录