SecWiki News 2018-11-08 Review

.hta文件的后渗透利用(绕过PowerShell的限制模式) by BaCde

最新VirtualBox 0day漏洞公开 by BaCde

宝塔面板6.x版本前台存储xss+后台csrf组合拳getshell by BaCde

浅谈大型互联网的企业入侵检测及防护策略 by ourren

A platform to provide challenge for CTFer by z3r0yu

用神经推理来帮助命名实体识别 by ourren

Suricata规则介绍、以及使用suricata-update做规则管理 by ourren

APT37 移动武器库KevDroid在中国境内攻击行动披露 -- PART 1 by ourren

挖洞姿势-Jsonp劫持 by fresh

gshark: Scan for sensitive information in Github easily and effectively by ourren

Security Bugs in Practice: SSRF via Request Splitting by zzzhhh