SecWiki News 2020-03-27 Review

一些网站https证书出现问题的情况分析 by ourren

零信任架构实战系列:如何选择零信任架构 by ourren

IoT上SSL安全开发小结 by ourren

Announcing the Zeek Agent by re4lity

Take Down MacOS Bluetooth with Zero-click RCE by re4lity

A First Introduction to System Exploitation by re4lity

Windows OS Hardening with PowerShell DSC by re4lity

CVE-2020-0729: Remote Code Execution Through .LNK Files by re4lity

Facebook CSRF bug which lead to Instagram Partial account takeover by re4lity

域渗透—基于资源的约束委派利用 by ourren


SecWiki News 2020-03-25 Review

网络威胁检测技术NTA by ourren

恶意软件命名与描述规范研究 by ourren

使用Powershell对目标进行屏幕监控 by shuteer

Kimsuky APT组织利用疫情话题针对南韩进行双平台的攻击活动的分析 by shuteer

渗透测试和安全面试的经验之谈 by ourren

对CVE中的无效漏洞报告进行分类和预测 by ourren

CVE-2020-0069: Autopsy of the Most Stable MediaTek Rootkit by ourren

iox: 端口转发 & 内网代理工具 by ourren

基于开源情报解密美国雷神山火神山 by ourren


SecWiki News 2020-03-23 Review

模块化网站管理工具的思考 by tmr

Django CVE-2020-9402 Geo SQL注入分析 by ourren

List of bug bounty writeups · Pentester Land by 504

张欧:数字银行可信网络实践 by ourren

微信远程攻击面简单的研究与分析 by ourren

Nightingale-开源的企业级监控解决方案 by ourren

RSAC-2020随笔 — 供应链安全 by ourren

SecWiki周刊(第316期) by ourren

提权之DLL注入 by shuteer

The-Cyber-Intelligence-Analyst-Cookbook by ourren

使用AFL挖掘libxml2 by ourren

2020年开源情报(OSINT)TOP20 工具 by redboy