---
-安全文章
-安全漏洞
-移动安全
-代码审计
---
标签:安全动态 安全技能 资源与工具分享
安全动态
[Security_week]
[Security_week] WordPress CMS平台存在严重的DoS 漏洞 几乎影响所有版本
https://mp.weixin.qq.com/s/I9dnrnnUUcygFV21mNA4Rw
[Security_week] 流密码与RC4密码初认识
http://www.freebuf.com/articles/rookie/160891.html
[Security_week] Google Project Zero 成员教你如何入门搞安全
https://zhuanlan.zhihu.com/p/33678187
[Security_week] ZZCMS v8.2 最新版SQL注入漏洞
https://mp.weixin.qq.com/s/Vc8wlt4rj42vYo9NB9KFxQ
[Security_week] DTD 实体 XXE 浅析
https://mp.weixin.qq.com/s/vkCdz6YCoiiJPI30KePD6g
[Security_week] CNNVD最新漏洞(2018-02-08)
https://mp.weixin.qq.com/s/MbQe67gAJh_4YatldVB8jg
---
---
安全技能
Security_technologyPHPMailer任意文件读取
https://mp.weixin.qq.com/s/q6t-zdbOue6aQ8yURRFIzQ
[Security_technology] FreeFloat FTP1.0 溢出漏洞分析
https://mp.weixin.qq.com/s/MSaEbeNN0zbrNY50_30FRQ
[Security_technology] 渗透测试 -- VulnHub –CTF FristiLeaks v1.3
https://mp.weixin.qq.com/s/vroN1CKPjf2x033E0e43vg
[Security_technology] 利用macOS时间戳溯源攻击行为
https://mp.weixin.qq.com/s/TW56QKPCCZIJFhIEt0f0xg
[Security_technology] Apache ActiveMQ Artemis 反序列化—【CVE-2016-4978】
https://xianzhi.aliyun.com/forum/topic/2015
[Security_technology] 加固 C/C++ 程序
https://mp.weixin.qq.com/s/K7QiPPTpYIhEFk-BD2LYaA
[Security_technology] 从一道高质量的ctf题中看渗透测试
https://www.anquanke.com/post/id/97567
[Security_technology] 基于机器学习的 Webshell 发现技术探索
https://mp.weixin.qq.com/s/5wJbvuG0IUOX4jdFtYNnkg
[Security_technology] 从 Ajax 聊一聊 Jsonp 点击劫持
https://mp.weixin.qq.com/s/0rTTpt0GtBDgdjVl0dDl8Q
[Security_technology] 渗透测试之cisco路由器在渗透中的利用
https://mp.weixin.qq.com/s/9_n_TdkeREdbLkfpldrRtA
[Security_technology] Metasploitable2 漏洞评估详解
https://mp.weixin.qq.com/s/ueTT8-DLgTJ-WVjf-7PRlg
[Security_technology] 思科ASA安全设备远程代码执行和拒绝服务漏洞(CVE-2018-0101)预警更新
https://mp.weixin.qq.com/s/62Mwyr-O6CfC1VN7N8scxw
[Security_technology] CTF逆向--.NET与Python篇
https://mp.weixin.qq.com/s/Rs7opbwM2qp38QpQXREYfA
[Security_technology] 挖洞经验之代理不当日进内网
https://mp.weixin.qq.com/s/EtUmfMxxJjYNl7nIOKkRmA
[Security_technology] 任意用户密码重置(三):用户混淆
https://mp.weixin.qq.com/s/zU69T_L3q14LJ8bjnvT6Dw
[Security_technology] HITCTF2018-web全题解
https://mp.weixin.qq.com/s/K9XYMAazQ3vwv2L8yFtx1w
[Security_technology] 4道与CVE结合web题目
https://mp.weixin.qq.com/s/eAgw1ABhi_fZXuYLuZF3Nw
[Security_technology] 三道有趣的web题
https://mp.weixin.qq.com/s/xs7jTrRRzkt4dZ5grcYHnQ
[Security_technology] CTF逆向题——IgniteMe
https://mp.weixin.qq.com/s/rleXE3xD4nZrTpvgi4uEKQ
[Security_technology] 汇编指令级混淆器的实现
https://mp.weixin.qq.com/s/dONVbZ4v4cbwpLd3qve2Cw
[Security_technology] BurpSuite基于SS抓取流量
https://mp.weixin.qq.com/s/4R9NDYM3WhlhBKo9WiBCdA
---
工具与资源
[Security_tools] 漏洞银行技能书
https://skills.bugbank.cn/
[Security_tools] MS17-010攻击脚本与开发模块
https://github.com/rapid7/metasploit-framework/pull/9473
[Security_tools] 华盟网:2017年最优秀黑客工具大合集
https://www.77169.com/html/194249.html
[Security_tools] Linux SSH密码暴力破解技术及攻击实战
http://blog.51cto.com/simeon/2066269?wx=
[Security_tools] CNNVD最新漏洞(2018-02-07)
https://mp.weixin.qq.com/s/rk9tShKhFOUGM-7hBeGMKQ
[Security_tools] CNNVD最新漏洞(2018-02-06)
https://mp.weixin.qq.com/s/_fu90lXZF-kB6p_1Ex47EQ
[Security_tools] 新手Python黑客工具入门
https://mp.weixin.qq.com/s/ZiqBUop9nLTCmxIDlrXqdA
[Security_tools] pentestdb 架构详解
https://mp.weixin.qq.com/s/b4cpUQf5K9oz2b3ka6dNgQ
[Security_tools] 工具| PocSuite 使用介绍
https://mp.weixin.qq.com/s/uTGff7wZI2-2e2vXp_OQvA