红日成员:阿杰 博客:http://sec-redclub.com/team/
-安全文章
-安全漏洞
-移动安全
-代码审计
标签:安全动态 安全技能 资源与工具分享
安全动态
[Security_week] 每日攻防资讯汇总(03-14)
https://mp.weixin.qq.com/s/NTcthz1bouFQvVlS9nSMVg
[Security_week] CVE-2018-0907 | 微软Office Excel安全特性绕过
https://mp.weixin.qq.com/s/FZwgQJv4XS9A2V-70R3Rhg
[Security_week] Samba CVE-2018-1050和CVE-2018-1057预警
https://mp.weixin.qq.com/s/9kEtvVFcAVqmGZ3k2Vg2Hg
[Security_week] 新的挖矿攻击再次利用“永恒之蓝”漏洞感染服务器
https://mp.weixin.qq.com/s/BZkZRnWyXMFxosLCaeiziw
[Security_week] 中国某军工企业被美、俄两国黑客攻击
https://mp.weixin.qq.com/s/FkhyBVYxjMemSN2fvWp2RA
[Security_week] 阿里 8.6 亿美元再押 ofo,与摩拜合并再无可能?
https://mp.weixin.qq.com/s/MT2BsGc33BMdDd6p4qzwsw
[Security_week] CVE-2018-6376:Joomla!二阶SQL注入漏洞
https://mp.weixin.qq.com/s/IyFDWR9tL-ysAHTpPZ79Mw
[Security_week] CVE-2018-0886:"MS-RDP 逻辑 RCE 漏洞" 初步解读
https://mp.weixin.qq.com/s/7tKZeY23otlNLk7tJv-lfQ
[Security_week] 兜哥的信安之路
https://mp.weixin.qq.com/s/9GTwaNEvWSRBIkdVFtf8Hg
安全技能
[Security_technology] 任意用户密码重置(四):重置凭证未校验
https://mp.weixin.qq.com/s/NKDq53K2L9N0Ype19OTRLg
[Security_technology] 从小白变RSA大神,附常用工具使用方法及CTF中RSA典型例题
https://mp.weixin.qq.com/s/aU3XDBOVbr-nt_FMfTHMGg
[Security_technology] Chaos:Linux后门卷土重来
https://mp.weixin.qq.com/s/2phYAp4taA508BKpNxj_zQ
[Security_technology] CTF Hackplayers 2018 WriteUp 之拿到Jax的权限
https://mp.weixin.qq.com/s/8GI7G5uFGbRMgULUnxmn-w
[Security_technology] 逆向学习手记
https://mp.weixin.qq.com/s/YcQX1rR2Jto6YJzuqH8-DA
[Security_technology] iOS安全基础之钥匙串与哈希
https://mp.weixin.qq.com/s/WWwG_02GvBlXZMMlFXF8GA
[Security_technology] N1CTF2018 APFS&Lipstick题解
https://mp.weixin.qq.com/s/xL-Ec57DswEryUseajjFvQ
[Security_technology] Docker容器构建过程的安全性分析
https://mp.weixin.qq.com/s/AFRk4clsm8wE2cLF6UI4fQ
[Security_technology] zoomeye的简单使用(很恐怖的搜索引擎)
https://mp.weixin.qq.com/s/9vdhotnVebwGuKN9QgfECg
[Security_technology] 人见人爱的vDSO机制,如今也靠不住了
https://mp.weixin.qq.com/s/0e3XjZzqnoPoO3AWkdU77w
[Security_technology] windows下安装docker(纠正报错)+加速下载kali镜像
https://mp.weixin.qq.com/s/12wylLU4ToXUG64yJcmTYA
[Security_technology] 密码窃取软件AGENT TESLA的传播渠道分析
https://mp.weixin.qq.com/s/arirTZ7vau4kN29x2m1Ffw
[Security_technology] 记一次有趣的渗透测试
https://mp.weixin.qq.com/s/w5Dl54oOA7-XYuSIrguy-w
[Security_technology] 混在运维部的安全员说“端口与口令安全”
https://mp.weixin.qq.com/s/eJiNOwS6OpYEg0D5SbMRPA
[Security_technology] 深度解析密码破解程序
https://mp.weixin.qq.com/s/fdb8Qo0Z7pxhVYydUadVvA
[Security_technology] 如何利用Webhooks绕过支付环节
https://mp.weixin.qq.com/s/p5joqegP1dbGtHsmS-3fRQ
[Security_technology] PHP代码/命令注入小结
[https://mp.weixin.qq.com/s/e-qNJaXZh-t5H7AJEOBIAQ(https://mp.weixin.qq.com/s/e-qNJaXZh-t5H7AJEOBIAQ)
[Security_technology] ring3层恶意代码实例汇总
https://mp.weixin.qq.com/s/wY3KnCewAw6WS5bNYlm-2Q
[Security_technology] Java代码审计-铁人下载系统
https://mp.weixin.qq.com/s/8mmj-mixScgOKq7cL2_YcQ
[Security_technology] 关于网络钓鱼的深入讨论
https://mp.weixin.qq.com/s/7Xnv84qtffSjWzRTn--uWA
[Security_technology] 远程桌面协议 CredSSP 存在严重漏洞,影响所有版本的 Windows
https://mp.weixin.qq.com/s/GGUMg8tlJuNB2asN9KLxZA
工具与资源
[Security_tools] Process-Forest-Window进程日志分析工具;python版的BloodHound
https://mp.weixin.qq.com/s/XlyhJDM3MwTBzpWp83Mhsg
[Security_tools] 《轻而易举-黑客攻防入门》扫描版[PDF]
https://mp.weixin.qq.com/s/qTsW8engi0zBAp0pSaay8Q
[Security_tools] 精讲php代码执行与命令执行漏洞
https://mp.weixin.qq.com/s/12hElUJv5PYwK2u19bcFtw [Security_tools] Powershell And Metasploit(上)
https://mp.weixin.qq.com/s/UV25c70OfMqkkOD69Kzf1Q