6月20日 - 每日安全知识热点

蜜罐和物联网：分析卡巴斯基实验室的IoT蜜蜂获取的数据
https://securelist.com/honeypots-and-the-internet-of-things/78751/
0ctf2017 final
http://lorexxar.cn/2017/06/16/0ctf2017-final/
PsExec Much?
https://rastamouse.me/2017/06/psexec-much/
关于Frida的资源
https://github.com/dweinstein/awesome-frida
甲方安全建设步骤
http://pirogue.org/2017/06/17/%E7%94%B2%E6%96%B9%E5%AE%89%E5%85%A8%E5%BB%BA%E8%AE%BE%E6%AD%A5%E9%AA%A4/
跨站的艺术-XSS入门与介绍
xss-1-introduction/">http://www.fooying.com/the-art-of-xss-1-introduction/
NSO的间谍软件威胁报告
https://citizenlab.org/2017/06/reckless-exploit-mexico-nso/
GoogleCTF2017 Back to the Past WriteUp
https://ctftime.org/writeup/6815
快速分析微软ESTEEMAUDIT Patch
https://0patch.blogspot.com/2017/06/a-quick-analysis-of-microsofts.html
物联网设备安全实践
https://duo.com/assets/ebooks/Duo-Labs-Bug-Hunting-Drilling-Into-the-Internet-of-Things-IoT.pdf
reversing-the-balong-m3mcu-console-lightning-the-path-to-ring-0
https://advancedpersistentjest.com/2017/06/19/reversing-the-balong-m3mcu-console-lightning-the-path-to-ring-0/
路由器滥用的脆弱性
http://blog.ptsecurity.com/2017/06/practical-ways-to-misuse-router.html
NSA美国国安局在github上发起开源技术合作项目
https://nationalsecurityagency.github.io/
SDR和RF信号分析简介
https://www.elttam.com.au/blog/intro-sdr-and-rf-analysis/
一个包含二进制逆向和利用的docker容器
https://github.com/superkojiman/pwnbox
关于MS17-010的细节、PoC、Exp
https://github.com/worawit/MS17-010
The Stack *漏洞技术细节
https://www.qualys.com/2017/06/19/stack-*/stack-*.txt
快速搜索漏洞exploits
https://github.com/1N3/Findsploit
Microsoft Edge 地址栏欺骗PoC
https://pastebin.com/raw/uKLVr0i9