http://p6.qhimg.com/t017313015b51e6034e.png


热点概要:在macOS上解密iCloud认证token的MMeTokenDecrypt开源工具、价值1500美金的pornhub网站越权漏洞、Cylance研究人员发现投票机漏洞、使用kismet进行Warding并激活Wifi deauth攻击、

国内热词:

百度副总裁李明远辞职

微软向部分Windows 10用户展示Edge广告

资讯类:

一个oAuth2.0被黑,百万Android App帐号将受到潜在的曝光风险

http://securityaffairs.co/wordpress/53081/hacking/oauth-2-0-attack.html

技术类:

MMeTokenDecrypt:在macOS上解密iCloud认证token的开源工具

https://github.com/manwhoami/MMeTokenDecrypt

使用kismet进行Warding并激活Wifi deauth攻击

https://deadcode.me/blog/2016/11/05/Active-Deauth-Kismet-Wardriving.html

Mirai源码中的SYN弱口令扫描

http://rootkiter.com/2016/11/05/Mirai%E6%BA%90%E7%A0%81%E4%B8%AD%E7%9A%84SYN%E5%BC%B1%E5%8F%A3%E4%BB%A4%E6%89%AB%E6%8F%8F.html

Malware PoC GSM C&C – Python Speed coding

https://www.youtube.com/watch?v=Cv-SA9nZjiQ

下一代日志分析:Splunk vs. ELK

http://strategicsec.com/splunk-vs-elk-workshop-next-level-log-analysis/

SQL注入练习网站

https://www.codebashing.com/sql_demo

指纹图像近重复检测

https://realpython.com/blog/python/fingerprinting-images-for-near-duplicate-detection/

反向工程人员最常用的13个反混淆工具

https://hackerlists.com/deobfuscation-tools/

Cylance研究人员发现投票机漏洞

https://blog.cylance.com/cylance-discloses-voting-machine-vulnerability

Kioptrix VM虚拟机黑客挑战的writeup

http://www.hackingarticles.in/hack-kioptrix-vm-ctf-challenge/

Acid VM 虚拟机黑客挑战的writeup

http://www.hackingarticles.in/hack-acid-vm-ctf-challenge/

OpenDoor:Owasp出品的开源目录扫描器

https://github.com/stanislav-web/OpenDoor

价值1500美金的pornhub网站越权漏洞

https://hackerone.com/reports/148764

面向新手的抓包教程

https://isc.sans.edu/diary/Full+Packet+Capture+for+Dummies/21679

文章原文链接:https://www.anquanke.com/post/id/84856