1、美国联合航空的一个严重漏洞
2、Windows Named Pipes: There and back again
https://labs.portcullis.co.uk/blog/windows-named-pipes-there-and-back-again/
3、vonteera恶意软件使用证书逃避anti-malware
4、PowerForensics v1.0.1发行: 一个live硬盘取证平台,修复小bug,增强帮助文档
https://github.com/Invoke-IR/PowerForensics/releases/tag/v1.0.1
5、利用mana + bdfproxy实现恶意ap访问点的PE后门注入
http://decidedlygray.com/2015/11/19/evil-access-point-with-auto-backdooring-ftw/
6、通过OpenGL来hacking GCN
7、mysql注入时,concat()函数替代
8、ida pro 快捷键
https://www.hex-rays.com/products/ida/support/freefiles/IDA_Pro_Shortcuts.pdf
9、敲诈勒索软件之王:分析CTB-LOCKER
https://samvartaka.github.io/malware/2015/11/20/ctb-locker/
10、利用马尔可夫链作为一个密钥模糊处理方法
https://bwall.github.io/markov-chains-keyed-obfuscation/
11、WMIOps工具介绍:一个powershell脚本,使用wmi访问网络。下载地址https://github.com/ChrisTruncer/WMIOps
https://www.christophertruncer.com/introducing-wmi-ops/
12、android 文件格式化fuzzing工具介绍
13、通过爬取alex top 1万得到的robots.txt目录字典
https://github.com/danielmiessler/RobotsDisallowed
14、Stream Detector:发现NTFS分区隐藏的ADS工具
http://www.novirusthanks.org/products/stream-detector/
15、Aircrack-ng 1.2发行:支持FREEBSD,更新OUI,修复多个BUG
http://aircrack-ng.blogspot.jp/2015/11/aircrack-ng-12-release-candidate-3.html
16、使用python审计企业密码
https://warroom.securestate.com/index.php/organizing-the-bad-news-auditing-passwords-with-python/
17、Phithon京东沙龙议题:被Git打破的企业安全大门.pdf
18、CrackMapExec发行:开始支持kerberos,powershell混淆
https://github.com/byt3bl33d3r/CrackMapExec
19、opendns如何预测攻击
20、WINDOWS OS 上的TOR取证ppt
http://dreamsofastone.blogspot.de/2015/11/detecting-stealth-mode-cache-attacks.html
文章原文链接:https://www.anquanke.com/post/id/82967
