Skip to content

Latest commit

 

History

History
119 lines (101 loc) · 13.2 KB

README_202005.md

File metadata and controls

119 lines (101 loc) · 13.2 KB

202005 信息源与信息类型占比

202005-信息源占比-secwiki

202005-信息源占比-xuanwu

202005-最喜欢语言占比

微信公众号 推荐

nickname_english weixin_no title url
七夜安全博客 qiye_safe APT的思考: CMD命令混淆高级对抗 https://mp.weixin.qq.com/s/hJ6gn9EMKNmMOofEg3i6Iw
腾讯安全 TXAQ2019 腾讯安全发布《零信任解决方案白皮书》 https://mp.weixin.qq.com/s/ZkuR5bDGYpXySUcuROcb7Q
爱奇艺技术产品团队 iQIYI-TP ​干货 , 爱奇艺全链路自动化监控平台的探索与实践 https://mp.weixin.qq.com/s/j44LMlItuTodfJvL_YGTUA
正阳能量场 Sun-Energy-Field 全面了解风控数据体系 https://mp.weixin.qq.com/s/PCRzPGGBXG7cJAInylkCRg
安全客 anquanbobao 由喝啤酒引发的军事情报人员信息泄露 https://mp.weixin.qq.com/s/sJyTd50SukIFuVjPSTrFDQ
全球技术地图 drc_iite 美国国防高级研究计划局未来网络安全研发趋势分析 https://mp.weixin.qq.com/s/gWrMODC3Rkznk-swglI0Qw
腾讯安全威胁情报中心 gh_05a6c5ec3f78 腾讯安全威胁情报中心“明厨亮灶”工程:基于域名图谱嵌入的恶意域名挖掘 https://mp.weixin.qq.com/s/LeK6QYHwd3k3UlyAuSkcZA
宽字节安全 gh_2de2b9f7d076 weblogic t3协议回显穿透nat以及获取内网地址 https://mp.weixin.qq.com/s/cwkZXWCOKYpLDK9o_J_G1w
SecPulse安全脉搏 SecPulse 一次曲折的渗透测试之旅 https://mp.weixin.qq.com/s/4bFC1GdiRZe9ygazXb1pnA
Flanker论安全 ShowMeShell Fuzzing战争: 从刀剑弓斧到星球大战 https://mp.weixin.qq.com/s/nREiT1Uj25igCMWu1kta9g
专注安管平台 gh_48603b9bb05a SANS:2020年自动化与集成调查报告 https://mp.weixin.qq.com/s/NZNK95gtUAFqMsxkgknTCQ
锦行信息安全 jeeseensec 干货 , linux系统行为新型实时监控技术 https://mp.weixin.qq.com/s/60BYTv6ST03cguHiFFetVg
酒仙桥六号部队 anfu-360 当frida来敲门 https://mp.weixin.qq.com/s/McipoCTgtY02_6dJvRe44g
论文收割机 paper_reader 深度长文:图神经网络欺诈检测方法总结 https://mp.weixin.qq.com/s/ewzsURiU7bfG3gObzIP2Mw
白帽汇 baimaohui888 基于Docker的固件模拟 https://mp.weixin.qq.com/s/t8ijT6pBjT9vB5yrd9Qstw
君哥的体历 jungedetili 内网安全攻击模拟和异常检测规则实战 https://mp.weixin.qq.com/s/kELnd0dAGe8Qa-lkJtcoNQ
全知科技 gh_0bd30f1b0430 再谈作为生产要素的数据安全 https://mp.weixin.qq.com/s/hkv4y7pQRBjLCgm3StKVSQ
CNCERT风险评估 cncertfengxianpinggu 2019年开源软件风险研究报告 https://mp.weixin.qq.com/s/VgoS1EftRFcYv9n2PJHoRg
Bypass Bypass-- 邮件伪造之SPF绕过的5种思路 https://mp.weixin.qq.com/s/dqntjRLgcOD3D2bi1oDFAw
绿盟科技研究通讯 nsfocus_research 基于深度学习的物联网恶意软件家族细粒度分类研究 https://mp.weixin.qq.com/s/we1fr4_BKd7n-zVWzSRygg
中通安全应急响应中心 ZTO_SRC 中通RASP安全防护方案初探 https://mp.weixin.qq.com/s/33CtW9ErXCDWoCJRFzlVPQ
数世咨询 年度大型攻防实战全景:红蓝深度思考及多方联合推演 https://mp.weixin.qq.com/s/GVIUbtMTynfF5ALDbhXirg
情报分析师 qingbaofenxishi 大数据环境下安全情报融合体系构建 https://mp.weixin.qq.com/s/bjqv8zlSEl7waKHxBNIwyA
小强说 xiaoqiangcall 从STIX2.1看安全智能归来 https://mp.weixin.qq.com/s/nYV3S2oYNNnKcpvNAG751w
虎符智库 各国竞相布局 卫星互联网重新定义网络战 https://mp.weixin.qq.com/s/mj4BVfI-j3yp-xaSZeEW_A
互联网安全内参 anquanneican 新一代SIEM与SOAR的技术对比 https://mp.weixin.qq.com/s/mfNRbDXIg5_1jSKHbceHCA
漏洞推送 浏览器中隐蔽数据传输通道-DNS隧道 https://mp.weixin.qq.com/s/u5HV7umrZABcgVpZ5pn6WQ
天融信阿尔法实验室 JAVA RMI反序列化知识详解 https://mp.weixin.qq.com/s/bC71HoEtDAKKbHJvStu9qA
赵武的自留地 我的安全漏洞观 https://mp.weixin.qq.com/s/86cS8yIgbVcKStZWq84M7Q
lymmmx 已知邮箱,求手机号码? https://mp.weixin.qq.com/s/XvMruURNVWBkEwxvnPSW1g
SecWiki SecWiki [Sec-Trans-7]子域名托管案例 https://mp.weixin.qq.com/s/Nqy0Agq_h9yZhvqKdZBZgw
电子商务电子支付国家工程实验室 gjgcsys 物联网场景下的白盒加密技术 https://mp.weixin.qq.com/s/y8FNDtuJIIiYmZDLTxuL_g
漏洞战争 vulwar 技术人的修炼之道:从业余到专业 https://mp.weixin.qq.com/s/gBgFyy4MMrF5vn-8NGEVQw
安全学术圈 secquan Understanding E-commerce Fraud from Autonomous Chat https://mp.weixin.qq.com/s/uzGQxgfaUufsDSvcYIIYig
ipasslab 学术报告,协议模糊测试相关技术梳理 https://mp.weixin.qq.com/s/RCpAUpFEzbSewEnWpHrsqw
IMKP TrustMatrix_KP 用SASE加速零信任网络交付 https://mp.weixin.qq.com/s/OjHgQGrJWfueu4AfxES9Hg
ChaMd5安全团队 chamd5sec De1CTF2020-WriteUp上(Web、Misc、Pwn) https://mp.weixin.qq.com/s/1CR0up_b5a1zw02wZNwJpg
Tide安全团队 TideSec 70.远控免杀专题(70)-终结篇 https://mp.weixin.qq.com/s/4shT8tP-Gu3XX7fnWKQHAA
湛卢工作室 xuehao_studio 劳动节 , 说说代理池 https://mp.weixin.qq.com/s/ERU3L2WIMiPNNdTTX164Og

私人github账号 推荐

github_id title url p_url p_profile p_loc p_company p_repositories p_projects p_stars p_followers p_following repo_lang repo_star repo_forks
CHEF-KOCH KMS-activator - 关于 Windows 激活机制研究的一个项目 https://github.com/CHEF-KOCH/KMS-activator https://github.com/microsoft Former @microsoft and @NVIDIA employee. Since 2018 NTT-Security. Interested in privacy/security, gaming & demoscene related topics. Lausanne CKs Technology News 125 0 4100 1400 127 Python,C,Batchfile,JavaScript,Pascal 590 145
alephsecurity QEMU 的 Aleph Research fork 版本,用于运行 iOS 系统 https://github.com/alephsecurity/xnu-qemu-arm64 https://alephsecurity.com/ Security Research None HCL Technologies 14 0 0 292 0 Python,C,Shell,Java 419 49
Kelvinhack ThreadSpy - 基于硬件实现的 Thread Hijacker https://github.com/Kelvinhack/ThreadSpy https://github.com/Tencent @Tencent Ex Anti-Cheat Researcher @microsoft Security Researcher II Vancouver Microsoft 40 0 18 176 1 C,C++ 229 85
guimaizi testing_wave: 被动式web扫描器 https://github.com/guimaizi/testing_wave http://www.guimaizi.com/ None None 5 0 31 125 2 Python,HTML 313 81
Captainarash X86架构圣经指南手册。 https://github.com/Captainarash/The_Holy_Book_of_X86 https://twitter.com/H4UL4 Computing Offsets \x00 Helsinki, Finland None 6 0 19 80 6 JavaScript,C++ 492 101
wooyunwang Fortify: 源代码漏洞の审计 https://github.com/wooyunwang/Fortify http://www.52pwn.club/ A strange guy who will make the world a better place! California Google Inc. 27 0 15 60 14 Python,C#,Java,PowerShell 322 104
BeetleChunks ManageEngine OpManger 任意文件读漏洞 PoC(CVE-2020-12116) https://github.com/BeetleChunks/CVE-2020-12116 None OSCP, Red Teamer, Pentester, Developer, Hacker None None 11 0 62 58 3 Python,C,PowerShell 277 73
maxpl0it IE 浏览器 JS 脚本引擎 CVE-2020-0674 漏洞的 Exploit https://github.com/maxpl0it/CVE-2020-0674-Exploit https://twitter.com/maxpl0it Security researcher from the South East of England. South East, England None 10 0 0 55 0 Python,C,HTML 84 24
zrax Decompyle++ - Python 字节码反编译工具 https://github.com/zrax/pycdc None None None 45 0 24 48 7 C++ 736 164
gerhart01 Hyper-V internals researches (2006-2019) https://github.com/gerhart01/Hyper-V-Internals/blob/master/HyperResearchesHistory.md https://hvinternals.blogspot.com/ None None 6 0 124 45 0 Python,C,HTML,C++ 80 17
lilang-wu p-joker - 用于分析 iOS/macOS 内核 Kernelcache 与扩展的工具 https://github.com/lilang-wu/p-joker None None None 32 0 11 29 13 Python,C 40 19
Wangpeiyi9979 IE-Bert-CNN: 百度2019语言与智能技术竞赛信息抽取模型 https://github.com/Wangpeiyi9979/IE-Bert-CNN None 我可以做到,我必须做到,我做的最好。 ChengDu,SiChuan,China TianJin University 22 0 27 29 18 Python,Jupyter 101 28
kabeor 有研究员总结的 Unicorn CPU 模拟器的非官方 API 文档 https://github.com/kabeor/Micro-Unicorn-Engine-API-Documentation https://kabeor.cn Hello,Computers ! SiChuan,China SWUST 11 0 79 27 0 HTML,C++ 41 16
guibacellar DNCI - 将 .NET 代码远程注入到非托管进程中 https://github.com/guibacellar/DNCI https://theobservator.net Security Researcher and Machine Learning Specialist, researching in fraud detection, cyber espionage and artificial intelligence areas. Brazil None 11 0 10 20 0 C#,Python,CSS 74 30
chip-red-pill 有研究员利用 Intel Atom CPU 的 Local Direct Access Test (LDAT) DFT 特性 Dump Microcode Sequencer ROM https://github.com/chip-red-pill/glm-ucode https://github.com/h0t Research Team Members: Dmitry Sklyarov (@Dmit), Mark Ermolov (@markel_), Maxim Goryachy (@h0t) Moscow None 2 0 0 5 0 Python 12 1
trailofbits Sienna Locomotive - 为缺乏安全经验的 Windows 开发者写的 Fuzzer https://github.com/trailofbits/sienna-locomotive None None None None 0 0 0 0 0 C,Shell,CMake,Python,Ruby,JavaScript,C++,Go,Swift,Rust 18300 1600
rabobank-cdc DeTTECT: Detect Tactics, Techniques & Combat Threats https://github.com/rabobank-cdc/DeTTECT None None None None 0 0 0 0 0 Python,CSS 0 0
hardenedlinux hardenedlinux 关于固件安全的一个开源项目 https://github.com/hardenedlinux/firmware-anatomy None None None None 0 0 0 0 0 C,Shell,Assembly,Roff,Zeek,C++,Nix,HTML,Verilog,Go 244 60
ProjectorBUg Double-Free BUG in WhatsApp exploit poc.[CVE-2020-11932] https://github.com/ProjectorBUg/CVE-2020-11932 None None None None 0 0 0 0 0 C,Shell,Jupyter,Python,Visual,HTML,Go,PHP,Ruby,Prolog 0 0
NetSPI Evil SQL Client (ESC) - 为渗透测试设计的交互式的 SQL Server Client,支持发现数据库、访问数据、提取数据 https://github.com/NetSPI/ESC None None None None 0 0 0 0 0 Java,C#,Python,HTML,Go,Ruby,PowerShell 1100 282

medium 推荐

title url
如何开始搭建自己的网络安全实验室 http://medium.com/@robertscocca/building-a-cyber-security-lab-4874bddd056b
DOS系统文件路径魔法研究。 http://medium.com/walmartlabs/dos-file-path-magic-tricks-5eda7a7a85fa
PHP 序列化漏洞的利用 http://link.medium.com/rkOjYq6Ny6
网络取证:渗透测试查找系统后门漏洞学习方法。 http://medium.com/m/global-identity?redirectUrl=https%3A%2F%2Fblog.pentesteracademy.com%2Fnetwork-forensics-finding-backdoored-system-b0b88fc23b5c
从 PDF 文件下载到 SSRF 漏洞 http://medium.com/m/global-identity?redirectUrl=https%3A%2F%2Fblog.appsecco.com%2Fserver-side-request-forgery-via-html-injection-in-pdf-download-90ee4053e911
SpecterOps Team 关于纵深防御的系列 Blog http://medium.com/m/global-identity?redirectUrl=https%3A%2F%2Fposts.specterops.io%2Fdetection-in-depth-a2392b3a7e94
从 iOS 设备越狱到应用静态分析 http://link.medium.com/KogHw50ek6
From fuzzing to remote code execution in Samsung Android http://medium.com/@social_62682/from-fuzzing-to-remote-code-execution-in-samsung-android-56cbdebcfeca

知乎 推荐

title url
简单梳理一下机器学习可解释性(Interpretability) https://zhuanlan.zhihu.com/p/141013178

论坛 推荐

title url
浅析域渗透中的组策略利用 https://xz.aliyun.com/t/7784
Thinkphp5代码执行学习 https://xz.aliyun.com/t/7792
codeql学习——污点分析 https://xz.aliyun.com/t/7789
红队-C2 Server基础构建 https://xz.aliyun.com/t/7758
从0学习WebLogic CVE-2020-2551漏洞 https://xz.aliyun.com/t/7725
域控提权合集 https://xz.aliyun.com/t/7726
虎符杯两道NodeJS题目的分析 https://xz.aliyun.com/t/7714
对缓存投毒的学习总结 https://xz.aliyun.com/t/7696
linux后渗透之收集登录凭证 https://xz.aliyun.com/t/7698
Rick教你写shellcode系列之邪恶的pdf https://xz.aliyun.com/t/7684

日更新程序

python update_daily.py