• OpenArk: Next Generation of Anti-Rootkit(ARK) tool for Windows:
https://securityonline.info/openark-next-generation-of-anti-rootkitark-tool-for-windows/
・ OpenArk是一款针对Windows的下一代反Rootkit(ARK)工具,具有强大的功能和开放源代码特性。
– SecTodayBot
• Modern implant design: position independent malware development:
https://5pider.net/blog/2024/01/27/modern-shellcode-implant-design/
・ 讨论了现代位置无关的木马植入物、反射加载器以及作者对编写木马植入物的新方法的研究。
– SecTodayBot
• rasta-mouse/SpawnWith:
https://github.com/rasta-mouse/SpawnWith
・ 介绍了一种实验性的Beacon Object File (BOF),提供了一种新的方法用于测试和执行shellcode。
– SecTodayBot
• CVE-2024-22857: Critical Flaw in Popular Zlog Library Opens Door to Arbitrary Code Execution:
https://securityonline.info/cve-2024-22857-critical-flaw-in-popular-zlog-library-opens-door-to-arbitrary-code-execution/
・ Zlog库中的关键漏洞(CVE-2024-22857)可能导致远程执行任意代码
– SecTodayBot
• CVE-2024–23897 - Arbitrary file read in Jenkins:
https://blog.securelayer7.net/arbitrary-file-read-in-jenkins/
・ 分析了Jenkins中的一个关键漏洞CVE-2024–23897,详细介绍了漏洞的根本原因
– SecTodayBot
• Presenting Scanme: Deep Dive into Network Scanning with Golang: Building a Port Scanner:
https://cyberroute.github.io/post/2024-02-25-scanme/
・ 介绍了使用Golang和gopacket库进行网络扫描的方法
– SecTodayBot
• Detecting Canary Tokens and Suspicious URLs in Microsoft Office, Acrobat Reader PDF and Zip Files:
https://github.com/0xNslabs/CanaryTokenScanner
・ 介绍了一种用于检测Microsoft Office文件和Zip档案潜在威胁的Python脚本
– SecTodayBot
• Analyze installed Android applications for security risks in Termux:
https://www.mobile-hacker.com/2024/03/11/analyze-installed-android-applications-for-security-risks-in-termux/
・ APKDeepLens是一个用于扫描Android应用程序以识别潜在安全漏洞的Python工具,重点关注OWASP Top 10移动安全漏洞。它在Blackhat MEA 2023上发布。
– SecTodayBot
• Toolchain Necromancy: Past Mistakes Haunting ASLR:
https://grsecurity.net/toolchain_necromancy_past_mistakes_haunting_aslr
・ 讨论了性能优化对安全性的影响,分析了Linux内核和binutils的变化如何削弱ASLR。
– SecTodayBot
• GHSL-2024-027_GHSL-2024-028: API abuse in codeium-chrome - CVE-2024-28120:
https://securitylab.github.com/advisories/GHSL-2024-027_GHSL-2024-028_codeium-chrome/
・ 揭示了codeium-chrome浏览器扩展程序中的漏洞问题
– SecTodayBot
• Microsoft Windows Defender / Trojan.Win32/Powessere.G - Detection Mitigation Bypass:
https://dlvr.it/T3vKT4
・ 绕过Windows Defender检测的新漏洞信息
– SecTodayBot
* 查看或搜索历史推送内容请访问:
https://sec.today
* 新浪微博账号: 腾讯玄武实验室
https://weibo.com/xuanwulab