每日安全动态推送(5-14)
2024-5-14 18:13:56 Author: mp.weixin.qq.com(查看原文) 阅读量:1 收藏

Tencent Security Xuanwu Lab Daily News

• Windows Bootkits Guide:
https://artemonsecurity.blogspot.com/2024/05/windows-bootkits-guide.html

   ・ 探讨了rootkits研究和Windows内核 – SecTodayBot

• Program Environment Fuzzing (EFuzz):
https://github.com/GJDuck/RRFuzz

   ・ EFuzz是一种新型模糊测试工具,可以模糊测试几乎任何东西,包括网络服务器/客户端、图形用户界面应用程序、编辑器、编译器、数据库等。它基于全环境记录和重放(rr)以及模糊测试基础设施(RR+Fuzzing=RRFuzz)。EFuzz工作在环境交互的抽象层次上,可以模糊测试非常多样的主体,而不需要特殊处理。 – SecTodayBot

• Path of rev.ng-ance: from raw bytes to CodeQL on decompiled code .ical 06-28, 13:00–14:00 (US/Eastern), Grand Salon:
https://cfp.recon.cx/recon2024/talk/XBBKJM/

   ・ 介绍了rev.ng反编译器的特性和应用,涉及到了在网络安全中重要的反向工程和代码分析技术 – SecTodayBot

• Re: Microsoft Device Firmware Configuration Interface (DFCI) in Linux efivars directory:
https://seclists.org/oss-sec/2024/q2/238

   ・ 揭示了在Kali Linux系统中发现与Microsoft的设备固件配置接口(DFCI)相关的EFI变量,并对其潜在用途提出了担忧 – SecTodayBot

• YouTube Video Series on Iridium Satellite Decoding with an Airspy, RTL-SDR Blog Patch Antenna and DragonOS:
https://www.rtl-sdr.com/youtube-video-series-on-iridium-satellite-decoding-with-an-airspy-rtl-sdr-blog-patch-antenna-and-dragonos/

   ・ 介绍了关于Iridium卫星解码的YouTube视频系列,强调了Iridium通信的潜在漏洞 – SecTodayBot

• Bypassing WAFs to Exploit CSPT Using Encoding Levels:
https://matanber.com/blog/cspt-levels

   ・ 讨论了绕过WAF来利用CSPT的方法 – SecTodayBot

• cybersectroll/SharpPersistSD:
https://github.com/cybersectroll/TrollPersist

   ・ 介绍了一个用于在远程机器上嵌入持久性的.NET库 – SecTodayBot

* 查看或搜索历史推送内容请访问:
https://sec.today

* 新浪微博账号:腾讯玄武实验室
https://weibo.com/xuanwulab


文章来源: https://mp.weixin.qq.com/s?__biz=MzA5NDYyNDI0MA==&mid=2651959638&idx=1&sn=44de687e1ddff7578164eaf39654a7e2&chksm=8baed1c9bcd958df8c3c0dca153c4e165fc1664056ac9af3a8eec06546201416860241f1c9d5&scene=58&subscene=0#rd
如有侵权请联系:admin#unsafe.sh