Tencent Security Xuanwu Lab Daily News

• Kdrill: Python tool to check rootkits in Windows kernel:
https://meterpreter.org/kdrill-python-tool-to-check-rootkits-in-windows-kernel/

   ・ Kdrill是一款用于分析Windows内核的工具，可以检测内核是否被rootkit – SecTodayBot

• CVE-2024-31411: Apache StreamPipes: Potential remote code execution (RCE) via file upload:
https://seclists.org/oss-sec/2024/q3/80

   ・ Apache StreamPark中的RCE漏洞 – SecTodayBot

• APKscan: Scan for secrets, endpoints, and other sensitive data in Android files:
https://meterpreter.org/apkscan-scan-for-secrets-endpoints-and-other-sensitive-data-in-android-files/

   ・ APKscan是一款用于在Android文件中扫描和识别敏感数据和漏洞的工具，它提供了自定义规则、多种输出格式等灵活的功能，适用于广泛的Android相关文件，并涉及反向工程和应用程序安全机制分析。  – SecTodayBot

• Hollow Process Injection:
https://www.darkrelay.com/post/demystifying-hollow-process-injection

   ・ 介绍Hollow进程注入的技术原理和利用方法 – SecTodayBot

• Security's Achilles' Heel: Vulnerable Drivers on the Prowl:
https://www.securityjoes.com/post/security-s-achilles-heel-vulnerable-drivers-on-the-prowl

   ・ 介绍了BYOVD技术（Bring Your Own Vulnerable Driver）的利用 – SecTodayBot

• MSI’s Massive Security Breach: 600K+ Warranties Exposed:
https://securityonline.info/msis-massive-security-breach-600k-warranties-exposed/

   ・ 主板制造商MSI和Zotac因为没有正确配置服务器权限而导致大规模安全漏洞，泄露了超过60万用户的详细信息 – SecTodayBot

• Unauthenticated SSRF on Havoc C2 teamserver via spoofed demon agent:
https://blog.chebuya.com/posts/server-side-request-forgery-on-havoc-c2/

   ・ Havoc C2团队服务器中的未经身份验证的SSRF漏洞 – SecTodayBot

• Blackbox-Fuzzing of IoT Devices Using the Router TL-WR902AC as Example:
https://github.com/otsmr/blackbox-fuzzing

   ・ 对TL-WR902AC路由器进行黑盒模糊测试 – SecTodayBot

* 查看或搜索历史推送内容请访问：
https://sec.today

* 新浪微博账号：腾讯玄武实验室
https://weibo.com/xuanwulab