Skip to content
This repository has been archived by the owner on Nov 28, 2023. It is now read-only.

Latest commit

 

History

History
343 lines (106 loc) · 1.34 KB

以攻为守的情报分析v2-魔方安全.pdf.md

File metadata and controls

343 lines (106 loc) · 1.34 KB
Raw

CubeSec ID IDSampro

Attack As Defense

CubeSec Product Develop Team Written By Hao Wu Shuai Yuan

CUBESECNSTRT121 SDLAPT

01

02 +

03

04 Matrix

05 02

01 PART ONE

http://www.sec-un.org/2015-4-30-isc2-hangzhou-conference-of-the-cybersecurity-threat-intelligence-systems-and-biosphere-ppt.html

02 + PART TWO

+

90

80

77

70

66 67 70

60

50 40

38

36

41 36

39

30 20

21

17

21 24

12

10 5 5 5 0 0

2009 2010 2011 2012 2013 2014

web

+--

+--

github WikiJira

+--

2014 Shellsock2013 Structs2S2-016

03 PART THREE

APT

TEXT

--

  • ""

test.com

IP

a.test.com IP

b.test.com

--

DNS A

DNS

-- WebIP

Web CMS

IP

--

IPWeb IP

IP 10.1.1.1 10.1.1.1

/ Linux SSH

NA 9000

2.62 OpenSSH4.3

Banner NA Welcome

Web

a.test.com Apache

80

2.20

PHP

XXX

b.test.com Apache Tomcat

8080 5.0

JSP

--

-- GoogleBingBaidu

-- POC CVE CVE

Freebuf

POC

POC--POC

--

URL

CVE EXP

04 Matrix PART FOUR

Matrix-- Matrix

POC/

Matrix

Web UI

Matrix--

xxx.com

Web UI

IP

POC/

Matrix--

Asset

IP

web

1Web titlekeyword 2 IP 3IP Banner

IP

Matrix--Web UI

Thanks for Listening