Skip to content

Latest commit

 

History

History
119 lines (96 loc) · 9.3 KB

tech_info_20230322.md

File metadata and controls

119 lines (96 loc) · 9.3 KB
Raw

互联网安全 推荐

ts title url

玄武实验室 推荐

ts title url
20230322 Jenkins 这些版本包含对以下插件的安全漏洞修复:JaCoCo 插件 3.3.2.1、OctoPerf 负载测试插件 4.5.1,4.5.2 和 4.5.3、管道聚合器视图插件 1.1 http://seclists.org/oss-sec/2023/q1/184
20230322 Rapid7 观察到在多个客户环境中利用 Adob​​e ColdFusion https://www.rapid7.com/blog/post/2023/03/21/etr-rapid7-observed-exploitation-of-adobe-coldfusion/
20230322 Pwn2Own 温哥华 2023 - 完整时间表 http://www.thezdi.com/blog/2023/3/21/pwn2own-vancouver-schedule-2023
20230322 MSI 安装程序本地权限提升 http://blog.doyensec.com//2023/03/21/windows-installer.html
20230322 Netgear Orbi Satellite RBS750,远程代码执行漏洞 TAOS-2022-1595 (CVE-2022-36429) https://blog.talosintelligence.com/vulnerability-spotlight-netgear-orbi-router-vulnerable-to-arbitrary-command-execution/
20230322 APKHunt 是一款基于 OWASP MASVS 框架的 Android 应用综合静态代码分析工具。可供移动应用程序开发人员和安全测试人员使用,以确保测试结果的完整性和一致性 http://securityonline.info/apkhunt-comprehensive-static-code-analysis-tool-for-android-apps/
20230322 Hayabusa 是由日本大和安全集团创建的 Windows 事件日志快速取证时间线生成器和威胁搜寻工具。它是用 Rust 编写的,支持多线程以尽可能快。输出将合并到单个 CSV 时间线中,以便在 Excel、Timeline Explorer、Elastic Stack 等中轻松分析 https://blog.ecapuano.com/p/find-threats-in-event-logs-with-hayabusa
20230322 一种深入混淆 PowerShell 负载的各个组件的方法,无论您是在 Windows 还是 Kali Linux 上 https://www.kitploit.com/2023/03/invoke-psobfuscation-in-depth-approach.html
20230322 Google Pixel 标记工具中的 Acropalypse 缺陷允许部分恢复编辑或编辑的屏幕截图和图像。 https://securityaffairs.com/143748/hacking/google-pixel-acropalypse-flaw.html
20230322 Snappy库中的 file_exists()函数存在反序列化漏洞,评分9.8 https://sec.today/pulses/cfcb5c9c-9fb8-49b5-b12e-b214d442e453/
20230322 Snappy库中的 file_exists()函数存在反序列化漏洞,评分9.8 http://securityonline.info/cve-2023-28115-rce-vulnerability-affects-the-popular-php-library-snappy/

安全维基 推荐

ts title url
20230322 FastJson 与原生反序列化 https://paper.seebug.org/2055/
20230322 jar-analyzer 一个用于分析Jar包的GUI工具 https://github.com/4ra1n/jar-analyzer
20230322 结合图学习和自动数据收集的代码漏洞检测模型 https://mp.weixin.qq.com/s/lCkG4_wyhTpX1qDgF9_Flg
20230322 Python沙箱逃逸学习记录 https://xz.aliyun.com/t/12303
20230322 探究公众号接口漏洞:从后台登录口到旁站getshell https://xz.aliyun.com/t/12321
20230322 Node.js些许漏洞 https://xz.aliyun.com/t/12328
20230322 2021广东省数字政府网络安全指数评估报告 http://zfsg.gd.gov.cn/zwgk/wjk/content/post_3829200.html

CVE Github 推荐

ts cve_id title url cve_detail
20230322T21:29:16Z CVE-2022-24716 Arbitrary File Disclosure Vulnerability in Icinga Web 2 <2.8.6, <2.9.6, <2.10 https://github.com/JacobEbben/CVE-2022-24716
20230322T21:26:20Z CVE-2022-44268 Null https://github.com/betillogalvanfbc/POC-CVE-2022-44268
20230322T20:11:03Z CVE-2022-41082 https & http https://github.com/notareaperbutDR34P3r/vuln-CVE-2022-41082
20230322T12:42:40Z cve-2023-23397 Python script for sending e-mails with CVE-2023-23397 payload using SMTP https://github.com/BronzeBee/cve-2023-23397
20230322T09:20:27Z CVE-2022-1015 Null https://github.com/pivik271/CVE-2022-1015
20230322T04:37:01Z CVE-2022-24715 Authenticated Remote Code Execution in Icinga Web 2 <2.8.6, <2.9.6, <2.10 https://github.com/JacobEbben/CVE-2022-24715
20230322T04:27:35Z cve-2022-42475 Null https://github.com/Mustafa1986/cve-2022-42475-Fortinet
20230322T04:24:48Z CVE-2023-28343 Altenergy Power System Control Software set_timezone RCE Vulnerability (CVE-2023-28343) https://github.com/gobysec/CVE-2023-28343

klee on Github 推荐

ts title url stars forks
20230322T16:51:58Z Minecraft Mod. Allows breaking only one half of a double slab block. https://github.com/TwelveIterationMods/KleeSlabs 14 7
20230322T13:11:13Z Config files for my GitHub profile. https://github.com/kleeblattdev/kleeblattdev 0 0

s2e on Github 推荐

ts title url stars forks
20230322T09:27:35Z Null https://github.com/turbocanary/turbotest_rmukat1d_s2e36nfa 0 0
20230322T09:24:58Z Null https://github.com/Graham-Broughton/S2E7 0 0
20230322T09:24:47Z Null https://github.com/Graham-Broughton/S2E6 0 0
20230322T09:24:20Z Null https://github.com/Graham-Broughton/S2E8 0 0

exploit on Github 推荐

ts title url stars forks
20230322T23:50:58Z Null https://github.com/codingcore12/SILENT-DOC-EXPLOIT-CLEAN-08 1 0
20230322T23:50:13Z Null https://github.com/codingcore12/SILENT-EXCEL-XLS-EXPLOIT-CLEAN-08 1 0
20230322T23:49:25Z Null https://github.com/codingcore12/SILENT-PDF-EXPLOIT-CLEAN-08 1 0
20230322T22:29:12Z Scepter is a free script hub which aims to be well documented for the learning exploiter. https://github.com/cyr0zn/Specter 0 0
20230322T21:57:42Z Fix exploits on anarchy Minecraft servers https://github.com/moom0o/AnarchyExploitFixes 207 41
20230322T21:52:55Z Null https://github.com/RBX-EXPLOITS/RBX-EXPLOITS.github.io 0 0
20230322T21:23:59Z unblocked apps and games https://github.com/RedNotSus/exploits 5 7
20230322T20:45:29Z This is a collection of simple applications that exploit different Machine Learning libraries https://github.com/LucaSoriani1/MachineLearning 0 0
20230322T13:37:35Z vulnerability scanner for wordpress https://github.com/crypticq/WP-killer 1 0
20230322T12:40:44Z save cves from exploit-db https://github.com/crypticq/Exploit-db 0 0

backdoor on Github 推荐

ts title url stars forks
20230322T18:34:18Z haha bukkit, spigot and discord api go brrrrr https://github.com/Codeman04TheFreaking2nd/Wardenware-Backdoor 0 0
20230322T16:47:42Z Null https://github.com/otaviootavio/backdoor-list 0 0
20230322T08:01:22Z Full source code release https://github.com/ChimesOfDestruction/SRC-njRAT-0.7d-Platinum-Edition 5 2
20230322T06:12:31Z A curated list of trustworthy deep learning papers. Daily updating... https://github.com/MinghuiChen43/awesome-trustworthy-deep-learning 122 14
20230322T02:49:54Z Php Command Backdoor https://github.com/rizkytegar/php-command-backdoor 0 0
20230322T00:02:12Z Null https://github.com/LuPang-Coder/BackdoorCleansing 0 0

symbolic execution on Github 推荐

ts title url stars forks
20230322T12:46:24Z Use angr in Ghidra https://github.com/Nalen98/AngryGhidra 421 36
20230322T01:08:28Z Quiver-Based Symbolic Execution https://github.com/LostBitset/quiver_se 3 0

big4 on Github 推荐

ts title url stars forks
20230322T23:46:29Z DroneSecurity (NDSS 2023) https://github.com/RUB-SysSec/DroneSecurity 561 91
20230322T11:57:07Z Mimicking EqualNet https://www.ndss-symposium.org/wp-content/uploads/2022-154-paper.pdf https://github.com/Abduarraheem/Mimic-EqualNet 1 0

fuzz on Github 推荐

ts title url stars forks
20230322T23:31:09Z Advanced Fuzzing Library - Slot your Fuzzer together in Rust! Scales across cores and machines. For Windows, Android, MacOS, Linux, no_std, ... https://github.com/AFLplusplus/LibAFL 1323 183
20230322T23:08:02Z AI based fuzzer based on imitation learning https://github.com/eth-sri/ilf 113 31
20230322T23:02:39Z Null https://github.com/SClovesgtx/FuzzCy 0 0
20230322T21:58:37Z Null https://github.com/algeria-source/fuzzy-robot 0 0
20230322T20:34:10Z This application fetches the country data and filters countries based on regions(continents) and also implements fuzz search based on the name of the country and the capital of the country https://github.com/Kavery-pm/CountryFilter 0 0
20230322T19:29:34Z About fuzzy logic using the Maxwell%s pendulum https://github.com/Kristal1ik/FuzzyContApp 0 0
20230322T16:49:21Z Implementation of 2 articles in MATLAB related to fuzzy systems https://github.com/Pedram-G/Fuzzy-systems-projects 0 0
20230322T13:41:36Z OSS-Fuzz - continuous fuzzing for open source software. https://github.com/google/oss-fuzz 8495 1854
20230322T12:51:39Z Null https://github.com/REytchison/fuzz-mtg-23 0 0
20230322T12:44:26Z Blazing fast fuzzy text search for Python. https://github.com/x-tabdeveloping/fuzz-lightyear 0 0

日更新程序