[逆向]一次php加密扩展的破解之旅

http://blog.th3s3v3n.xyz/2017/12/12/web/Decrypt_php_VoiceStar_encryption_extension/

 

使用可信的在线服务作为C2服务

https://www.cyberis.co.uk/blog/attacking-big-business

 

[Web安全]所有的SSl/TLS证书都可信吗?

https://binaryfigments.com/2017/12/11/dont-trust-all-ssl-tls-certificates/

 

[恶意软件]对某爬虫勒索软件的分析——从一个带有宏的Word文件开始

(MD5: de7b31517d5963aefe70860d83ce83b9 [VirusTotal]
FileName: BAYER_CROPSCIENCE_OFFICE_BEOGRAD_93876.doc
FileType: MS Word Document)

http://www.sdkhere.com/2017/12/analysis-of-file-spider-ransomware.html

 

[教程]在Excel中进行代码注入/命令执行的方法

https://xorl.wordpress.com/2017/12/11/microsoft-excel-csv-code-execution-injection-method/

 

[教程]内存取证cheat sheet

https://digital-forensics.sans.org/blog/2017/12/11/updated-memory-forensics-cheat-sheet

https://digital-forensics.sans.org/media/memory-forensics-cheat-sheet.pdf

 

[Tools]搭建一个Windows域主机的Vagrant & Packer脚本

https://github.com/clong/DetectionLab

 

[Tools]子域名枚举/信息搜集工具

https://github.com/jonluca/Anubis

 

[Tools]Android Signature V2 Scheme签名下的新一代渠道包打包神器

(瓦力通过在Apk中的APK Signature Block区块添加自定义的渠道信息来生成渠道包,从而提高了渠道包生成效率,可以作为单机工具来使用,也可以部署在HTTP服务器上来实时处理渠道包Apk的升级网络请求。)

https://github.com/Meituan-Dianping/walle

 

[漏洞]Wordpress UserPro 4.9.17 Authentication Bypass
https://cxsecurity.com/issue/WLB-2017120066