Tencent Security Xuanwu Lab Daily News
• [PDF] https://arxiv.org/pdf/2112.09604.pdf:
https://arxiv.org/pdf/2112.09604.pdf
・ Subverting Stateful Firewalls with Protocol States
– Jett
• Anti-Debug: Debug Flags:
https://anti-debug.checkpoint.com/techniques/debug-flags.html
・ Windows 调试环境检测可用的 Flags
– Jett
• Browser-Pwning-/README.md at main · SpiralBL0CK/Browser-Pwning- · GitHub:
https://github.com/SpiralBL0CK/Browser-Pwning-/blob/main/README.md
・ Chrome Pwning & V8 Pwning 入手
– Jett
• Hopper Disassembler – Geek Freak:
https://dhiyaneshgeek.github.io/mobile/security/2021/12/25/hopper-disassembler/
・ 利用 Hopper 分析 SecureStoreV2 App 的越狱环境检测
– Jett
• 0xbb:
https://bierbaumer.net/security/php-lfi-with-nginx-assistance/
・ Nginx 环境中 PHP LFI 漏洞的利用
– Jett
• Documentation – Arm Developer:
https://developer.arm.com/documentation/ddi0606/latest
・ ARM架构参考手册补充版 – Morello for A-profile Architecture.
– lanying37
• [Tools] GitHub – horsicq/Nauz-File-Detector: Linker/Compiler/Tool detector for Windows, Linux and MacOS.:
https://github.com/horsicq/Nauz-File-Detector
・ Nauz File Detector – 编译环境检测工具
– Jett
• [Tools] Features:
https://github.com/Cracked5pider/KaynLdr
・ KaynLdr – Reflective Loader written in C / ASM
– Jett
• [PDF] https://www.usenix.org/system/files/sec21-zhang-zheng.pdf:
https://www.usenix.org/system/files/sec21-zhang-zheng.pdf
・ Android 内核补丁生态系统的研究 Paper
– Jett
• ART 在 Android 安全攻防中的应用:
https://evilpan.com/2021/12/26/art-internal/
・ ART 在 Android 安全攻防中的应用
– Jett
• WELA/README-English.md at main · Yamato-Security/WELA · GitHub:
https://github.com/Yamato-Security/WELA/blob/main/README-English.md
・ WELA – Windows 日志分析工具,用于取证分析和安全事件响应
– Jett
* 查看或搜索历史推送内容请访问:
https://sec.today
* 新浪微博账号:腾讯玄武实验室
https://weibo.com/xuanwulab
原文始发于微信公众号(腾讯玄武实验室):每日安全动态推送(12-27)
