Tencent Security Xuanwu Lab Daily News
• Pluto-Obfuscator:
https://github.com/bluesadi/Pluto-Obfuscator
・ Pluto-Obfuscator – 基于 LLVM 实现的代码混淆工具
– Jett
• 简介 – Static Program Analysis Book:
https://spa-book.pblo.gq/
・ 静态程序分析在线电子书
– Jett
• webOS Revisited – Even More Mistaken Identities:
https://blog.recurity-labs.com/2022-03-02/webOS_Pt2.html
・ Hacking LG webOS TV
– Jett
• UAC Bypass:
https://github.com/aaaddress1/PR0CESS/tree/main/UACBypassJF_RpcALPC
・ 不依赖 DLL 注入的 UAC Bypass,支持 Windows 11
– Jett
• [Fuzzing, Blockchain] Optimizing a smart contract fuzzer:
https://blog.trailofbits.com/2022/03/02/optimizing-a-smart-contract-fuzzer/
・ 智能合约 Fuzzer Echidna 的性能优化
– Jett
• [Fuzzing, Tools] README.md:
https://github.com/CodeIntelligenceTesting/jazzer
・ 基于 libFuzzer 实现的 JVM Fuzzer – Jazzer 一直在不断优化
– Jett
• [Tools] SpringBoot 漏洞利用及技巧:
https://github.com/LandGrey/SpringBootVulExploit
・ Spring Boot 相关漏洞学习资料,利用方法和技巧合集
– Jett
• security_analysis_mte/Security Analysis of MTE Through Examples.pdf:
https://github.com/saaramar/security_analysis_mte/blob/main/Security%20Analysis%20of%20MTE%20Through%20Examples.pdf
・ 刚刚举办的 Bluehat 会议关于 Intel MTE 的议题《Security Analysis of MTE Through Examples》
– Jett
* 查看或搜索历史推送内容请访问:
https://sec.today
* 新浪微博账号:腾讯玄武实验室
https://weibo.com/xuanwulab
原文始发于微信公众号(腾讯玄武实验室):每日安全动态推送(03-03)
