Tencent Security Xuanwu Lab Daily News
• Affinis – Subdomain Discovery Through RNN (Recurrent Neural Network):
https://phoenix-sec.io/2022/07/12/RNN-Subdomain-Discovery.html
・ Affinis – 基于 RNN 神经网络构建的子域名发现工具
– Jett
• The Long Tail of Log4Shell Exploitation – Horizon3.ai:
https://www.horizon3.ai/the-long-tail-of-log4shell-exploitation/
・ Log4Shell 漏洞的长尾影响
– Jett
• Remote Code Execution via Prototype Pollution in Blitz.js:
https://blog.sonarsource.com/blitzjs-prototype-pollution/
・ 利用 React 框架 Blitz.js 的 Prototype Pollution 攻击实现 RCE
– Jett
• Binary Ninja – Introducing Decompiler Explorer:
https://binary.ninja/2022/07/13/introducing-decompiler-explorer.html
・ Decompiler Explorer – 一款开源的反编译器比较工具,集成主流反编译器,方便对比反编译效果
– Jett
• CVE-2022-29885 – Apache Tomcat Cluster Service DoS:
https://voidzone.me/cve-2022-29885-apache-tomcat-cluster-service-dos/
・ Apache Tomcat Cluster Service Listener 拒绝服务漏洞分析(CVE-2022-29885)
– Jett
• Genesis – The Birth of a Windows Process (Part 1) – FourCore:
https://fourcore.io/blogs/how-a-windows-process-is-created-part-1
・ Windows 进程的创建过程
– Jett
• Uncovering a macOS App Sandbox escape vulnerability: A deep dive into CVE-2022-26706 – Microsoft Security Blog:
https://www.microsoft.com/security/blog/2022/07/13/uncovering-a-macos-app-sandbox-escape-vulnerability-a-deep-dive-into-cve-2022-26706/
・ 微软对他们发现的 macOS 沙箱逃逸(CVE-2022-26706)漏洞的分析
– Jett
• RedTeam Pentesting – Blog – Introducing Pretender – Your New Sidekick for Relaying Attacks:
https://blog.redteam-pentesting.de/2022/introducing-pretender/
・ pretender – 通过 DHCPv6 DNS、LLMNR、NetBIOS-NS 欺骗等手段实现中间人劫持的工具
– Jett
• Pocsuite3 入门教程:
https://paper.seebug.org/1931/
・ Pocsuite3 入门教程
– lanying37
• HyperDbg: Reinventing Hardware-Assisted Debugging:
https://arxiv.org/abs/2207.05676
・ HyperDbg – 实现一款基于硬件特性辅助的调试器
– Jett
* 查看或搜索历史推送内容请访问:
https://sec.today
* 新浪微博账号:腾讯玄武实验室
https://weibo.com/xuanwulab
原文始发于微信公众号(腾讯玄武实验室):每日安全动态推送(07-14)