2019年1月6日

【工具】新版IP 的ASN记录查询工具 :https://github.com/D4-project/IPASN-History

【文章】伪造字体进行钓鱼:https://www.proofpoint.com/us/threat-insight/post/phishing-template-uses-fake-fonts-decode-content-and-evade-detection

【资源】红队资源列表:https://github.com/aungthurhahein/Red-Team-Curation-List/blob/master/README.md

【工具】基于交互式多用户web的javascript shell:https://github.com/Den1al/JSShell/blob/master/README.md

【资源】awesome-web-hacking :https://github.com/latestalexey/awesome-web-hacking/blob/master/README.md

【exp】CVE-2018-3252 exp:https://github.com/pyn3rd/CVE-2018-3252/blob/master/README.md

【工具】打印机攻击工具包:https://github.com/BusesCanFly/PRETty

【工具】恶意软件信息共享平台:https://github.com/MISP/MISP/blob/2.4/README.md

【文章】url预览造成的信息泄露:https://www.bellingcat.com/resources/how-tos/2019/01/04/how-to-blow-your-online-cover-with-url-previews/

【文章】icmp隧道:https://medium.com/bugbountywriteup/ping-power-icmp-tunnel-31e2abb2aaea

【工具】zBang安全评估工具:https://github.com/cyberark/zBang/blob/master/README.md

【资源】渗透测试在线工具:https://www.amanhardikar.com/mindmaps/Practice.html

【资源】Awesome-Red-Teaming :https://github.com/yeyintminthuhtut/Awesome-Red-Teaming

【文章】利用radare2 Cutter进行逆向:https://www.jamieweb.net/blog/radare2-cutter-part-3-solving-a-crackme-challenge/

【工具】钓鱼的反向代理工具(支持2FA): https://github.com/drk1wi/Modlishka/blob/master/README.md

【文章】为什么Telegram不安全:https://gitlab.com/edu4rdshl/blog/blob/master/why-telegram-is-insecure.md https://pdfs.semanticscholar.org/93fe/3a5e70d64964e775ea77dcfaee218b8e62e1.pdf

【工具】dnSpy是一个.NET调试器:https://github.com/0xd4d/dnSpy

【资讯】NSA将发布免费跨平台逆向工具GHIDRA:https://www.zdnet.com/google-amp/article/nsa-to-release-a-free-reverse-engineering-tool/?__twitter_impression=true