Secwiki weekly (No. 291)

Safety information

[news] Jiangsu cyber police released the Sixth Batch of typical cases of administrative law enforcement of cyber security https://mp.weixin.qq.com/s/zd-jjzlrawye4npjpgurwg

[news] Ministry of industry and information technology: strive to exceed 200 billion in the scale of network security industry by 2025 https://m.21jingji.com/article/20190927/herald/6cbc8365dcdf265b0da4893c233643fb.html

Safety technology

[programming technology] pshark: used wirdshark's Python packet parsing tool (tshark) https://www.freebuf.com/sectool/213642.html

[viewpoint] on safe operation https://zhanglan.zhihu.com/p/84591095

[other] NIST sp800-207: Zero trust architecture draft https://mp.weixin.qq.com/s/f0tes4qbhqyv14pfokfyuq

[programming technology] javaprobe: a Java application runtime information collection tool https://github.com/0kee-team/javaprobe? From = timeline & isappinstalled = 0

[viewpoint] one of ATT & CK essay series: right brain attack and left brain defense https://www.aqniu.com/tools-tech/56242.html

[magazine] sec wiki weekly (issue 290) https://www.sec-wiki.com/weekly/290

[programming technology] apt map of Russia https://mp.weixin.qq.com/s/kljx6pmpa-v8wh2lzk6djw

[web security] remember the penetration method of using 00 to bombard SMS https://thief.one/2019/09/27/1/

[point of view] tactical practice and strategic thinking of network warfare https://mp.weixin.qq.com/s/ncpstivkamj_ntzrydasag

[programming technology] the websocket protocol that developers must know is https://juejin.im/post/5d4cbc0cf265da038f47fa37

[malicious analysis] dynamic analysis of phpstudy backdoor https://nosec.org/home/detail/2990.html

[web security] Metinfo 6.2.0 regular matching is not rigorous, resulting in injection + getshell combo https://www.chabug.org/web/999.html

[web security] RDP log forensics and clearing https://paper.seebug.org/1043/

[web security] malicious domain name recognition system based on hin conduction classification https://mp.weixin.qq.com/s/h6x-bfr7aqtz9xywbx_usg

[malicious analysis] resumption of network war: analysis of Ukraine's secondary power failure https://www.freebuf.com/articles/system/214591.html

[forensics analysis] technologies related to attack detection and scenario restoration based on log analysis http://www.arkteam.net/? P = 4461

[vulnerability analysis] ThinkPHP deserialization utilization chain in-depth analysis https://blog.knownsec.com/2019/09/thinkphp-% E5% 8F% 8D% E5% Ba% 8F% E5% 88% 97% E5% 8C% 96% E5% 88% A9% E7% 94% A8% E9% 93% be% E6% B7% B1% E5% 85% a5% E5% 88% 86% E6% 9E% 90/

[web security] SDL initial practice - Security Development https://mp.weixin.qq.com/s/obef5r5xqnrv53dv2cm_sq

[malicious analysis] static malware analysis with ole tools and cyber chef https://newtonpaul.com/static-malware-analysis-with-ole-tools-and-cyber-chef/

[vulnerability analysis] details of lolbins: living off the land binarieshttp://blog.topsec.com.cn/lolbins% E8% AF% A6% E8% A7% A3/

[web security] talking about rasphttps://www.anquanke.com/post/id/187415

[malicious analysis] PowerShell advanced remote control analysis based on PowerShell https://www.anquanke.com/post/id/186953

[vulnerability analysis] Palo Alto global protect gateway device format string vulnerability analysis (cve-2019-1579) https://www.4hou.com/info/news/20264.html

Original address of this issue: secwiki weekly (issue 291)