作者:小妖694_807 | 来源:互联网 | 2023-07-13 20:48
1.攻击HTTP/2实现https://yahoo-security.tumblr.com/post/134549767190/attacking-http2-implementations2.RPI
![t012dfaf746e4fefbe3.jpg http://p5.qhimg.com/t012dfaf746e4fefbe3.jpg](https://img8.php1.cn/3cdc5/1585b/b64/a66e581e021d52ac.jpeg)
1.攻击HTTP/2实现
https://yahoo-security.tumblr.com/post/134549767190/attacking-http2-implementations
2.RPISEC的恶意软件分析学习教程
https://github.com/RPISEC/Malware
3.CVE-2015-5677 – FreeBSD bsnmpd信息泄露
https://pierrekim.github.io/blog/2016-01-15-cve-2015-5677-freebsd-bsnmpd.html
4.Roaming通过OpenSSH客户端: CVE-2016-0777 and CVE-2016-0778,其中CVE-2016-0777可通过 构造ssh恶意服务器,有可能泄漏客户端的内存私钥
https://www.qualys.com/2016/01/14/cve-2016-0777-cve-2016-0778/openssh-cve-2016-0777-cve-2016-0778.txt
5.分析恶意文件的cheatsheet
https://zeltser.com/media/docs/analyzing-malicious-document-files.pdf
6.通过一些字节从SMM到用户空间层
https://scumjr.github.io/2016/01/10/from-smm-to-userland-in-a-few-bytes/
7.短URL连接和恶意欺诈软件
https://blog.malwarebytes.org/security-threat/2016/01/when-url-shorteners-and-ransomware-collide/
8.密码hash比较
https://www.cs.auckland.ac.nz/~pgut001/pubs/phc.pdf
9.安全工具聚焦:使用rem-vbswork到移除自动运行的蠕虫
http://www.bleepingcomputer.com/review/security/security-tool-spotlight-use-rem-vbsworm-to-remove-autorun-worms/
10.cisco部分无线接入点产品包含硬编码的密码
http://securityaffairs.co/wordpress/43597/security/cisco-wireless-points-hardcoded-pwd.html
11.丝绸之路和暗网梦已死
http://www.wired.com/2016/01/the-silk-roads-dark-web-dream-is-dead/