每日安全动态推送(12-27)

Tencent Security Xuanwu Lab Daily News

• [PDF] https://arxiv.org/pdf/2112.09604.pdf:
https://arxiv.org/pdf/2112.09604.pdf

   ・ Subverting Stateful Firewalls with Protocol States – Jett

• Anti-Debug: Debug Flags:
https://anti-debug.checkpoint.com/techniques/debug-flags.html

   ・ Windows 调试环境检测可用的 Flags – Jett

• Browser-Pwning-/README.md at main · SpiralBL0CK/Browser-Pwning- · GitHub:
https://github.com/SpiralBL0CK/Browser-Pwning-/blob/main/README.md

   ・ Chrome Pwning & V8 Pwning 入手 – Jett

• Hopper Disassembler – Geek Freak:
https://dhiyaneshgeek.github.io/mobile/security/2021/12/25/hopper-disassembler/

   ・ 利用 Hopper 分析 SecureStoreV2 App 的越狱环境检测 – Jett

• 0xbb:
https://bierbaumer.net/security/php-lfi-with-nginx-assistance/

   ・ Nginx 环境中 PHP LFI 漏洞的利用 – Jett

• Documentation – Arm Developer:
https://developer.arm.com/documentation/ddi0606/latest

   ・ ARM架构参考手册补充版 – Morello for A-profile Architecture. – lanying37

• [Tools] GitHub – horsicq/Nauz-File-Detector: Linker/Compiler/Tool detector for Windows, Linux and MacOS.:
https://github.com/horsicq/Nauz-File-Detector

   ・ Nauz File Detector – 编译环境检测工具 – Jett

• [Tools] Features:
https://github.com/Cracked5pider/KaynLdr

   ・ KaynLdr – Reflective Loader written in C / ASM – Jett

• [PDF] https://www.usenix.org/system/files/sec21-zhang-zheng.pdf:
https://www.usenix.org/system/files/sec21-zhang-zheng.pdf

   ・ Android 内核补丁生态系统的研究 Paper – Jett

• ART 在 Android 安全攻防中的应用:
https://evilpan.com/2021/12/26/art-internal/

   ・ ART 在 Android 安全攻防中的应用 – Jett

• WELA/README-English.md at main · Yamato-Security/WELA · GitHub:
https://github.com/Yamato-Security/WELA/blob/main/README-English.md

   ・ WELA – Windows 日志分析工具，用于取证分析和安全事件响应 – Jett

* 查看或搜索历史推送内容请访问：
https://sec.today

* 新浪微博账号：腾讯玄武实验室
https://weibo.com/xuanwulab

原文始发于微信公众号（腾讯玄武实验室）：每日安全动态推送(12-27)