每日安全动态推送(04-25)

Tencent Security Xuanwu Lab Daily News

• Compile (Linux only):
https://github.com/borzacchiello/naaz

   ・ 基于 Ghidra PCode 的符号执行引擎 – Jett

• The More You Know, The More You Know You Don’t Know——回顾 2021 年在野利用的 0day 漏洞:
https://paper.seebug.org/1886/

   ・ The More You Know, The More You Know You Don’t Know——回顾 2021 年在野利用的 0day 漏洞分析报告. – lanying37

• 内网渗透 — NTLM 反射分析及土豆家族:
https://tttang.com/archive/1560/

   ・ 内网渗透 — NTLM 反射分析及土豆家族 – lanying37

• [Fuzzing] [PDF] https://www.ndss-symposium.org/wp-content/uploads/fuzzing2022_23001_paper.pdf:
https://www.ndss-symposium.org/wp-content/uploads/fuzzing2022_23001_paper.pdf

   ・ DATAFlow – Data Flow Guided Fuzzer – Jett

• magic-trace:
https://github.com/janestreet/magic-trace

   ・ magic-trace – 基于 Intel PT 的进程 Trace 工具 – Jett

• OffensiveCon22 – Mark Dowd- Keynote -How Do You Actually Find Bugs?:
https://www.youtube.com/watch?v=7Ysy6iA2sqA&list=PLYvhPWR_XYJnPvrhXE4RYvwZhV26nYTIp

   ・ OffensiveCon22 会议的视频公开了 – Jett

• revng/revng:
https://github.com/revng/revng

   ・ revng – 将 ELF 二进制文件翻译成 LLVM IR 的工具 – Jett

• README.md:
https://github.com/sourque/louis

   ・ 基于 eBPF 技术实现的 Linux EDR – Jett

• No Hardware, No Problem: Emulation and Exploitation:
https://blog.grimm-co.com/2022/04/no-hardware-no-problem-emulation-and.html

   ・ 利用 QEMU 模拟 Netgear R7000 路由器 UPnP Daemon 程序，辅助漏洞挖掘 – Jett

• Extracting WhatsApp messages from an iOS backup:
https://yasoob.me/posts/extracting-whatsapp-messages-from-ios-backup/

   ・ 从 iOS Backup 中提取 WhatsApp 的消息 – Jett

* 查看或搜索历史推送内容请访问：
https://sec.today

* 新浪微博账号：腾讯玄武实验室
https://weibo.com/xuanwulab

原文始发于微信公众号（腾讯玄武实验室）：每日安全动态推送(04-25)