Tencent Security Xuanwu Lab Daily News
• [Conference] #HITB2022SIN CommSec Track:
https://www.youtube.com/playlist?list=PLmv8T5-GONwRu8F1SgdBjP6XydFJipKoa
・ HITB2022SIN 安全会议的视频公开了
– Jett
• [Windows, Tools] README.md:
https://github.com/optiv/Freeze
・ Freeze – 利用进程挂起、直接 Syscall 调用等方法实现 Shellcode 隐蔽执行,逃逸 EDR 检测
– Jett
• The good, the bad and the ugly of Apple Passkeys:
https://www.slashid.dev/blog/passkeys-deepdive
・ Apple passkeys 实现机制研究
– Jett
• 2022 Plug-In Contest:
https://hex-rays.com/contests_details/contest2022/
・ IDA 2022 插件大赛的获奖名单
– Jett
• [Tools] GitHub – punk-security/dnsReaper: dnsReaper – subdomain takeover tool for attackers, bug bounty hunters and the blue team!:
https://github.com/punk-security/dnsReaper
・ dnsReaper – 基于多个不同的云 DNS 服务收集子域名信息
– Jett
• [Web] Diving Into Electron Web API Permissions:
https://blog.doyensec.com/2022/09/27/electron-api-default-permissions.html
・ Electron 基于 Chrome 管理 Web API 隐私权限的细节
– Jett
• [macOS] Jumping Over the Gate:
https://antman1p-30185.medium.com/jumping-over-the-gate-da555c075208
・ GateKeeper 实现机制以及在企业环境中的应用
– Jett
• [Android] A technical analysis of Pegasus for Android – Part 2 – CYBER GEEKS:
https://cybergeeks.tech/a-technical-analysis-of-pegasus-for-android-part-2/
・ NSO Pegasus Android 样本分析 Part 2
– Jett
• [Tools, Defend] The difference between signature-based and behavioural detections:
https://s3cur3th1ssh1t.github.io/Signature_vs_Behaviour/
・ 特征检测和行为检测两种威胁检测方案的比较
– Jett
• [Fuzzing, Virtualization] When Hypervisor Met Snapshot Fuzzing:
https://www.usmacd.com/2022/07/21/2022-07-21-When-Hypervisor-Met-Snapshot-Fuzzing/
・ 利用 Snapshot Fuzzing 技术 Fuzz VirtualBox
– Jett
* 查看或搜索历史推送内容请访问:
https://sec.today
* 新浪微博账号: 腾讯玄武实验室
https://weibo.com/xuanwulab
原文始发于微信公众号(腾讯玄武实验室):每日安全动态推送(09-28)
