二进制情报推送记录

[1] r3kapig HITCON CTF 2019 Writeup https://r3kapig.com/writeup/20191018-hitcon-quals/

[2] Analyzing Linux kernel crash dumps with crash https://www.dedoimedo.com/computers/crash-analyze.html

[3] gdb 分析崩溃文件 http://www.brendangregg.com/blog/2016-08-09/gdb-example-ncurses.html

[4] IDA静态分析的一系列手册和环境，该网站有丰富的课程学习 https://www.enisa.europa.eu/topics/trainings-for-cybersecurity-specialists/online-training-material/technical-operational#identification_handling https://www.enisa.europa.eu/topics/trainings-for-cybersecurity-specialists/online-training-material/documents/static-analysis-of-artefacts-toolset.pdf https://www.enisa.europa.eu/topics/trainings-for-cybersecurity-specialists/online-training-material/documents/static-analysis-of-artefacts-handbook.pdf

[6] 研究员 Brandon Falk 开源了一个用于 Fuzz calc.exe 计算器程序的工具 https://github.com/gamozolabs/guifuzz

2019/10/21-二进制情报推送

[1] OSDFCon19会议关于 Linux 操作系统取证分析的议题 ——Slide https://github.com/ashemery/LinuxForensics

[2] QEMU 虚拟机逃逸相关的漏洞资料整理 https://github.com/ray-cp/vm-escape

[3] Sans关于信息安全各个方向的paper，部分提供免费下载 https://www.sans.org/reading-room

[4] LibreOffice 在文件转换时产生的漏洞分析 https://buer.haus/2019/10/18/a-tale-of-exploitation-in-spreadsheet-file-conversions/

[5] CVE-2019-2215：Android 提权漏洞分析，附提权poc https://hernan.de/blog/2019/10/15/tailoring-cve-2019-2215-to-achieve-root/

[6] ByePg：对异常挂钩对抗PatchGuard以及原理分析 https://blog.can.ac/2019/10/19/byepg-defeating-patchguard-using-exception-hooking/

2019/10/22-二进制情报推送

[1] CppCon 2019议题分享：当代的C++逆向工程——Youtube https://www.youtube.com/watch?v=ZJpvdl_VpSM

[2] DEFCON 27 历史议题下载 https://media.defcon.org/DEF%20CON%2027/DEF%20CON%2027%20presentations/

[3] Python Security - 记录 Python 历史漏洞及补丁版本信息的 Repo https://github.com/vstinner/python-security

[4] Git 内部是如何存储数据的以及如何实现的 Git 历史的 Rewriting https://blog.isquaredsoftware.com/presentations/2019-03-git-internals-rewrite/#/0

[5] DEFCON历史议题下载 https://media.defcon.org/

2019/10/23-二进制情报推送

[1] RUBY 2.X UNIVERSAL RCE DESERIALIZATION GADGET CHAIN https://www.elttam.com.au/blog/ruby-deserialization/

[2] qemu-pwn-基础知识 https://ray-cp.github.io/archivers/qemu-pwn-basic-knowledge

[3] vm-escape case搜集： https://github.com/ray-cp/vm-escape/tree/master/qemu-escape

[4] 有人公开了一个 NTFS MFT parsing 的整数溢出 0Day，可以触发蓝屏 https://exatrack.com/public/vuln_NTFS_EN.pdf

[5] BROP技术研究 https://mp.weixin.qq.com/s/Old4dKS2aDp1TETTn0WzoQ