/sec_profile

爬取secwiki和xuanwu.github.io/sec.today,分析安全信息站点、安全趋势、提取安全工作者账号(twitter,weixin,github等)

Primary LanguageHTML

数据--所有

数据--年度

202003 信息源与信息类型占比

202003-信息源占比-secwiki

202003-信息源占比-xuanwu

202003-信息类型占比-xuanwu

202003-最喜欢语言占比

微信公众号 推荐

nickname_english weixin_no title url
安全学术圈 secquan EuroS&P 2020 论文录用列表 https://mp.weixin.qq.com/s/tIUS121s3JPOg7yC0j2rNQ
腾讯安全应急响应中心 tsrc_team 浅谈DDoS攻防对抗中的AI实践 https://mp.weixin.qq.com/s/5v38BBewMVXZbbN2oMYg0A
安全喷子 威胁狩猎101文档 https://mp.weixin.qq.com/s/0hOtnTz9QrKlLivAobjU7Q
安恒信息安全研究院 蓝牙安全之Class of device https://mp.weixin.qq.com/s/TIYvcThrfOC40rqcy-VGCg
腾讯御见威胁情报中心 腾讯安全威胁情报中心“明炉亮灶”工程:​自动化恶意域名检测揭秘 https://mp.weixin.qq.com/s/QV8ErKHow3b-AMp6HMzKQg
赵武的自留地 写在Goby新版发布前,讨论网络安全测试工具的发展 https://mp.weixin.qq.com/s/hW0A1jwq-pm4M-4LGUZIrA
PolarisLab PolarisLab Bypassing Crowdstrike Falcon 1:大力出奇迹 https://mp.weixin.qq.com/s/x0uGrnMXbzAAV9Q9bxR7SQ
安全乐观主义 SDL已死,应用安全路在何方? https://mp.weixin.qq.com/s/tYRiKiI7bjgyzQguMA1mrw
山丘安全攻防实验室 hillsec 一篇文章带你从XSS入门到进阶(附Fuzzing+BypassWAF+Payloads) https://mp.weixin.qq.com/s?__biz=Mzg3MjIyNjY3MA==&mid=2247484238&idx=1&sn=242812079337b1020abf5adffa7a5b23
PeckShield PeckShield 硬核:解密美国司法部起诉**OTC承兑商洗钱案件 https://mp.weixin.qq.com/s/wWrm3gwT72Pc8Nxw-1OiSw
七夜安全博客 qiye_safe 无文件执行:一切皆是shellcode (上) https://mp.weixin.qq.com/s/Bv0xebGKaJ2GGwntKGq2NQ
君哥的体历 jungedetili 终端安全运营年度笔记 https://mp.weixin.qq.com/s/cHYu7Ayni5mkjWpn6_XrwA
星阑科技 StarCrossCN PHP 开源白盒审计工具初探(上) https://mp.weixin.qq.com/s/gklKcFRR5erB2rdjr3BTUQ
水滴安全实验室 EversecLab 物联网漏洞挖掘及利用实践:mips栈溢出 https://mp.weixin.qq.com/s/psVle6RAcTqX8VY_d4ouKg
道法术 2020 IoT Threat Report (简单解读版) https://mp.weixin.qq.com/s/AqUyHGLzlmrBSKfk-IxW6g
PaperWeekly paperweekly 文本分类和序列标注“深度”实践 https://mp.weixin.qq.com/s/afO58DDDZGb5w_EEG8oW6Q
奇安信威胁情报中心 网空威胁情报(CTI)日益成熟:2020年SANSCTI调查结果解读 https://mp.weixin.qq.com/s/ERakfCjEjW_UfViz9KoxFQ
哈工大SCIR HIT_SCIR 赛尔笔记 机器阅读理解简述
工业菜园 gycy-2019 菜农观点 陆宝华:关于智慧城市安全的讨论
湛卢工作室 xuehao_studio DIY 树莓派搭载kali Linux
爱奇艺技术产品团队 iQIYI-TP 爱奇艺在日志实时数据监控的探索与实践 https://mp.weixin.qq.com/s/wal_BVdp8yunXXPFpUy-gw
云众可信 yunzhongkexin 原创干货 Java代码审计之跨站脚本攻击
银河安全实验室 Galaxy-Lab 尝试利用Cython将Python项目转化为单个.so https://mp.weixin.qq.com/s/YRKY7FgLFw-w4QIlrNd-FA
Ms08067安全实验室 Ms08067_com Mr.Robot靶机 - 机器人先生 https://mp.weixin.qq.com/s/-0EhntZSXvu4-xYQ89sPeQ
Tide安全团队 TideSec 远控免杀专题(30)-Python加载shellcode免杀-8种方式(VT免杀率10-69) https://mp.weixin.qq.com/s/HyBSqrF_kl2ARaCYAMefgA
heysec bloodzer007 完成一次渗透测试项目 https://mp.weixin.qq.com/s/39wB8zLvda13p-sJytRa5w
安天 Antiylab 安天对“超高能力网空威胁行为体”系列分析回顾 https://mp.weixin.qq.com/s/N0LxStDpc6GyzpyszYnguQ
小议安全 xiaoyianquan 零信任架构远程办公实战 https://mp.weixin.qq.com/s/Kgm0wuPeQHX7fJoUondz4Q
永安在线反欺诈 YongAnOnline 业务安全蓝军测评标准白皮书 https://mp.weixin.qq.com/s/23fcilR_XhrGLWSaKv21zA
青衣十三楼飞花堂 burp pro 2020.2 https://mp.weixin.qq.com/s/WXdEvc0p04KjyOlmb4qtRg
SecWiki SecWiki 2020 Google夏日编程之安全项目列表 https://mp.weixin.qq.com/s/Gf937RjTpA0QsT2DJFQRqQ
大潘点点 dapandiandian 网安产业结构和动力分析——从合规型向能力型 https://mp.weixin.qq.com/s/V6P-6X_fnw_kvHWMxtqwLg
物联网IOT安全 IOTsafety Cobalt Strike|从入门到入狱 https://mp.weixin.qq.com/s/WAqgHn0DrXerEeow131w4Q

组织github账号 推荐

github_id title url org_url org_profile org_geo org_repositories org_people org_projects repo_lang repo_star repo_forks

私人github账号 推荐

github_id title url p_url p_profile p_loc p_company p_repositories p_projects p_stars p_followers p_following repo_lang repo_star repo_forks
lirantal Awesome Node.js Security resources https://github.com/lirantal/awesome-nodejs-security#static-code-analysis https://github.com/snyksec 🥑 Developer Advocate @snyksec @nodejs Security WG @jsheroes ambassador Author of Essential Node.js Security #opensource #web ❤ Tel Aviv, Israel @snyk 240 0 695 621
unamer 之前被用于 WizardOpium APT 攻击行动的 CVE-2019-1458 Windows LPE 漏洞的 Exploit https://github.com/unamer/CVE-2019-1458 http://127.0.0.1/phpMyAdmin <script>alert(Hello world)</script> C:\Windows\ None 39 0 35 499 4 Python,C,C++ 748 359
moonbingbing OpenResty 最佳实践 https://github.com/moonbingbing/openresty-best-practices None None 360 30 0 49 465 5 Python,Lua,C,Perl 2900 724
alphaSeclab DBI(Dynamic Binary Instrumentation:动态二进制插桩)逆向有关的资源收集 https://github.com/alphaSeclab/DBI-Stuff None None None 17 0 38 288 0 1600 264
ChanChiChoi 人脸识别相关的 Papers 收集 - Awesome Face Recognition https://github.com/ChanChiChoi/awesome-Face_Recognition http://www.cnblogs.com/shouhuxianjian/ China None 21 0 184 110 51 Python,Jupyter 1800 495
zsdlove Hades - 静态代码脆弱性检测系统 https://github.com/zsdlove/Hades None None None 126 0 193 62 16 Python,Java,Smali 163 41
mike-goodwin owasp-threat-dragon-desktop: 威胁建模工具 https://github.com/mike-goodwin/owasp-threat-dragon-desktop https://github.com/OWASP UK @OWASP 24 0 1 54 1 Shell,JavaScript,HTML,CSS 398 88
CTF-MissFeng bayonet: SRC资产管理系统 https://github.com/CTF-MissFeng/bayonet None None None 3 0 57 46 0 Python 443 87
ATpiu asset-scan: 甲方企业的外网资产周期性扫描监控系统 https://github.com/ATpiu/asset-scan None Penetration Test/Gopher/App Sec/ICS Sec None None 100 0 287 28 99 Go,Python 28 5
ody5sey Voyager: 安全工具集合平台 https://github.com/ody5sey/Voyager None None None 3 0 1 21 0 Python,HTML 147 61
GuoKerS 基于协程的CVE-2020-0796快速检测脚本 https://github.com/GuoKerS/aioScan_CVE-2020-0796 https://o0o0.club 好好学习,天天向上。 Guang Xi None 43 0 281 15 41 Python,C#,HTML,PowerShell 10 5
renzu0 nw-tips: Win内网_域控安全 https://github.com/renzu0/nw-tips None None None 31 0 2 12 2 Python,TypeScript 3 2
threat-hunting Awesome Threat Detection and Hunting library https://github.com/threat-hunting/awesome_Threat-Hunting None Sweden None 42 0 5 11 16 JavaScript,Java 96 20
aforensics HiddenVM — Use any desktop OS without leaving a trace. https://github.com/aforensics/HiddenVM None None None 1 0 0 9 0 Shell 836 31
Equationliu ImageNet 图像分类对抗攻击 No.3 solution https://github.com/Equationliu/Attack-ImageNet None None None 9 0 19 4 1 Python 2 1
LennyLeng SOC_Sankey_Generator: 从SOC日志中进行数据ETL与数据可视化的工具 https://github.com/LennyLeng/SOC_Sankey_Generator None None None None 0 0 0 0 0 None 0 0
google FuzzBench - Fuzzer benchmarking as a service https://github.com/google/FuzzBench None None None None 0 0 0 0 0 C,Shell,Java,Python,Kotlin,JavaScript,C++,TypeScript,HTML,Go,Rust 0 0
hardenedlinux srcinv: source code audit tool 代码审计工具 https://github.com/hardenedlinux/srcinv None None None None 0 0 0 0 0 HTML,C,Shell,Assembly,Roff,C++,Nix,Zeek,Go 243 56
microsoft Memory Tagging 技术的安全性分析,来自 MSRC https://github.com/microsoft/MSRC-Security-Research/blob/master/papers/2020/Security%20analysis%20of%20memory%20tagging.pdf None None None None 0 0 0 0 0 C,TypeScript,Jupyter,C#,JavaScript,C++,Python,Go,CMake,Swift 0 0
nowsecure NowSecure 开源的基于 Frida 的 API Trace 工具 https://github.com/nowsecure/frida-trace None None None None 0 0 0 0 0 C,TypeScript,Java,Python,JavaScript,Smarty,Dockerfile,CSS 541 112
pyppeteer pyppeteer2 - 用于控制 Headless Chrome 的 puppeteer 的 Python 移植版 https://github.com/pyppeteer/pyppeteer2 None None None None 0 0 0 0 0 Python 0 0

medium_xuanwu 推荐

title url
滥用 hostPath 挂载逃逸 Kubernetes Namespace http://medium.com/m/global-identity?redirectUrl=https%3A%2F%2Fblog.appsecco.com%2Fkubernetes-namespace-breakout-using-insecure-host-path-volume-part-1-b382f2a6e216
Avast 安全浏览器可以被滥用 NTFS Hardlink 特性实现本地提权 http://medium.com/m/global-identity?redirectUrl=https%3A%2F%2Fsidechannel.tempestsi.com%2Fvulnerability-in-avast-secure-browser-enables-escalation-of-privileges-on-windows-eb770d196c45%3F
php博客平台Typecho代码执行漏洞详细分析 http://medium.com/@knownsec404team/analysis-of-typecho-front-end-getshell-vulnerability-4c1ce43eaeaa

medium_secwiki 推荐

title url

zhihu_xuanwu 推荐

title url

zhihu_secwiki 推荐

title url
谈谈蜜罐(调研)与内网安全 https://zhuanlan.zhihu.com/p/110886405

日更新程序

python update_daily.py