Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

窺探職場上所需之資安專業技術與能力 Tdohconf

2,352 views

Published on

TDOH CONF

  • Be the first to comment

窺探職場上所需之資安專業技術與能力 Tdohconf

  1. 1. Jack 1
  2. 2. ... • • • • • 2
  3. 3. Agenda • Whoami • • & • • • FAQ 3
  4. 4. 4
  5. 5. ( ) • TCP/IP • OWASP 5
  6. 6. -VA & WEBVA • OWASP • Vulnerability Assessment • ..... • 6
  7. 7. Exploit Development • http://securityalley.blogspot.tw/2014/06/buffer-overflow-windows.html ( EXPLOIT ) • https://www.corelan.be/index.php/category/security/exploit-writing-tutorials/ (CORELAN ) • http://expdev-kiuhnm.rhcloud.com/2015/05/11/contents/ ( EXPLOIT ) • https://github.com/enddo/awesome-windows-exploitation • https://github.com/riusksk/vul_war 7
  8. 8. 8
  9. 9. 9
  10. 10. - / • • 10
  11. 11. - • • • AD • • • 11
  12. 12. ( ) • WEBPT • IR • Coding • Certification 12
  13. 13. - • OWASP Testing Guide • Open Source Security Testing Methodology Manual (OSSTMM) • • 13
  14. 14. Web Application Hacker’s Methodology 14
  15. 15. SQLMAP • ..... • 1 • 2 code • 3 code 15
  16. 16. -1 • https://www.owasp.org/index.php/OWASP_Broken_Web_Applications_Project • http://drops.wooyun.org/( ....) • http://www.freebuf.com/ • https://www.91ri.org/ • https://support.portswigger.net/customer/portal/topics/792273-burp-testing- methodologies/articles?page=1 • https://kennel209.gitbooks.io/owasp-testing-guide-v4/content/en/ 16
  17. 17. 17
  18. 18. - • ERS? (WHAT) • ? (WHO) • ? (WHERE) 
 • ? (HOW) • 18
  19. 19. ATTACK LIFECYCLE ..... 19
  20. 20. - • 20
  21. 21. IR Toolkit • 21
  22. 22. - • • • • 22
  23. 23. • Hash ( ) • (.NET JAVA ) • Import ( • Strings • Tools Installed on REMnux • Reverse-Engineering Wiki 23
  24. 24. • F5 ( • • ( ?) 24
  25. 25. • .... • • —— 25
  26. 26. 26
  27. 27. • Anti VM • Anti OD • Anti Forensic • Anti XXX …… • • ANTI TECH github 27
  28. 28. • • 28
  29. 29. • http://bbs.pediy.com/ ( ) • http://www.52pojie.cn/forum.php ( ) • http://adr.horse/ ( ) • https://github.com/gasgas4/APT_CyberCriminal_Campagin ( ) • http://blog.malwaremustdie.org/ • http://www.malware-traffic-analysis.net/ 29
  30. 30. 30
  31. 31. Malware Source / Code • https://github.com/gasgas4/Leaked_Malware_SourceCode • https://github.com/ytisf/theZoo • https://github.com/krmaxwell/maltrieve 31
  32. 32. - • • • • • 32
  33. 33. • • • ?! • • 33
  34. 34. 34
  35. 35. 35
  36. 36. 36
  37. 37. IDA OD ... 37
  38. 38. Google Drive • OAuth 38
  39. 39. DropBox • token 39
  40. 40. 40
  41. 41. XX •A B •B C D E • ... 41
  42. 42. XXX • • • 42
  43. 43. 43
  44. 44. ( ! 44
  45. 45. • Office • 45
  46. 46. ... 46
  47. 47. • 47
  48. 48. ! ! ! 48
  49. 49. ! ! !
 49
  50. 50. 50
  51. 51. • https://github.com/hackedteam?tab=repositories ( HACKING TEAM) • https://www.blackhat.com/html/archives.html • https://www.defcon.org/html/links/dc-archives.html • https://github.com/RichardLitt/awesome-conferences • RSA , Zeronight , Hitcon , cansecwest , CONFidence , HITB , nullcon , recon , syscan ... 51
  52. 52. FAQ: CTF • • Bug Bounty • http://ppt.cc/7xaGu • https://bugcrowd.com/ programs • https://h1.sintheticlabs.com/ 52
  53. 53. FAQ Certification • 53
  54. 54. 54
  55. 55. 55
  56. 56. ... 56
  57. 57. & 57

×