首页
论坛
专栏
课程

分享:
Pwn2Own黑客大赛对浏览器漏洞的研究起了很大的推动作用,越来越多的分析人员开始加入到Internet Explorer、Microsoft Edge、Google Chrome、Firefox和Safari的利用研究中,当然,黑灰产也算是另一个推动力,最常见的就是借助这些漏洞来进行网页挂马。下面我们就给出一些这方面的学习资料: **0 浏览器安全白皮书** [X41 Browser Security White Paper](https://github.com/x41sec/browser-security-whitepaper-2017) [Cure53 Browser Security White Paper](https://github.com/cure53/browser-sec-whitepaper) **1 安全会议ppt和paper** [The Origin Of Array Symbol Species Slides](https://www.blackhat.com/docs/us-17/thursday/us-17-Silvanovich-The-Origin-Of-Array-Symbol-Species.pdf) [Shell On Earth From Browser To System Compromise Slides](https://www.blackhat.com/docs/us-16/materials/us-16-Molinyawe-Shell-On-Earth-From-Browser-To-System-Compromise.pdf) [Shell On Earth From Browser To System Compromise White Paper](https://www.blackhat.com/docs/us-16/materials/us-16-Molinyawe-Shell-On-Earth-From-Browser-To-System-Compromise-wp.pdf) [Understanding The Attack Surface And Attack Resilience Of Project Spartans New EdgeHTML Rendering Engine Slides](https://www.blackhat.com/docs/us-15/materials/us-15-Yason-Understanding-The-Attack-Surface-And-Attack-Resilience-Of-Project-Spartans-New-EdgeHTML-Rendering-Engine.pdf) [Understanding The Attack Surface And Attack Resilience Of Project Spartans New EdgeHTML Rendering Engine White Paper](https://www.blackhat.com/docs/us-15/materials/us-15-Yason-Understanding-The-Attack-Surface-And-Attack-Resilience-Of-Project-Spartans-New-EdgeHTML-Rendering-Engine-wp.pdf) [Thinking Outside The Sandbox Violating Trust Boundaries In Uncommon Ways Slides](https://www.blackhat.com/docs/us-14/materials/us-14-Gorenc-Thinking-Outside-The-Sandbox-Violating-Trust-Boundaries-In-Uncommon-Ways.pdf) [Thinking Outside The Sandbox Violating Trust Boundaries In Uncommon Ways White Paper](https://www.blackhat.com/docs/us-14/materials/us-14-Gorenc-Thinking-Outside-The-Sandbox-Violating-Trust-Boundaries-In-Uncommon-Ways-WP.pdf) [WebKit Everywhere Secure Or Not Slides](https://www.blackhat.com/docs/eu-14/materials/eu-14-Chen-WebKit-Everywhere-Secure-Or-Not.PDF) [WebKit Everywhere Secure Or Not White Paper](https://www.blackhat.com/docs/eu-14/materials/eu-14-Chen-WebKit-Everywhere-Secure-Or-Not-WP.pdf) [Digging for Sandbox Escapes Finding sandbox breakouts in Internet Explorer Slides](https://www.blackhat.com/docs/us-14/materials/us-14-Forshaw-Digging-For_IE11-Sandbox-Escapes.pdf) **2 Blog** [SkyLined, focus on browser security](http://blog.skylined.nl/)

上一篇 :
下一篇 :
讨论 (0)
沪ICP备16048531号-1
沪公网安备 31011502006611号