1.2017年最嚴重的安全威脅 by xiaohui
PT姿勢:
1.What is LLMNR & WPAD and How to Abuse Them During Pentest ? by Mucahit Karadag
2.持久化XSS:被ServiceWorkers 支配的恐懼 by 長短短
3.Data Exfiltration (Tunneling) Attacks against Corporate Network by Mehmet Ince
4.Protecting Windows Networks – Kerberos Attacks by dfirblog
5.關於Docker的幾點安全解析 by Change
漏洞/逆向分析:
1.Safari Reader UXSS by Erling Ellingsen
2.Reverse Engineering: Cracking Sublime Text 3 by Fernando Domínguez
3.OWASP TOP 10: Security Misconfiguration #5 – CORS Vulnerability and Patch by Saurabh Banawar
4.Arbitrary Kernel Memory Reads on Illumos by Ben Murphy
惡意軟體分析:
1.Wingbird rootkit analysis by Artem
2.2016 Updates to Shifu Banking Trojan by Dominik Reichel
基礎概念教學:
1.安卓Hook函數的複雜參數如何給定? by AqCxBoM
工具:
1.[PHP] magento stealer byBENKOW_
2.Chromebackdoor - Backdoor C&C for Populars Browsers by James Bond
3.xsscrapy - XSS/SQLi Spider by Dan McInerney
4.android調試相關插件 by lichao890427
PT姿勢:
1.What is LLMNR & WPAD and How to Abuse Them During Pentest ? by Mucahit Karadag
2.持久化XSS:被ServiceWorkers 支配的恐懼 by 長短短
3.Data Exfiltration (Tunneling) Attacks against Corporate Network by Mehmet Ince
4.Protecting Windows Networks – Kerberos Attacks by dfirblog
5.關於Docker的幾點安全解析 by Change
漏洞/逆向分析:
1.Safari Reader UXSS by Erling Ellingsen
2.Reverse Engineering: Cracking Sublime Text 3 by Fernando Domínguez
3.OWASP TOP 10: Security Misconfiguration #5 – CORS Vulnerability and Patch by Saurabh Banawar
4.Arbitrary Kernel Memory Reads on Illumos by Ben Murphy
惡意軟體分析:
1.Wingbird rootkit analysis by Artem
2.2016 Updates to Shifu Banking Trojan by Dominik Reichel
基礎概念教學:
1.安卓Hook函數的複雜參數如何給定? by AqCxBoM
工具:
1.[PHP] magento stealer byBENKOW_
2.Chromebackdoor - Backdoor C&C for Populars Browsers by James Bond
3.xsscrapy - XSS/SQLi Spider by Dan McInerney
4.android調試相關插件 by lichao890427
