1.AVG自动安装"Web TuneUP"chrome扩展,被爆光多个漏洞,包括XSS,历史信息泄露等
https://code.google.com/p/google-security-research/issues/detail?id=675
2.Black Hat USA 2015会议视频
https://www.youtube.com/playlist?list=PLH15HpR5qRsXF78lrpWP2JKpPJs_AFnD7
3.预览即将到来的libModSecurity
https://www.trustwave.com/Resources/SpiderLabs-Blog/An-Overview-of-the-Upcoming-libModSecurity/
4.FLARE脚本系列:自动混淆字符串decoding
https://www.fireeye.com/blog/threat-research/2015/12/flare_script_series.html
5.powerhsell empire自动安装
http://www.room362.com/2015/12/automating-powershell-empire-install.html
6.DLL劫持攻击未死
http://textslashplain.com/2015/12/18/dll-hijacking-just-wont-die/
7.恶意软件分析资源
https://github.com/rshipp/awesome-malware-analysis/blob/master/README.md
8.32C3会议部分视频
https://media.ccc.de/b/congress/2015
9.物理访问==Pwn3d!
https://blog.rootshell.be/2015/12/28/phyisical-access-pwn3d/
10.libtiff: invalid write (CVE-2015-7554)
http://seclists.org/fulldisclosure/2015/Dec/119
11.你想建立一个卫星? 来自32c3会议的CubeSat 开发介绍。
https://media.ccc.de/v/32c3-7341-so_you_want_to_build_a_satellite#video
12.CVE-2015-6172 BadWinmail 被发现用于实际攻击
http://eromang.zataz.com/2015/12/28/cve-2015-6172-badwinmail-found-exploited-in-the-wild/
13.TOP5 最常用的burpsuite扩展
http://bughunting.guide/the-top-5-burp-suite-extensions/
14.windows驱动攻击层面分析,来自32c3的视频
https://media.ccc.de/v/32c3-7510-windows_drivers_attack_surface#video
15.在安全芯片中的硬件木马,来自32c3的视频
https://media.ccc.de/v/32c3-7146-hardware-trojaner_in_security-chips#video
发表评论
您还未登录,请先登录。
登录