1、gophish:一个开源的钓鱼框架
https://getgophish.com/
2、事件响应中的恶意软件分析
http://www.redblue.team/2016/02/a-soft-introduction-to-malware-analysis.html
3、frida 6.2发行:大量的性能改善,增加新的API
http://www.frida.re/news/2016/02/01/frida-6-2-released/
4、从McAfee的sitelist.xml配置文件里的账户信息到活动目录域权限
https://github.com/tfairane/HackStory/blob/master/McAfeePrivesc.md
5、注入代码到运行的linux进程
https://lkubuntu.wordpress.com/2016/01/31/injecting-code-into-running-process-with-linux-inject/
6、socat安全公告:可能的加密后门【硬编码的1024为DH参数没有素数】
http://www.openwall.com/lists/oss-security/2016/02/01/4
7、burpsuite插件:java反序列化扫描
https://github.com/federicodotta/Java-Deserialization-Scanner?
8、hackIM 2016 CTF writeup
http://www.kizhakkinan.com/?cat=22
9、卫星电话不可信:安全分析2个卫星电话标准
http://ieeexplore.ieee.org/stamp/stamp.jsp?reload=true&arnumber=6234409
10、排名top 20航空旅游站点yatra.com被重定向到恶意软件下载站点
http://blogs.forcepoint.com/security-labs/top-20-airline-travel-site-yatracom-victim-malvertizing-attack-redirects-users-angler
发表评论
您还未登录,请先登录。
登录