1.像连线杂志报道的那样,黑掉电厂并不容易
https://blindseeker.com/blahg/?p=774
2.基于websocket的egress buster(就是尝试1-65535查看能出网的端口的技术)
http://www.shellntel.com/blog/2016/2/19/websocket-based-egress-buster
3.CVE-2016-2384:usb-midi linux内核驱动的double-free导致任意代码执行分析
https://xairy.github.io/blog/2016/cve-2016-2384
4.cve-2016-0034已被用于exploitpack
http://malware.dontneedcoffee.com/2016/02/cve-2016-0034.html
5.使用开放数据源降低误报
https://isc.sans.edu/diary/Reducing+False+Positives+with+Open+Data+Sources/20755
6.volatilityBot:恶意代码解压提取
7.针对数据保护API(DPAPI)的预览
http://blog.digital-forensics.it/2015/01/happy-dpapi.html
8.使用docker容器进行事件处理
https://blog.rootshell.be/2016/02/22/incident-handling-docker-to-the-rescue/
9.免费的在线工具调查寻找潜在的恶意站点
https://zeltser.com/lookup-malicious-websites/
10.私有的IOS STORE客户端成功逃避APPLE IOS代码审计
11.中国IOS开发者滥用apple app测试证书安装私有app
12.Bro插件用来检测和解密XOR加密的EXE文件
https://github.com/broala/bro-xor-exe-plugin
13.开放图书馆:免费的安全书籍下载
https://openlibra.com/en/collection/search/category/security_books
14.反向工程arm1处理器微架构
http://www.righto.com/2016/02/reverse-engineering-arm1-processors.html
15.反混淆一个js下载者
http://www.kahusecurity.com/2016/deobfuscating-a-hideous-looking-js-downloader
发表评论
您还未登录,请先登录。
登录