1.使用elk stack + packetbeat和watcher检测DNS隧道(像iodine)的工具
https://github.com/elastic/examples/tree/master/packetbeat_dns_tunnel_detection
2.binary ninja(二进制忍者) api 介绍
http://arm.ninja/2016/03/08/intro-to-binary-ninja-api/
3.视频演示如何搭建一个nsm实验平台
http://chrissanders.org/2016/03/video-building-an-nsm-lab/
4.Honerix:一款在线的,分布式的蜜罐,用于捕捉基于WEB的攻击
5.Linux的审计无可避免的形态
6.firmadyne:模拟和动态分析基于LINUX的固件的paper
https://github.com/firmadyne/firmadyne/blob/master/paper/paper.pdf
7.internetwache 2015 writeup
https://github.com/praetorian-inc/ctf-writeups/tree/master/internetwache-2015
8.CVE-2015-7547的另一版poc,GOOGLE版的在https://github.com/fjserna/CVE-2015-7547
https://github.com/jgajek/cve-2015-7547
9.针对fedora的linux发行版的渗透测试工具脚本
https://github.com/madmantm/fedora-pentest-tools
10.subsearch:一款java语言编写的子域暴力破解工具
https://github.com/gavia/subsearch
11.能够获取wlanprofiles(存储无线连接配置的文件)文件里的加密字符串或者明文密码的powershell脚本
https://github.com/BornToBeRoot/PowerShell_Get-WLANProfiles
12.ARCANUS:一款go语言编写的能够自定义payload的工具
https://github.com/EgeBalci/ARCANUS
13.subtee在Troopers2016会议上演讲的POC代码 (大部分是应用白名单逃逸的)
https://github.com/subTee/Troopers2016
14.openssh修补信息泄露漏洞(http://www.openssh.com/txt/x11fwd.adv)
https://threatpost.com/openssh-patches-information-leak-flaw/116760/
15.闭路电视演示窃贼如何针对在3秒内对POS机安装信用卡密码偷取硬件的(POS credit card skimmer),另一篇报道http://securityaffairs.co/wordpress/45310/cyber-crime/skimmer-gas-station-card.html
http://motherboard.vice.com/read/credit-card-reader-skimmer-video
16.在 iOS 8上dump内存
https://blog.netspi.com/dumping-memory-on-ios-8/
17.onioncat:一款匿名的洋葱VPN适配器
https://www.onioncat.org/download/
18.鱼叉式钓鱼的真实案例
http://resources.infosecinstitute.com/spear-phishing-real-life-examples/
19.首席数字官(Chief Digital Officers)在2016年必须要做的5件事
https://www.linkedin.com/pulse/4-must-dos-chief-digital-officers-2016-daniel-newman
20.事件响应的方法和工具集
https://github.com/meirwah/awesome-incident-response
21.MobSF发布新版,相关ppt在http://www.slideshare.net/ajin25/nullcon-goa-2016-automated-mobile-application-security-testing-with-mobile-security-framework-mobsf
https://github.com/ajinabraham/Mobile-Security-Framework-MobSF
22.如何在firefox os上利用XSS/HTML注入
https://gist.github.com/nishimunea/264695161a6796f1912f
23.通过c++模板元编程进行二进制代码混淆
发表评论
您还未登录,请先登录。
登录