1、OpenMeetings远程代码执行漏洞
http://haxx.ml/post/141655340521/all-your-meetings-are-belong-to-us-remote-code
2、积极主动的防御恶意欺诈勒索软件(通过设置文件权限,挂载点)
http://www.freeforensics.org/2016/03/proactively-reacting-to-ransomware.html
3、对Troyano恶意欺诈软件的简单分析
http://nyxbone.com/malware/Troldesh.html
4、eMMC后门漏洞被用来解锁Galaxy S5的Bootloader
http://theroot.ninja/disclosures/SAMDUNK_1.0-03262016.pdf
5、一些渗透/安全方面的cheatsheet
https://github.com/jshaw87/Cheatsheets
6、用于收集攻击者对服务(ftp, telnet, ssh, http, pop3 and smtp)暴力破解攻击字典的蜜罐
https://github.com/johnnykv/heralding
7、EMV协议fuzzer
8、如何从利用yahoo域下载恶意文件
http://shield4you.blogspot.tw/2016/03/how-i-able-to-download-any-malicious.html
9、收集的一些恶意软件样本
https://github.com/malwares/DangerousZone?platform=hootsuite
10、Windows Research Kernel
https://github.com/hacksysteam/WRK-1.2
11、路径拦截( path interception)技术
http://www.hexacorn.com/blog/2016/03/26/beyond-good-ol-run-key-part-37/
12、Caradoc:一个PDF解析和验证工具
https://github.com/ANSSI-FR/caradoc
13、7个经典的SQL SERVER安全提示
http://thelasttechie.com/2016/03/26/seven-essential-sql-server-security-tips/
14、透过空气hacking GSM
https://blog.kaspersky.com/gsm-hijacking/11660/
15、Retya恶意欺诈软件覆写你的MBR和MFT加密你的磁盘
16、Fortigate后门密码计算工具
https://packetstormsecurity.com/files/136430/Forsploit.py.txt
17、当我们在spatialos上模拟骨干网络的时候发现了什么
18、恶意PAYLOAD隐藏在PNG文件中
https://securelist.com/blog/virus-watch/74297/png-embedded-malicious-payload-hidden-in-a-png-file/
19、分析ANDROID。GOLEM下载组件
https://www.pnfsoftware.com/blog/analysis-of-android-golem-downloader-component/
20、SyScan3602016会议议题:Memory Corruption is for wussies.pdf
21、编写CLAM AV 0.99的签名
http://malwarefor.me/writing-signatures-for-clam-av-0-99-a-tutorial/
22、钓鱼黑客:Linux服务器攻击的分析
https://sysdig.com/blog/fishing-for-hackers/
23、我如何渗透的4%(已经被锁定)的Instagram账号
https://www.arneswinnen.net/2016/03/how-i-could-compromise-4-locked-instagram-accounts/
24、通过内部和遗留的API检测wine
http://www.hexacorn.com/blog/2016/03/27/detecting-wine-via-internal-and-legacy-apis/
发表评论
您还未登录,请先登录。
登录