1、攻击者能轻松的发布恶意packages,如何阻止这种行为
https://snyk.io/blog/publishing-malicious-packages/
2、用scratch新建LetsEncrypt客户端
https://github.com/alexpeattie/letsencrypt-fromscratch
3、Metaphor : Stagefright with ASLR bypass
https://github.com/NorthBit/Metaphor
4、介绍内存损坏bug(基于栈)
https://drive.google.com/file/d/0B0tBYiOD2uG7d1Q1d0k1VUdPbWs/view?pref=2&pli=1
5、对burpsuite的以及其一些扩展的简单介绍
https://www.nopsec.com/blog/projecting-your-burp/
6、IOT和个人数据隐私
http://www.networkworld.com/article/3026293/security/iot-and-data-privacy.html
7、系统管理的SOC资源
https://isc.sans.edu/diary/SOC+Resources+for+System+Management/20893
8、流量分析练习:MARCH MADNESS
http://malware-traffic-analysis.net/2016/03/30/index.html
9、面对redteam的下一代渗透测试之Recon(侦查)
http://www.crowdstrike.com/blog/next-gen-penetration-testing-recon-red-team/
10、接上篇,blueTeam面对redteam的Recon(侦查)如何做检测
http://www.crowdstrike.com/blog/reconnaissance-detection-blue-team/
11、如何检测正在传递的TrueCrypt blobs
http://blog.erratasec.com/2016/03/how-to-detect-truecrypt-blobs-being.html
12、网络侦查(Recon)技术入门
http://resources.infosecinstitute.com/snort-network-recon-techniques/
13、Qualys SSL Test的在线测试windows版
https://scotthelme.co.uk/getting-an-a-on-the-qualys-ssl-test-windows-edition/
14、反向工程师如何使用Sublime Text做Fuzzy匹配
15、以云为中心的物联网
http://lynnlangit.com/2016/03/29/cloud-centric-internet-of-things/
16、如何准备一场DDOS攻击
https://blog.radware.com/security/2016/03/how-to-prepare-for-a-ddos-attack/
17、一些wifi安全学习资源
https://canyoupwn.me/en-awesome-learn-wifi-security/
18、使用frida Hooking firefox PR_Write
https://wiremask.eu/articles/hooking-firefox-with-frida/
19、Adobe Flash – Object.unwatch UAF POC
发表评论
您还未登录,请先登录。
登录