技术类:
我如何破解一个键盘记录,以及进入攻击者的邮箱的
https://www.trustwave.com/Resources/SpiderLabs-Blog/How-I-Cracked-a-Keylogger-and-Ended-Up-in-Someone-s-Inbox/
EMET对阻击Non-Explations使用的有效性
https://www.okta.com/blog/2016/07/the-emet-serendipity-emets-ineffectiveness-against-non-exploitation-uses/
hashcat 3.0发布 [集成hashcat和oclhash到一个项目]
https://hashcat.net/forum/thread-5559.html
一年针对windows内核字体的fuzzing第二部分
https://googleprojectzero.blogspot.co.il/2016/07/a-year-of-windows-kernel-font-fuzzing-2.html
自定义固件解锁一个健身跟踪设备
http://hackaday.com/2016/07/03/custom-firmware-unlocks-fitness-tracker/
冷静!https不是vpn,https比你想象的隐私保护要少
https://drwetter.eu/talks/Dirk%20Wetter%20–%20Calm%20down,%20HTTPS%20is%20not%20a%20VPN.pdf
通过内嵌的JSE分发的金融恶意软件
http://payload-security.blogspot.de/2016/07/spyware-delivered-via-embedded-jse-in.html
Ubuntu 16.04 本地root – netfilter target_offset OOB POC
https://www.exploit-db.com/exploits/40049/
OSX keychain取证的艺术,相关代码在https://github.com/n0fate/iChainbreaker
https://forensic.n0fate.com/wp-content/uploads/2015/08/FIOS-2015-OS-X-Keychain-Forensic-Artifacts.pdf
传输文件从kali到windows
https://blog.ropnop.com/transferring-files-from-kali-to-windows/
x86-64机器级编程
http://ecee.colorado.edu/ecen4553/fall12/asm64-handout.pdf
构建在LuaJIT上的轻量级SDR框架
http://luaradio.io/
实践android恶意软件分析
https://slides.com/paul38/ndh-2016-android-malware-analysis/live#/
如何使用burp intruder和excel测试基于时间的盲注
https://www.youtube.com/watch?v=Q4j79v8pl5w
From zero to SYSTEM on full disk encrypted windows system
http://www.slideshare.net/NabeelAhmed7/from-zero-to-system-on-full-disk-encrypted-windows-system
使用ProcDOT进行恶意软件分析的视频
https://t.co/pJYMIcmSPN
checkpoint发行的HummingBad研究报告
http://blog.checkpoint.com/wp-content/uploads/2016/07/HummingBad-Research-report_FINAL-62916.pdf
通过便宜的rtl-sdr设备传输数据
http://www.rtl-sdr.com/an-rtl-sdr-to-rtl-sdr-qso-with-rtl-trx-transmit-rtty-with-the-rtl-sdr/
垃圾邮件包含zip附件,附件里包含恶意js
https://isc.sans.edu/forums/diary/Malicious+spam+with+zip+attachments+containing+js+files/20153/
对amd Radeon RX 480 8GB显卡的介绍
http://www.guru3d.com/articles_pages/amd_radeon_r9_rx_480_8gb_review,1.html?sf30022002=1
RPO Gadgets
http://blog.innerht.ml/rpo-gadgets/
ECB Byte at a Time
https://c0nradsc0rner.wordpress.com/2016/07/03/ecb-byte-at-a-time/
Google Caja沙盒绕过
http://blog.bentkowski.info/2016/07/xss-es-in-google-caja.html
看2个中国人在巴基斯坦安装ATM Skimmer
https://www.hackread.com/chinese-installing-atm-skimmer-in-pakistan/
滥用地铁通信网络
http://www.slideshare.net/moshez/abusing-the-train-communication-network-or-what-could-have-derailed-the-northeast-regional-188
安全shellcode实现
https://labs.mwrinfosecurity.com/blog/safer-shellcode-implants/
资讯类:
1万facebook用户受恶意软件影响
http://www.scmagazine.com/10k-facebook-users-infected-by-malware/article/506963/
通过Telegram bot被黑的2千万伊朗用户
http://en.trend.az/iran/society/2553314.html
数据泄露消息:
匿名者声称放出alibaba的数据库,压缩文件加密的。没法解压。可信度不高
发表评论
您还未登录,请先登录。
登录