
27
1月
DragonFish APT (Lotus Blossom) delivers new form of Elise malware targeting Asean Defence Ministers’ Meeting and associates
DustySky-a new wave of attacks using popular third-party services to deliver malicious decoy documents.
UXSS in McAfee Endpoint Security, www.mcafee.com and some extra goodies...
Trend Micro Threat Discovery Appliance - Session Generation Authentication Bypass (CVE-2016-8584)
tools POC of Trend Micro Threat Discovery Appliance 2.6.1062r1 - 'dlp_policy_upload.cgi' Remote Code Execution
Nitro Pro PDF Multiple Vulnerabilities
XMemcached Client deserialization vulnerability
Living off the land and fileless attack techniques -An ISTR Special Report
Insecure Direct Object Reference in a .exe (Creobit Steam Game)
Unpacking GandCrab Ransomware
Unpacking a malware with libPeConv (Pykspa case study)
Reverse engineering and exploiting Samsung’s TrustZone Parts I
Reverse engineering and exploiting Samsung’s TrustZone Parts II
Reverse engineering and exploiting Samsung’s TrustZone Parts III
代码审计小trick
DnsLog的改造和自动化调用
Using WinAFL to Fuzz Hangul(HWP) AppShield
Pentesting aws lambda functions
My journey towards Reverse Engineering a Smart Band — Bluetooth-LE RE
Riding out DOMsday: Toward Detecting and Preventing DOM Cross-Site Scripting
关于网站强奸剪切板那点事
Analyzing the Linux boot process
Getting started with Firmware Emulation for IoT Devices
Bsides Leeds Remote SE 101 Workshop
如何做好首席安全官 – 企业安全体系与架构实现
android-crackme-challenge:A collection of reverse engineering challenges for learning about the Android operating system and mobile security.
2017年安全行业年度报告汇总
Part 2: How to stop me harvesting credit card numbers and passwords from your site
tools CredNinja-A multithreaded tool designed to identify if credentials are valid, invalid, or local admin valid credentials within a network at-scale via SMB, plus now with a user hunter
tools Kisskiss - Unpacker for various Android packers/protectors
tools Grey Noise is a system that collects and analyzes data on Internet-wide scanners.
tools gasmask:All in one Information gathering tool - OSINT