
19
4月
APT attacker, Operation Baby Coin, return to Korea in 2010(koren)
XLoader Android Spyware and Banking Trojan Distributed via DNS Spoofing
Windows: WLDP CLSID policy .NET COM Instantiation UMCI Bypass
DrayTek VigorACS 2 Unsafe Flex AMF Java Object Deserialization
Oracle: command execution through specially crafted secret keys in JCEKS keystores(CVE-2018-2794)
Multiple Issues in Foxit PDF Reader
74cms任意账户密码重置漏洞分析和利用
Firefox 56.0 302 Redirect URL Spoofing Vulnerability
Python反序列化漏洞的花式利用
通过 Windows 用户模式回调实施的内核攻击
MYSQL新特性secure_file_priv对读写文件的影响
SNMP Config File Injection to Shell
Lateral Attacks Between IoT Devices: The Technical Details
Review of Mobile Apps Permissions and Associated Intrusive Privacy Threats
Automotive Industry Guidelines for Secure Over-the-Air Updates
UEFI Driver Writer's Guide
iOS应用逆向工程资料汇总
学生福利-收集支持教育优惠的软件与服务
LinkedIn AutoFill Exposes Visitor Name, Email to Third-Party Websites
No boundaries for Facebook data: third-party trackers abuse Facebook Login
tools CVE-2018-4121 - Safari Wasm Sections POC RCE Exploit
tools Airbash is a fully automated WPA PSK handshake capture script aimed at penetration testing.
tools sandcat:An open-source, pentest and developer-oriented web browser, using the power of Lua
tools Red team Arsenal - An intelligent scanner to detect security vulnerabilities in companies layer 7 assets.
tools machine_learning_security:Source code about machine learning and security.
tools Damn Vulnerable iOS App (DVIA)-v2 is an iOS application that is damn vulnerable.