技术类:

我如何破解一个键盘记录,以及进入攻击者的邮箱的

https://www.trustwave.com/Resources/SpiderLabs-Blog/How-I-Cracked-a-Keylogger-and-Ended-Up-in-Someone-s-Inbox/

EMET对阻击Non-Explations使用的有效性

https://www.okta.com/blog/2016/07/the-emet-serendipity-emets-ineffectiveness-against-non-exploitation-uses/

hashcat 3.0发布 [集成hashcat和oclhash到一个项目]

https://hashcat.net/forum/thread-5559.html

一年针对windows内核字体的fuzzing第二部分

https://googleprojectzero.blogspot.co.il/2016/07/a-year-of-windows-kernel-font-fuzzing-2.html

自定义固件解锁一个健身跟踪设备

http://hackaday.com/2016/07/03/custom-firmware-unlocks-fitness-tracker/

冷静!https不是vpn,https比你想象的隐私保护要少

https://drwetter.eu/talks/Dirk%20Wetter%20–%20Calm%20down,%20HTTPS%20is%20not%20a%20VPN.pdf

通过内嵌的JSE分发的金融恶意软件

http://payload-security.blogspot.de/2016/07/spyware-delivered-via-embedded-jse-in.html

Ubuntu 16.04 本地root – netfilter target_offset OOB POC

https://www.exploit-db.com/exploits/40049/

OSX keychain取证的艺术,相关代码在https://github.com/n0fate/iChainbreaker

https://forensic.n0fate.com/wp-content/uploads/2015/08/FIOS-2015-OS-X-Keychain-Forensic-Artifacts.pdf

传输文件从kali到windows

https://blog.ropnop.com/transferring-files-from-kali-to-windows/

x86-64机器级编程

http://ecee.colorado.edu/ecen4553/fall12/asm64-handout.pdf

构建在LuaJIT上的轻量级SDR框架

http://luaradio.io/

实践android恶意软件分析

https://slides.com/paul38/ndh-2016-android-malware-analysis/live#/

如何使用burp intruder和excel测试基于时间的盲注

https://www.youtube.com/watch?v=Q4j79v8pl5w

From zero to SYSTEM on full disk encrypted windows system

http://www.slideshare.net/NabeelAhmed7/from-zero-to-system-on-full-disk-encrypted-windows-system

使用ProcDOT进行恶意软件分析的视频

https://t.co/pJYMIcmSPN

checkpoint发行的HummingBad研究报告

http://blog.checkpoint.com/wp-content/uploads/2016/07/HummingBad-Research-report_FINAL-62916.pdf

通过便宜的rtl-sdr设备传输数据

http://www.rtl-sdr.com/an-rtl-sdr-to-rtl-sdr-qso-with-rtl-trx-transmit-rtty-with-the-rtl-sdr/

垃圾邮件包含zip附件,附件里包含恶意js

https://isc.sans.edu/forums/diary/Malicious+spam+with+zip+attachments+containing+js+files/20153/

对amd Radeon RX 480 8GB显卡的介绍

http://www.guru3d.com/articles_pages/amd_radeon_r9_rx_480_8gb_review,1.html?sf30022002=1

RPO Gadgets

http://blog.innerht.ml/rpo-gadgets/

ECB Byte at a Time

https://c0nradsc0rner.wordpress.com/2016/07/03/ecb-byte-at-a-time/

Google Caja沙盒绕过

http://blog.bentkowski.info/2016/07/xss-es-in-google-caja.html

看2个中国人在巴基斯坦安装ATM Skimmer

https://www.hackread.com/chinese-installing-atm-skimmer-in-pakistan/

滥用地铁通信网络

http://www.slideshare.net/moshez/abusing-the-train-communication-network-or-what-could-have-derailed-the-northeast-regional-188

安全shellcode实现

https://labs.mwrinfosecurity.com/blog/safer-shellcode-implants/

资讯类:

1万facebook用户受恶意软件影响

http://www.scmagazine.com/10k-facebook-users-infected-by-malware/article/506963/

通过Telegram bot被黑的2千万伊朗用户

http://en.trend.az/iran/society/2553314.html

数据泄露消息:

匿名者声称放出alibaba的数据库,压缩文件加密的。没法解压。可信度不高