1、使用TLS配置你的远程桌面(rdp)
http://blog.robiii.nl/2015/10/configure-your-windows-remote-desktop.html
2、音频隐写术的基本方法(频谱图)
https://solusipse.net/blog/post/basic-methods-of-audio-steganography-spectrograms/
3、CVE-2015-1642:微软WORD OLE利用分析
4、从内存提权keepass 2.x数据库的密码
https://github.com/denandz/KeeFarce
5、通过fuzzing浏览器找BUG
https://drive.google.com/file/d/0B4ZwSwfSILSIcWhzY1NnY0lrNEk/view?pli=1
6、Joomla CVE-2015-7297分析,影响joomla 3.2到3.4.4,问题出在JModelList里的populateState()方法
http://blog.perimeterx.com/joomla-cve-2015-7297/
7、DIY一个看起来像壁式充电器似的无线键盘记录
http://lifehacker.com/this-diy-wireless-keylogger-fits-anywhere-looks-like-a-1739266989
8、sniffly:使用HSTS+CSP嗅探浏览器历史记录的POC工具
https://github.com/diracdeltas/sniffly
9、pyelftools:解析ELF和DWARF的PYTHON库
https://github.com/eliben/pyelftools
10、取证时,你应该充分的测试你的取证工具
http://malwarejake.blogspot.it/2015/10/thou-shall-test-thy-forensics-tools.html
11、WSUSpect-proxy:通过中间人WSUS流量,注入欺骗更新的POC工具
https://github.com/ctxis/wsuspect-proxy
12、EBAY MAGENTO XXE注入漏洞,影响eBay Magento CE <= 1.9.2.1和eBay Magento EE <= 1.14.2.1
https://dl.packetstormsecurity.net/1510-exploits/eBay-Magento-XXE-Injection-Vulnerability.txt
13、保护你的windows网络:本地管理员账号管理设置方法
14、root cisco的 Linksys x2000 路由器
http://meat.pisto.horse/2015/11/rooting-linksys-x2000-router-system.html
15、ntp多个漏洞影响cisco多个产品
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151021-ntp
16、以正视听的Moplus SDK和虫洞漏洞
文章原文链接:https://www.anquanke.com/post/id/82826