1、AndroBugs框架的android漏洞扫描器
https://github.com/AndroBugs/AndroBugs_Framework
2、InvokerTransformer任意代码执行漏洞
https://issues.apache.org/jira/browse/COLLECTIONS-580
3、Volatility 2.5 发行:支持Windows 10 & OS X El Capitan
http://www.volatilityfoundation.org/#!25/c1f29
4、Teensy weensy 加密
https://blog.goeswhere.com/2015/11/nano-rc4/
5、EMV 协议的 Fuzzer
https://labs.mwrinfosecurity.com/blog/2015/11/11/emv-protocol-fuzzer/
6、pagerank botNet注入分析
http://neonprimetime.blogspot.tw/2015/11/pagerank-botnet-sqli-analysis.html
7、scrapyd安全审计
http://www.spect.cl/blog/2015/11/security-audit-scrapyd/
8、exploitkit的演化进程
9、Muse(缪斯):开源,去中心化,低层次加密的社会协议
https://github.com/Muterra/doc-muse
10、使用powerview滥用活动目录的权限
http://www.harmj0y.net/blog/redteaming/abusing-active-directory-permissions-with-powerview/
11、决战ZipInputStream
http://rotlogix.com/2015/11/12/zipinputstream-armageddon/
12、介绍渗透测试sap应用的第一部分
http://resources.infosecinstitute.com/pen-stesting-sap-applications-part-1/
13、Defusing a binary bomb with gdb – Part 1
http://blog.carlosgaldino.com/2015/11/12/defusing-a-binary-bomb-with-gdb-part-1.html
14、一个挑战逆向工程的站点
15、攻击EI Capitan的xnu内核
16、spring social 核心库漏洞披露
https://blog.srcclr.com/spring-social-core-vulnerability-disclosure/
17、这个50美金的设备能够检测mimikatz的使用
https://www.youtube.com/watch?v=lKpcpSZp84s
18、三星android5设备滥用wifiCredService,导致远程代码执行
19、批量扫描java序列化bug的扫描器
https://github.com/johndekroon/serializekiller
20、让无人机变得更聪明些
http://hackaday.com/2015/11/11/drones-are-getting-a-lot-smarter/
21、分析chimera恶意欺诈软件
https://reaqta.com/2015/11/diving-into-chimera-ransomware/
http://researchcenter.paloaltonetworks.com/2015/11/adversaries-and-their-motivations-part-2/
文章原文链接:https://www.anquanke.com/post/id/82910