http://p0.qhimg.com/t01f7ef32da341925d2.jpg

我在大学演讲时,如果通过shodan发现一个公司的数据泄露的 [通过shodan找到的mongodb非认证]

http://sijmen.ruwhof.net/weblog/937-how-i-found-a-huge-data-leak-of-a-company-during-a-college-lecture

有关符号位溢出的一些背景知识

https://gist.github.com/rygorous/e0f055bfb74e3d5f0af20690759de5a7

检测ImageTragick 的burpsuite插件

https://blog.silentsignal.eu/2016/05/13/detecting-imagetragick-with-burp-suite-pro/

IOS架构的安全体系

https://woumn.wordpress.com/2016/05/02/security-principles-in-ios-architecture/

OverTheWire Wargames – 所有Bandit关卡的writeup

http://ttcubicle.blogspot.tw/2016/05/overthewire-wargames-all-bandit-levels.html

现在X64 内核模式的rootkit趋势

http://go.eset.com/us/resources/white-papers/Ekoparty2011_preso.pdf

通过内存dump检测rootkit

https://www.terena.org/activities/tf-csirt/meeting27/oesterberg-rootkits.pdf

实践恶意软件分析的新手包

https://bluesoul.me/practical-malware-analysis-starter-kit/

关于Linux4.6的真相

https://forums.grsecurity.net/viewtopic.php?f=7&t=4476

x86汇编基础教程

https://www.nayuki.io/page/a-fundamental-introduction-to-x86-assembly-programming

高级恶意软件

http://www.slideshare.net/CTruncer/higher-level-malware

一个 Aircrack-ng工具集的扩展,辅助做WIFI渗透测试

https://github.com/pupi1985/marfil

通过DNS协议传送数据来绕过防火墙

https://zeltser.com/c2-dns-tunneling/

在docker中运行metasploit,省去安装的烦恼

https://zeltser.com/metasploit-framework-docker-container/

通过X509 COM在windows nano服务器中新建和安装自签名证书的脚本

https://gist.github.com/subTee/b092cf7b46de222e82c0808270c431ad

windows 10 审计和监控辅导

https://gist.github.com/subTee/b092cf7b46de222e82c0808270c431ad

ClickJacking 开发利用辅助工具

https://github.com/enddo/CJExploiter

python恶意软件分析第一部分

https://isc.sans.edu/diary/Python+Malware+-+Part+1/21057

Firmware植入

http://malwarejake.blogspot.tw/2016/05/firmware-implants-aka-apt-bogey-man.html

andorid银行木马影响逛广泛

http://news.drweb.com/show/?i=9956&lng=en&c=5

文章原文链接:https://www.anquanke.com/post/id/83913