http://p0.qhimg.com/t01f7ef32da341925d2.jpg

逃逸xss检测

http://brutelogic.com.br/blog/avoiding-xss-detection/

[CVE-2016-1824] Apple IOHIDFamily 内核条件竞争漏洞导致可root

https://marcograss.github.io/security/apple/cve/2016/05/16/cve-2016-1824-apple-iohidfamily-racecondition.html

我如何破解网络银行应用无限制访问数十亿的美元存款

https://boris.in/blog/2016/the-bank-job/

CVE-2016-2208:Symantec/Norton 杀软  ASPack 远程堆/池内存损坏漏洞

https://bugs.chromium.org/p/project-zero/issues/detail?id=820

Android Hacking系列:dump和分析应用程序内存

http://resources.infosecinstitute.com/android-hacking-dumping-and-analyzing-applications-memory/

WiFi-Pumpkin v0.7.5:虚假WIFI访问点的利用框架

https://github.com/P0cL4bs/WiFi-Pumpkin

里约奥运会:网络骗子已经开始行动

https://securelist.com/blog/phishing/74754/the-rio-olympics-scammers-already-competing/

Hackmiami 会议 2016 的议题:Bootstrapping a Security Research Project

https://speakerdeck.com/andrewsmhay/hack-miami-2016-bootstrapping-a-security-research-project

使用IMAPI COM对象新建.iso文件

https://gallery.technet.microsoft.com/scriptcenter/New-ISOFile-function-a8deeffd

Mobile Malware Hits Google Play, Hundreds of Users Affected

http://ddanchev.blogspot.tw/2016/05/mobile-malware-hits-google-play_33.html

Adobe Flash addProperty UAF POC

https://packetstormsecurity.com/files/137058/GS20160516193103.tgz

WINRM远程安全注意事项

https://msdn.microsoft.com/powershell/scripting/setup/winrmsecurity

利用twiiter做cc的后门,和昨天推送的Gdog类似

https://github.com/PaulSec/twittor

Adobe Flash MovieClip.duplicateMovieClip UAF POC

https://packetstormsecurity.com/files/137050

5个需要改善的SWIFT安全模型

https://skyportblog.com/2016/05/13/five-necessary-improvements-to-the-swift-security-model/

CoreOS linux版的SSH安全问题

https://coreos.com/blog/alpha-security-incident-subset-of-users-affected.html

FBI教你如何一步一步的错误配置去匿名化使用洋葱服务

https://www.documentcloud.org/documents/2835144-Title-II-Wiretap-Warrant-Application-for-Playpen.html

一步一步教你社会工程学练习

https://www.youtube.com/watch?v=DL2l_L_nBe0

文章原文链接:https://www.anquanke.com/post/id/83917