http://brutelogic.com.br/blog/shortest-reflected-xss-possible/
尽可能短的反射XSS payload
http://teletext.zaibatsutel.net/post/145370716258/deadupdate-or-how-i-learned-to-stop-worrying-and
Asus LiveUpdate HTTP中间人导致任意代码执行
https://www.farsightsecurity.com/Blog/20160603-stsauver-ddos-sie-darkspace-1/
分析一起DNS反射DOS攻击
了解angler exploitkit,第一部分
http://0day.today/exploit/25398
Nagios XI 5.2.7 代码执行/提权/SQL注入漏洞
hashcat 3.00 beta发行,这是运行在不同设备上的测试报告
https://blog.sucuri.net/2016/06/magento-credit-card-stealer-braintree-extension.html
用于Magento信用卡盗取的Braintree 扩展
http://www.gironsec.com/blog/2016/06/backdooring-a-dll/
Backdooring a DLL
http://samvartaka.github.io/exploitation/2016/06/03/dead-rats-exploiting-malware
利用malware C2服务
https://drive.google.com/file/d/0Bz8Lmg2kodQiRXYwWVpGNXQtdG5hNG5GaDFFNF9UNXp4UXo4/view?pref=2&pli=1
使用Erlang写exploit
http://streamcode.io/intro-bot-framework-building-weather-bot/
介绍bot Framework,构造一个天气bot
http://blog.trailofbits.com/2016/06/03/2000-cuts-with-binary-ninja/
2000 cuts with Binary Ninja
https://github.com/OJ/gobuster
用go语言实现的目录/DNS爆破工具
https://github.com/IAIK/flush_flush
Flush+Flush 缓存攻击,文章以及代码
https://docs.google.com/spreadsheets/d/1H9_xaxQHpWaa4O_Son4Gx0YOIzlcBWMsdvePFX68EKU/pubhtml
APT Groups and Operations cheatsheet
http://www.hackingarticles.in/hack-gmail-facebook-password-network-using-bettercap/
使用中间人工具bettercap劫持facebook和GMAIL登陆密码
https://bugs.chromium.org/p/project-zero/issues/detail?id=735#c_ts1464970450
Linux io_submit L2TP sendmsg 整形溢出
https://github.com/Gh005t/Android-BruteForce?platform=hootsuite
当USB Debugging开启的时候暴力破解Android锁屏的工具
https://github.com/Droid-MAX/bully
android上的WPS攻击工具
http://andrewmohawk.com/2016/06/05/hackfu-2016-writeup/
HackFu 2016 Writeup
https://labs.portcullis.co.uk/blog/powerops-powershell-for-offensive-operations/?platform=hootsuite
PowerOPS: PowerShell for Offensive Operation