1.Inspeckage:android Package Inspector,下载地址https://github.com/ac-pm/Inspeckage
http://blog.tempest.com.br/antonio-martins/inspeckage-android-package-inspector.html
2.Nexus 三月android安全公告,包含多个严重的漏洞,其中有一个从WEB浏览器可触发的远程代码执行漏洞
https://source.android.com/security/bulletin/2016-03-01.html
3.TCP/IP栈编程实践:第一部分:以太网桢格式与ARP
http://www.saminiir.com/lets-code-tcp-ip-stack-1-ethernet-arp
4.proofpoint发布的针对印度外交和军事资源的APT攻击报告
5.CVE 2015-7547 glibc getaddrinfo() DNS 漏洞分析,对比这个可以参考国内的drops上的http://drops.wooyun.org/papers/13040
https://labs.jumpsec.com/2016/03/07/cve-2015-7547-glibc-getaddrinfo-dns-vulnerability/
6.BKP CTF: pwnable writeups
http://vulph.com/2016/03/05/Boston-Key-Party-writeups.html
7.在.apk文件中嵌入metasploit payload第二部分,第一部分在https://techkernel.wordpress.com/2015/12/11/embed-metasploit-payload-in-apk-easily/
https://techkernel.wordpress.com/2015/12/19/embed-metasploit-payload-in-apk-manually/
8.Malwarebytes 2.2.0.1024 DLL 劫持漏洞
https://packetstormsecurity.com/files/136107/mbam-dllhijack.txt
9.通过siri饶过ios v9.0, v9.1 & v9.2.1,也有人评论说不是通过SIRI饶过的,是在按IPHONE键的时候,指纹解锁的
https://blog.slowb.ro/new-apple-ios-v9-0-v9-1-v9-2-1-passkey-bypass/
10.使用unpack.py分析cryptoLocker第一部分
http://malwaremusings.com/2016/03/08/analysing-cryptolocker-with-unpack-py-initial-analysis-part-1/
11.讲解win10上的mac地址随机化是如何工作的
http://www.mathyvanhoef.com/2016/03/how-mac-address-randomization-works-on.html
12.climber:一款检测unix/linux系统提权漏洞的脚本
https://github.com/raffaele-forte/climber
13.微软拥抱开源世界:sql server开始支持linux
https://blogs.microsoft.com/blog/2016/03/07/announcing-sql-server-on-linux/
14.通过 InstallUtil 饶过applocker的msf模块
15.我如何黑了你的facebook账号,一个价值1W5千刀的漏洞
http://www.anandpraka.sh/2016/03/how-i-could-have-hacked-your-facebook.html
16.通过DOCKER容器进行事件处理,这篇是在容器中运行REMnux镜像https://remnux.org/docs/containers/run-apps/
https://blog.rootshell.be/2016/02/22/incident-handling-docker-to-the-rescue/
17.Apple iOS v9.2.1 – 多个 PassCode 饶过漏洞
http://seclists.org/fulldisclosure/2016/Mar/15
18.fortinet网站登陆页面发现xss漏洞
http://www.scmagazineuk.com/reflected-xss-vuln-found-on-fortinet-login-page/article/481106/
19.安全/事件响应cheatsheet和URL参考连接
20.bkpctf中qwn2own的exploit
https://github.com/kitctf/writeups/blob/master/bkp2016/qwn2own/index.html