1、像坏孩子一样玩Hacking:使用tor来逃逸防火墙以及匿名远程访问
2、使用单指令绕过EMET
https://www.duosecurity.com/static/pdf/WoW64-Bypassing-EMET.pdf
3、Hack The Galaxy: Samsung Galaxy S6 Edge捉虫漏洞
http://googleprojectzero.blogspot.com/2015/11/hack-galaxy-hunting-bugs-in-samsung.html
4、一个基于TOR的僵尸网络:SpamBot调查报告
https://www.stateoftheinternet.com/downloads/pdfs/SpamBot-Investigation-whitepaper-R3.pdf
5、根据介绍火狐firefox安全工具包来说明为什么说预制的浏览器是不好的
https://forum.bugcrowd.com/t/why-prebuilt-browsers-are-bad-introducing-firefox-security-toolkit/783
6、python 3.5 bytearray pop和remove函数缓冲区越界读取漏洞
http://0day.today/exploits/24486
7、ACSC(澳大利亚网络安全中心) 发布2015年威胁报告
https://www.us-cert.gov/ncas/current-activity/2015/11/02/ACSC-Releases-2015-Threat-Report?
8、Scumblr:Netflix公布的一款自动扫描WEB信息的开源工具
https://github.com/Netflix/Scumblr/
9、使用树莓派和KALI构造便携式黑客平台
http://www.lifehacker.co.uk/2015/10/30/build-portable-hacking-station-raspberry-pi-kali-linux
10、whatsapp网络取证:解密和理解whatsapp的呼叫信令
http://www.fit.vutbr.cz/research/pubs/index.php?file=%2Fpub%2F10979%2FWhatsApp.pdf&id=10979
11、对于污点式漏洞自动推理的搜索模式
http://user.informatik.uni-goettingen.de/~fyamagu/pdfs/2015-oakland.pdf
12、Fuzzing FFmpeg for fun and profit
http://obe.tv/about-us/obe-blog/item/26-fuzzing-ffmpeg-for-fun-and-profit
13、sb2dot.py: "反编译" iOS 9 和OS X 10.11二进制沙盒profiles到.dot文件的工具
https://github.com/sektioneins/sandbox_toolkit
14、绕过SAP的SuccessFactors的xss过滤
https://respectxss.blogspot.de/2015/11/a-tale-of-breaking-saps-successfactorss.html
15、tlsfuzzer:一款TLS fuzzer工具
https://github.com/tomato42/tlsfuzzer
文章原文链接:https://www.anquanke.com/post/id/82836