1.DOM XSS 101 Walk-Through
http://neonprimetime.blogspot.com/2016/01/dom-xss-101-walk-through.html
2.DDOS.TF:新的ELF&WIN32 DDOS服务利用ASP + PHP/MYSQL MOF WEBSHELL
http://blog.malwaremustdie.org/2016/01/mmd-0048-2016-ddostf-new-elf-windows.html
3.微软office 通过浏览器进行dll hijacking(ms15-132)
4.移动设备的中间人攻击
https://www.astechconsulting.com/blog/2016/maninthemiddle-for-mobile/
5.创建一个可防御的树莓派
6.在ios应用中绕过openssl Certificate Pinning
7.SANS Holiday Hack Write-up
8.blockchain单一的危险性
https://tonyarcieri.com/on-the-dangers-of-a-blockchain-monoculture
9.node.js远程内存泄露漏洞
https://nodesecurity.io/advisories/67
10.Ubuntu 14.04 LTS, 15.10 overlayfs本地提权
https://www.exploit-db.com/exploits/39166/
11.MyROP:Rop tool for arm
https://github.com/hitmoon/MyRop
12.新的TeslaCrypt欺诈软件通过垃圾邮件分发
https://blogs.mcafee.com/mcafee-labs/new-teslacrypt-ransomware-arrives-via-spam/
13.panda插件文档
https://github.com/moyix/panda/blob/master/docs/Plugins.md
14.zeroAccess使用DLL loading技术
http://www.neutralizethreat.com/2016/01/dll-loading-technique-used-in-zeroaccess.html
15.HTML5 Security Cheat Sheet
http://www.net-security.org/secworld.php?id=19279
文章原文链接:https://www.anquanke.com/post/id/83242