点击阅读原文可点击链接
news:
nsa的smb漏洞exp
https://www.exploit-db.com/exploits/41987/
Pwn2Own比赛中湛泸实验室所用到的两个Edge漏洞,以及漏洞利用中的DVE(Data-Virtualization Execute)技术
http://bobao.360.cn/learning/detail/3836.html
APT28组织利用两个0day漏洞影响法国大选的细节(中文)
http://bobao.360.cn/learning/detail/3837.html
华硕路由器中存在多个 CSRF 漏洞
cve-2017-5892
cve-2017-5891
http://seclists.org/fulldisclosure/2017/May/36?utm_source=feedburner&utm_medium=twitter&utm_campaign=Feed%3A+seclists%2FFullDisclosure+%28Full+Disclosure%29
通过socket包利用Linux内核漏洞
https://googleprojectzero.blogspot.com/2017/05/exploiting-linux-kernel-via-packet.html
逆向 Apple 位置服务协议Location Services Protocol
https://appelsiini.net/2017/reverse-engineering-location-services/
Firefox53 & Edge40 Browsers CSP Bypass PoC
https://www.n0tr00t.com/2017/05/10/Firefox-and-Edge-Browsers-CSP-Bypass.html
IoT 安全测试方法
http://r-7.co/2pefnui
技术分享:
见缝插针:DNS泛解析是怎么被黑客玩坏的
http://www.freebuf.com/news/133873.html
QuickZip V4.60 缓冲区溢出漏洞详解
http://bobao.360.cn/learning/detail/3839.html
资源:
linux内核利用集合
https://github.com/xairy/linux-kernel-exploitation
代理转发工具汇总分析
https://www.t00ls.net/articles-35614.html
Hacking Tools搜罗大集合
http://www.freebuf.com/sectool/133949.html
Jackhammer - 安全团队与开发团队之间协作的一个工具,用于漏洞评估和管理
https://github.com/olacabs/jackhammer
有趣:
http://www.freebuf.com/articles/others-articles/134249.html
会议:
Analysis of 0ctf 2015 simple.apk
http://www.ikey4u.com/blog/0ctf-2015-simpleapk/partA-learn-smali/
http://www.ikey4u.com/blog/0ctf-2015-simpleapk/partB-analysis-solib/news:
nsa的smb漏洞exp
https://www.exploit-db.com/exploits/41987/
Pwn2Own比赛中湛泸实验室所用到的两个Edge漏洞,以及漏洞利用中的DVE(Data-Virtualization Execute)技术
http://bobao.360.cn/learning/detail/3836.html
APT28组织利用两个0day漏洞影响法国大选的细节(中文)
http://bobao.360.cn/learning/detail/3837.html
华硕路由器中存在多个 CSRF 漏洞
cve-2017-5892
cve-2017-5891
http://seclists.org/fulldisclosure/2017/May/36?utm_source=feedburner&utm_medium=twitter&utm_campaign=Feed%3A+seclists%2FFullDisclosure+%28Full+Disclosure%29
通过socket包利用Linux内核漏洞
https://googleprojectzero.blogspot.com/2017/05/exploiting-linux-kernel-via-packet.html
逆向 Apple 位置服务协议Location Services Protocol
https://appelsiini.net/2017/reverse-engineering-location-services/
Firefox53 & Edge40 Browsers CSP Bypass PoC
https://www.n0tr00t.com/2017/05/10/Firefox-and-Edge-Browsers-CSP-Bypass.html
IoT 安全测试方法
http://r-7.co/2pefnui
技术分享:
见缝插针:DNS泛解析是怎么被黑客玩坏的
http://www.freebuf.com/news/133873.html
QuickZip V4.60 缓冲区溢出漏洞详解
http://bobao.360.cn/learning/detail/3839.html
资源:
linux内核利用集合
https://github.com/xairy/linux-kernel-exploitation
代理转发工具汇总分析
https://www.t00ls.net/articles-35614.html
Hacking Tools搜罗大集合
http://www.freebuf.com/sectool/133949.html
Jackhammer - 安全团队与开发团队之间协作的一个工具,用于漏洞评估和管理
https://github.com/olacabs/jackhammer
有趣:
http://www.freebuf.com/articles/others-articles/134249.html
会议:
Analysis of 0ctf 2015 simple.apk
http://www.ikey4u.com/blog/0ctf-2015-simpleapk/partA-learn-smali/
http://www.ikey4u.com/blog/0ctf-2015-simpleapk/partB-analysis-solib/