技术类:

移动安全:使用便宜的设备实践攻击

http://www.synacktiv.fr/ressources/synacktiv_mobile_communications_attacks.pdf

一款开源的杀毒软件引擎,用来检测病毒

https://github.com/develbranch/TinyAntivirus

OSTrICa:开源的威胁情报收集平台

https://github.com/Ptr32Void/OSTrICa

wget 1.17 以及之前版本的任意代码执行漏洞poc

https://blogs.securiteam.com/index.php/archives/2701

Windows 7 SP1 x86提权POC  (MS16-014)

https://www.exploit-db.com/exploits/40039/

PowerSploit cheatsheet

https://github.com/HarmJ0y/CheatSheets/blob/master/PowerSploit.pdf

MIRCOP恶意欺诈软件的解密工具下载

http://news.softpedia.com/news/free-decrypter-available-for-download-for-mircop-ransomware-505976.shtml?utm_content=bufferf8aa5&utm_medium=social&utm_source=plus.google.com&utm_campaign=buffer

分析vegan anti-BeFF的chrome的扩展绕过

https://github.com/beefproject/beef/commit/9e3385cf4c6cb98fe96343117d545415514f94ed

U2F Zero:开源的,支持Google,Openssh,github等服务的物理双银子验证工具

https://github.com/conorpp/u2f-zero

在Cpython中编写C代码

https://spacy.io/blog/writing-c-in-cython

开源的PGP实现工具,可以在web中使用

https://github.com/henryboldi/felony

BDFProxy 更新,可以支持mitmproxy到v0.17版本

https://github.com/secretsquirrel/BDFProxy

在dell ChromeBook 11 安装kali

http://jerrygamblin.com/2016/07/04/installing-kali-on-a-dell-chromebook-11/

Gootkit木马分析

http://www.malekal.com/trojan-gootkit/

Cisco Prime Infrastructure 远程代码执行漏洞

https://blogs.securiteam.com/index.php/archives/2727

[NDH2K16 2016] [FORENSICS 150 – DRAW ME A SHEEP] WRITE UP

https://0x90r00t.com/2016/07/04/ndh2k16-2016-forensics-150-draw-me-a-sheep-write-up/

恶意广告有所减少,但是并没有完全消失

https://blog.malwarebytes.com/cybercrime/exploits/2016/07/malvertising-slowing-down-but-not-out/

hashkiller 2016-7月比赛的writeup

https://hashkiller.co.uk/contest/2016-06/contest_2016-07_write-up.pdf

资讯类:

Satana 恶意欺诈软件加密你计算机的BOOT,阻止你启动

http://news.softpedia.com/news/satana-ransomware-encrypts-your-boot-record-and-prevents-your-pc-from-starting-505933.shtml

联想thinkpad 0day可以绕过windows安全

http://www.itnews.com.au/news/lenovo-thinkpad-zero-day-bypasses-windows-security-430090?utm_source=feed&utm_medium=rss&utm_campaign=iTnews+Security+feed&utm_source=twitterfeed&utm_medium=twitter

在yiSpecter和HummingBad恶意软件后的中国广告商

http://news.softpedia.com/news/chinese-advertiser-behind-yispectre-ios-malware-and-hummingbad-android-malware-505939.shtml?utm_content=buffer88cbd&utm_medium=social&utm_source=plus.google.com&utm_campaign=buffer

黑客如何窃取facebook账号,然后制作假护照

https://www.grahamcluley.com/2016/07/hacker-stole-access-facebook-users-profile-fake-passport/

仅仅48个小时,恶意软件通过facebook传播,感染1万用户

http://news.softpedia.com/news/malware-spread-via-facebook-makes-10-000-victims-in-48-hours-505969.shtml

数据泄露消息:

有人放出twitter的7千万账号以及yahoo 的500万

昨天匿名者声称放出alibaba的数据库,提供了解压密码,

因该是前段时间用的原来网易的邮箱撞库出来的,相关新闻https://nakedsecurity.sophos.com/2016/02/05/data-breach-in-china-100-million-records-used-to-hack-20-million-taobao-users/