资讯类
Meltdown & Spectre 漏洞补丁导致Ubuntu 16.04无法启动
macOS又爆出密码漏洞:macOS High Sierra’s App Store系统偏好设置可被任意密码解锁
https://twitter.com/zackwhittaker/status/951143200470728704
https://www.reddit.com/r/netsec/comments/7pi8lk/macos_high_sierras_app_store_system_preferences/
https://www.macrumors.com/2018/01/10/macos-high-sierra-app-store-password-bug/
http://openradar.appspot.com/36350507
WhatsApp漏洞可使潜在的攻击者监控加密群聊
http://thehackernews.com/2018/01/whatsapp-encryption-spying.html
技术类
CVE-2017-17485 jackson-rce-via-spel PoC
https://github.com/irsl/jackson-rce-via-spel
看我如何逆向OBi200 Google Voice Appliance:Part 3
https://randywestergren.com/reverse-engineering-obi200-google-voice-appliance-part-3/
一些Wget常用命令
https://n0where.net/howto-wget-command-examples
WPA3新特性解释 – 什么是WPA3?
http://rootsaid.com/wpa3-features-explained/
SANS Christmas Challenge 2017 Writeup
https://allyourbase.utouch.fr/posts/2018/01/10/sans-christmas-challenge-2017/
学习如何用汇编(ARM 32位)编写TCP bind Shell
https://azeria-labs.com/tcp-bind-shell-in-assembly-arm-32-bit/
Parity Ethereum Client <= v1.6.10 Dapp浏览器webproxy token reuse同源策略绕过(含PoC)
https://github.com/tintinweb/pub/tree/master/pocs/cve-2017-18016
CVE-2017-4946:VMware Horizon desktop agent 提权漏洞
WordPress Plugin Events Calendar event_id SQL Injection
https://cxsecurity.com/issue/WLB-2018010099
新的移动恶意软件利用分层混淆瞄准俄罗斯银行
自动化的网络攻击武器
https://github.com/dendisuhubdy/cyberweapons
一些黑客攻击武器的Demo
https://github.com/LockGit/Hacking
前渗透信息探测工具集-子域名
https://github.com/coco413/DiscoverSubdomain
PhpSploit:后渗透测试框架
https://n0where.net/stealth-post-exploitation-framework-phpsploit
