技术类:

Python urllib中的http头注入

http://blog.blindspotsecurity.com/2016/06/advisory-http-header-injection-in.html

一行bash可通过paypal api hack 100.000$ (教育目的)

https://github.com/tfairane/HackStory/blob/master/PayPalNVP.md

在ProGuarded 保护过的android app中访问本地变量

https://blog.silentsignal.eu/2016/06/16/accessing-local-variables-in-proguarded-android-apps/

securityfest2016会议的视频

https://securityfest.com/speakers/

来自Troopers 2016的ppt:The Joy of Sandbox Mitigations

https://www.troopers.de/media/filer_public/f6/07/f6076037-85e0-42b7-9a51-507986edafce/the_joy_of_sandbox_mitigations_export.pdf

智能检测Tor的网络中被动嗅探

https://chloe.re/2016/06/16/badonions/

如何写一个编译器

http://orangejuiceliberationfront.com/how-to-write-a-compiler/

unix基础101,opsschool也有许多其他方面不错的基础教程

http://www.opsschool.org/en/latest/unix_101.html

Angler exploit kit 真的消失了吗?

https://nakedsecurity.sophos.com/2016/06/16/is-angler-exploit-kit-dead/

反向工程尼桑leaf的电池组

http://hackaday.com/2016/06/16/reverse-engineering-a-nissan-leaf-battery-pack/

新威胁:通过vba宏攻击目标

http://www.malware-reversing.com/2016/06/new-threat-actor-uses-vba-macros-in.html

汇总最近的anti-sandbox技巧

http://joe4security.blogspot.com/2016/06/summary-of-recent-anti-sandbox-tricks.html

Chrome GPU Process MailboxManagerImpl Double Read POC

https://packetstormsecurity.com/files/137504/GS20160616153455.tgz

Microsoft Edge JavaScript map 方法越界写导致远程代码执行

http://www.zerodayinitiative.com/advisories/ZDI-16-368/

snmpv3用户列举和攻击工具

https://github.com/hatlord/snmpwn

微软6月补丁修复潜在的CFG绕过

https://blogs.mcafee.com/mcafee-labs/microsofts-june-patch-kills-potential-cfg-bypass/

绕过appsolid的andorid 应用保护

https://www.pnfsoftware.com/blog/defeating-appsolid-android-protector/

github安全问题导致重置用户账户

https://github.com/blog/2190-github-security-update-reused-password-attack

资讯类:

TOR核心开发“ Jacob Appelbaum ”面临性指控

http://www.zdnet.com//article/key-tor-developer-jacob-appelbaum-leaves-amidst-sexual-misconduct-claims/

匿名者黑了ISIS账号发布色情twitter

http://www.infosecurity-magazine.com/news/anonymous-hacks-isis-accounts-to/?utm_source=dlvr.it&utm_medium=twitter

cisco wireless kit存有严重漏洞,至今未修复

http://securityaffairs.co/wordpress/48436/hacking/cisco-wireless-kits-bug.html

西门子ICS gear发现内嵌密码

http://www.theregister.co.uk/2016/06/16/dodgy_creds_found_in_siemens_ics_gear/

通过ss7协议配合电话号码就可以黑掉fackbook账号

http://securityaffairs.co/wordpress/48421/hacking/hacking-facebook-accounts-ss7.html

前ISIS黑客被捕后声称偷取了1000个美国军方个人信息

http://www.zdnet.com/article/pro-isis-hacker-pleads-guilty-after-stealing-names-of-1000-us-military-personnel/#ftag=RSSbaffb68

看门狗计划:FBI有4亿脸部识别照片

http://www.zdnet.com/article/federal-watchdog-concerned-at-fbi-biometric-database/#ftag=RSSbaffb68

数据泄露消息:

疑似前段时间twiiter的数据被放出来了,不过下载链接已经删除J

Twitter Database Dump – over 40 millions users and password.

700MB Email:Password in clear-text

Link:

https://mega.nz/#!MYxXBDpC!8DSM0KDq-b_OP7C7dsGqLus1wsBhbFbR–uRv2DDR6k