一些不错的技术文章 2015-04-03
report
Open Crypto Audit Project TrueCrypt LINK
Android Security 2014 Year in Review LINK
web:
The story of a pentester recruitment LINK
Scriptless attacks via CSS LINK
hacking wordpress LINK
Critical vulnerabilities in JSON Web Token libraries LINK
Website Malware – The SWF iFrame Injector Evolves LINK
二进制:
SQLite prepared statement use-after-free – [A local PHP exploit] LINK
Research Spotlight: FreeSentry Mitigating use-after-free Vulnerabilities LINK
advanced pdf tricks LINK
Finding Holes LINK
移动:
Pawn Storm: Malware on iOS devices? LINK
Instrumenting Android Applications with Frida LINK
A timeline of mobile botnets LINK
other
Using the docker command to root the host LINK
PS: 利用docker特性获取权限
How to own any windows network with group policy hijacking attacks LINK
PS: 内网相关,这家实验室的都是干货。
THE SAD STATE OF SMTP ENCRYPTION LINK
PS: 加密
Recovering deleted records from an SQLite database (updated) LINK
PS: 从sqlite中恢复数据
poweliks command line confusion LINK
Detection, analysis and display of attacks using Honeypots LINK
PS: 基于蜜罐的数据分析
Optical Delusions: A Study of Malicious QR Codes in the Wild LINK
PS: 恶意二维码
Enough With the Salts: Updates on Secure Password Schemes LINK
PS: 加密
会议
SyScan 2015
Hacking With Pictures LINK
Modern Binary Exploitation LINK
PS:大量二进制干货