HPE IMC中各种攻击媒介的进一步分析

https://www.zerodayinitiative.com/blog/2018/2/6/one-mans-patch-is-another-mans-treasure-a-tale-of-a-failed-hpe-patch

 

Joomla!3.8.3:通过SQL注入来提升权限

https://blog.ripstech.com/2018/joomla-privilege-escalation-via-sql-injection/

 

关于硬件木马的一些讨论

https://www.benthamsgaze.org/2018/02/06/a-witch-hunt-for-trojans-in-our-chips/

 

PLUGX恶意软件分析

https://countuponsecurity.com/2018/02/04/malware-analysis-plugx

 

『安全开发教学』Github泄露扫描系统开发

https://weibo.com/ttarticle/p/show?id=2309404204494916341366

 

ADB.Miner 安卓蠕虫的更多信息

http://blog.netlab.360.com/adb-miner-more-information/

 

Glibc缓冲区下溢漏洞分析(CVE–2018-1000001)

https://paper.seebug.org/528/

 

Evil XML with two encodings
https://mohemiv.com/all/evil-xml/

 

FreeFloat FTP1.0 溢出漏洞分析

https://mp.weixin.qq.com/s/MSaEbeNN0zbrNY50_30FRQ

 

pwnhub年前最后一战——“血月归来”writeup

https://www.secpulse.com/archives/68026.html

 

DowginCw病毒家族解析

https://www.secpulse.com/archives/68040.html

 

渗透测试 — VulnHub –CTF FristiLeaks v1.3

https://mp.weixin.qq.com/s/vroN1CKPjf2x033E0e43vg

 

Archery —— 开源漏洞评估和管理工具

https://github.com/archerysec/archerysec

 

kiwi:安全源码审计工具

https://github.com/alpha1e0/kiwi