1、Quanta LTE 路由器多个漏洞
https://pierrekim.github.io/blog/2016-04-04-quanta-lte-routers-vulnerabilities.html
2、Domino's app订购pizza时,付费漏洞
http://www.ifc0nfig.com/dominos-pizza-and-payments/
3、获取outlook,office或Azure账号的登陆token
https://whitton.xyz/articles/obtaining-tokens-outlook-office-azure-account/
4、TLS客户端陷阱
https://lukasa.co.uk/2016/04/In_Response_To_Sucuri/
5、(CVE-2016-2345) Dameware Mini Remote Control漏洞分析
6、在android市场top 15000的app程序大概有135000个潜在的漏洞
7、FreeBSD / OpenBSD x64 的shellcode
https://odzhan.wordpress.com/2016/04/03/x64-shellcodes-bsd/
8、Trooperscon 2016 安全会议视频
https://www.youtube.com/user/trooperscon?app=desktop
9、Locky恶意欺诈软件的感染过程分析
http://www.welivesecurity.com/2016/04/04/analysis-of-the-locky-infection-process/
10、mips架构的缓冲区利用
https://www.exploit-db.com/docs/39658.pdf
11、通过中间人捕捉NETLINK通信
http://dtucker.co.uk/hack/taming-netlink.html
12、IOS远程热补丁的收益与风险
https://www.fireeye.com/blog/threat-research/2016/04/rollout_or_not_the.html
13、bugcrowd csv注入漏洞
http://www.securityfocus.com/archive/1/537963
14、Tomcat7加固手册
https://www.ernw.de/download/hardening/ERNW_Checklist_Tomcat7_Hardening.pdf
15、Pwncloud:Owncloud加密模块的弱加密
https://blog.hboeck.de/archives/880-Pwncloud-bad-crypto-in-the-Owncloud-encryption-module.html
16、在linux下枚举bitlocker卷
http://blog.airbuscybersecurity.com/post/2016/01/Mounting-Bitlocker-Volumes-Under-Linux
17、在32/64位linux上利用Pax ASLR弱点
18、使用apt-get安装GSM网络
http://laforge.gnumonks.org/blog/20160328-osmocom-in-debian/
19、linux上的动态跟踪工具
https://iovisor.github.io/bcc/
20、CVE-2015-1805 漏洞分析
21、WhatsPwn:在andorid上提取敏感数据。注入后门的工具
https://github.com/jlrodriguezf/WhatsPwn
22、能够在arm架构上生成elf的C编译器
https://github.com/jserv/amacc
23、对x86平台的c函数打热补丁
http://nullprogram.com/blog/2016/03/31/
24、防止反向工程native和managerd程序
25、如何hack选举
http://www.bloomberg.com/features/2016-how-to-hack-an-election/