1、滲透 Facebook 的思路與發現

http://devco.re/blog/2016/04/21/how-I-hacked-facebook-and-found-someones-backdoor-script/

2、Lansweeper 5 SQL注入漏洞和弱信用存储导致域管理密码可被恢复

http://blog.gosecure.ca/2016/04/21/your-credentials-at-risk-with-lansweeper-5/

3、PS>Attack v1.1.0 发行

https://github.com/jaredhaight/PSAttack/releases/tag/v1.1.0

4、OS X fuzzing

http://infiltratecon.com/archives/Slides_Artem_Dinaburg.pdf

5、赋予老的远控新的技巧(解包和处理.net RAT)

https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/

6、html注入快速参考手册

http://mutantzombie.github.io/HIQR/hiqr.html

7、展望在荷兰的网络攻击服务商

http://blog.trendmicro.com/trendlabs-security-intelligence/looking-into-a-cyber-attack-facilitator-in-the-netherlands/

8、基于CFG生成的恶意软件的混淆代码定位

http://www.jaist.ac.jp/~mizuhito/papers/conference/FPS15.pdf

9、wincheck rc8.56 发行

http://redplait.blogspot.tw/2016/04/wincheck-rc856.html

10、使用api hammering逃逸沙盒

http://joe4security.blogspot.tw/2016/04/nymaim-evading-sandboxes-with-api.html

11、oracle oit 图形导出sdk LIBVS_PDF引用索引代码执行漏洞

http://blog.talosintel.com/2016/04/oracle-oit-image-export-sdk-libvspdf.html

12、使用 Capstone & FLIRT签名在ollydbg中检测库函数的工具

https://github.com/mokhdzanifaeq/pyflirt

13、剖析数据泄漏

http://blog.illusivenetworks.com/data-breach-anatomy

14、Amazon Inspector:自动评估你的Amazon EC2实例的安全

http://blogs.aws.amazon.com/security/post/TxKROUEOBD9AGP/Now-Generally-Available-Amazon-Inspector

15、对最近恶意欺诈勒索软件攻击的一个案例学习

https://community.rsa.com/community/products/security-analytics/blog/2016/04/18/held-for-ransom-a-case-study-of-a-recent-ransomware-attack

16、phorum 论坛漏洞泄露

https://www.exploit-db.com/docs/39717.pdf

17、Microsoft Windows 7-10 & Server 2008-2012 – Local Privilege Escalation (x32/x64) (MS16-032)  本地提权POWERSHELL版

https://www.exploit-db.com/exploits/39719/

18、xss cookie 小偷脚本

http://neonprimetime.blogspot.tw/2016/04/xss-cookie-theft.html

19、GlassRAT 木马是如何逃避检测的

http://searchsecurity.techtarget.com/answer/How-did-remote-access-Trojan-GlassRAT-evade-detection

20、Pazuzu: 从内存运行二进制

https://github.com/BorjaMerino/Pazuzu

21、SSD and eMMC 取证 2016

https://articles.forensicfocus.com/2016/04/20/ssd-and-emmc-forensics-2016/