1、Windows访问Tokens和信任切换
http://blog.cobaltstrike.com/2015/12/16/windows-access-tokens-and-alternate-credentials/
2、ELF Parser:通过静态分析快速确认ELF
http://www.elfparser.com/download.html
3、家庭路由DNS劫持技术介绍
https://blog.malwarebytes.org/online-security/2015/12/dns-hijacks-routers/
4、使用YARA标识恶意软件
https://blog.malwarebytes.org/intelligence/2013/10/using-yara-to-attribute-malware/
5、从云端unplugging一个IOT设备
https://blog.korelogic.com/blog/2015/12/11/unplugging_iot_from_the_cloud
6、分析和检测恶意RTF文件
http://traceevidence.blogspot.in/2014/03/analyzing-and-detecting-weaponized-rtf.html
7、USB设备研究1-6
http://nicoleibrahim.com/part-3-usb-device-research-windows-registry-enumerations/
http://nicoleibrahim.com/part-2-usb-device-research-msc-vs-ptp-vs-mtp/
http://nicoleibrahim.com/part-4-usb-device-research-usb-first-insert-results/
http://nicoleibrahim.com/part-6-usb-device-research-open-file-artifacts-lnk-files/
8、通过内网外网流量关联检测APT恶意文件
http://eprints.eemcs.utwente.nl/25925/01/Master_Thesis_Terence.pdf
9、自动取证分析混淆的恶意文件
http://rfarley3.github.io/2015-GMUPhD-farleyryanj.pdf
10、smart-TV安全分析
https://hal.archives-ouvertes.fr/hal-01178553/document
11、IOS木马"Tinyv"攻击越狱的设备
http://researchcenter.paloaltonetworks.com/2015/12/ios-trojan-tinyv-attacks-jailbroken-devices/
12、通过JTAG接口检测Android设备的内核ROOTKIT
http://arxiv.org/ftp/arxiv/papers/1512/1512.04116.pdf
13、一个购买安全设备和网关的决策者指南
http://addxorrol.blogspot.com.uy/2015/12/a-decisionmakers-guide-to-buying.html
14、CVE-2015-6620 POC
https://github.com/flankerhqd/CVE-2015-6620-POC
15、CVE-2014-0282利用分析