1、攻击者能轻松的发布恶意packages,如何阻止这种行为

https://snyk.io/blog/publishing-malicious-packages/

2、用scratch新建LetsEncrypt客户端

https://github.com/alexpeattie/letsencrypt-fromscratch

3、Metaphor :  Stagefright with ASLR bypass

https://github.com/NorthBit/Metaphor

4、介绍内存损坏bug(基于栈)

https://drive.google.com/file/d/0B0tBYiOD2uG7d1Q1d0k1VUdPbWs/view?pref=2&pli=1

5、对burpsuite的以及其一些扩展的简单介绍

https://www.nopsec.com/blog/projecting-your-burp/

6、IOT和个人数据隐私

http://www.networkworld.com/article/3026293/security/iot-and-data-privacy.html

7、系统管理的SOC资源

https://isc.sans.edu/diary/SOC+Resources+for+System+Management/20893

8、流量分析练习:MARCH MADNESS

http://malware-traffic-analysis.net/2016/03/30/index.html

9、面对redteam的下一代渗透测试之Recon(侦查)

http://www.crowdstrike.com/blog/next-gen-penetration-testing-recon-red-team/

10、接上篇,blueTeam面对redteam的Recon(侦查)如何做检测

http://www.crowdstrike.com/blog/reconnaissance-detection-blue-team/

11、如何检测正在传递的TrueCrypt blobs

http://blog.erratasec.com/2016/03/how-to-detect-truecrypt-blobs-being.html

12、网络侦查(Recon)技术入门

http://resources.infosecinstitute.com/snort-network-recon-techniques/

13、Qualys SSL Test的在线测试windows版

https://scotthelme.co.uk/getting-an-a-on-the-qualys-ssl-test-windows-edition/

14、反向工程师如何使用Sublime Text做Fuzzy匹配

https://blog.forrestthewoods.com/reverse-engineering-sublime-text-s-fuzzy-match-4cffeed33fdb#.9wykb58zq

15、以云为中心的物联网

http://lynnlangit.com/2016/03/29/cloud-centric-internet-of-things/

16、如何准备一场DDOS攻击

https://blog.radware.com/security/2016/03/how-to-prepare-for-a-ddos-attack/

17、一些wifi安全学习资源

https://canyoupwn.me/en-awesome-learn-wifi-security/

18、使用frida Hooking firefox  PR_Write

https://wiremask.eu/articles/hooking-firefox-with-frida/

19、Adobe Flash – Object.unwatch UAF POC

https://www.exploit-db.com/exploits/39631/