1.nmap7发行:增加了nse,快速扫描,IPV6支持改善等功能
2.摧毁Hidden Tear恶意勒索软件的加密
http://www.utkusen.com/blog/destroying-the-encryption-of-hidden-tear-ransomware.html
3.HTTP逃逸第八部分:Borderline Robustness
http://noxxi.de/research/http-evader-explained-8-borderline-robustness.html
4.oracle 安全 2015 :涉及漏洞总结,ORACLE自身的安全措施等内容
http://www.red-database-security.com/wp/best_of_oracle_security_2015.pdf
5.DLL/PIC注入从wow64进程
https://odzhan.wordpress.com/2015/11/19/dllpic-injection-on-windows-from-wow64-process/
6.honeyPy:一个低交互的蜜罐
https://github.com/foospidy/HoneyPy
7.TrueCrypt深入安全分析报告
http://sseblog.ec-spride.de/2015/11/truecrypt-analysis/
8.ARRIS光猫:后门中的后门
https://w00tsec.blogspot.tw/2015/11/arris-cable-modem-has-backdoor-in.html
9.python恶意软件
https://www.threatstream.com/blog/crushing-python-malware
10.解密emdivi照哦姑娘的字符串
http://blog.jpcert.or.jp/2015/11/decrypting-strings-in-emdivi.html
11.horde groupware 5.2.10 csrf漏洞
https://www.exploit-db.com/exploits/38765/
12.从钓鱼邮件到pony木马的分析
https://blog.malwarebytes.org/intelligence/2015/11/no-money-but-pony-from-a-mail-to-a-trojan-horse/
13.cloudzombie:分析来自云的slow-read分布式拒绝服务攻击
http://www.saeedsh.com/resources/CloudZombie.pdf
14.PS4网络流量解密困难?
http://ethanheilman.tumblr.com/post/133488739430/is-playstation-4-network-traffic-especially
15.damballa发现新的攻击工具,帮助攻击者扩大攻击面
16.从注册表里执行加密文件
https://gist.github.com/subTee/aacc6c91b5da04f96cd1
17.微软安全情报19期:APT28/PAWN STROM/SOFACY组织的活动
18.反向工程ios photo vaults
http://blog.ioactive.com/2015/11/breaking-into-and-reverse-engineering.html
19.分析chrome扩展,有关用户隐私的安全
http://labs.detectify.com/post/133528218381/chrome-extensions-aka-total-absence-of-privacy
20.beef利用框架演示
评论