漏洞 Vulnerability CVE-2020-0674：Internet Explorer UAF 漏洞exp https://github.com/maxpl0it/CVE-2020-0674-Exploit CVE-2020-11932: WhatsApp Double-Free 漏洞exp https://github.com/ProjectorBUg/CVE-2020-11932 恶意软件 Malware 分析利用D-Link NAS 或 NVR设备 构建的IoT僵尸网络 https://www.forcepoint.com/blog/x-labs/botnets-nas-nvr-devices 针对一款朝鲜的字典软件进行逆向分析 https://digitalnk.com/blog/2020/05/08/porting-north-korean-dictionaries-with-rust/ Microsoft and Intel Labs 将恶意样本转化成图片用于探测和分类 https://www.zdnet.com/article/microsoft-and-intel-project-converts-malware-into-images-before-analyzing-it/ 安全研究 Security Research Windows认证攻击 part 2 – kerberos https://blog.redforce.io/windows-authentication-attacks-part-2-kerberos/ iOS沙箱逃逸0day分析，iOS 13.5 beta 3已修复 https://github.com/Siguza/psychicpaper 30个Windows 利用教程集合 https://fullpwnops.com/windows-exploitation-pathway.html CVE-2018-8611： Windows KTM 漏洞利用 Part 3/5——触发条件竞争以及调试技巧 https://research.nccgroup.com/2020/05/11/cve-2018-8611-exploiting-windows-ktm-part-3-5-triggering-the-race-condition-and-debugging-tricks/ Hyper-V 研究搜集 (2006-2019) https://github.com/gerhart01/Hyper-V-Internals/blob/master/HyperResearchesHistory.md 空指针-Base on windows Writeup — 最新版DZ3.4实战渗透 https://mp.weixin.qq.com/s/YfbWf_o_v7uP3XwlYgl_LA Hypercalls 研究分析 https://foxhex0ne.blogspot.com/2020/05/hyper-v-0x1-hypercalls-part-1.html 安全工具 Security Tools Shellcode Compiler：用于生成Windows 和 Linux平台的shellcode工具 https://github.com/NytroRST/ShellcodeCompiler SkCodecFuzzer：P0开源的Android Skia Image fuzz工具 https://github.com/googleprojectzero/SkCodecFuzzer SMB 登录暴力破解的PowerShel脚本 https://www.infosecmatter.com/minimalistic-smb-login-bruteforcer/ BadDNS：Rust 开发的使用公共 DNS 服务器进行多层子域名探测工具 https://github.com/joinsec/BadDNS SharpC2：一款.NET C2 框架 https://rastamouse.me/2020/05/sharpc2/ drow：ELF文件patch 工具 https://github.com/zznop/drow clipboardme：通过link 获取和注入clipboard 工具 https://github.com/thelinuxchoice/clipboardme