安全工具 Security Tools PowerShellRunBox – 利用 PowerShell debugging 调试的方法自动化分析混淆的 PowerShell 样本 https://blog.apnic.net/2019/10/23/powershellrunbox-analyzing-powershell-threats-using-powershell-debugging/ Base64编码备忘录 https://gist.github.com/Neo23x0/6af876ee72b51676c82a2db8d2cd3639 JSONBee：利用jsonp绕过csp的工具 https://github.com/zigoo0/JSONBee 安全报告 Security Report PSec 2019 会议《Advancing Windows Security》的演讲视频 https://www.platformsecuritysummit.com/2019/speaker/weston/ 恶意软件 Malware 朝鲜 APT 组织 HIDDEN COBRA 远控工具 NukeSped 的分析 https://www.fortinet.com/blog/threat-research/deep-analysis-nukesped-rat.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+fortinet%2Fblog%2Fthreat-research+%28Fortinet+Threat+Research+Blog%29 安全研究 Security Research 硬件学习之通过树莓派操控 jtag https://paper.seebug.org/1060/ PHP-fpm 远程代码执行漏洞(CVE-2019-11043)分析 https://paper.seebug.org/1063/ 测试和破坏JWT身份验证的实用方法 https://mazinahmed.net/blog/breaking-jwt/ iOS BootROM checkm8 Exploit 的详细分析 https://habr.com/en/company/dsec/blog/472762/ Kibana CVE-2019-7609 RCE Exploit https://github.com/LandGrey/CVE-2019-7609/ Spring Security OAuth 2.3 Open Redirection(CVE-2019–3778)漏洞分析 https://www.freebuf.com/vuls/216582.html