As a security researcher, I read a lot materials such as news, reports, tools, slides and blogs on various topics. Therefore, I plan to summarize and list them here weekly. I will also write some comments on interesting topics. If you find any important things are not listed, please ping me on Twitter (or other channels). Enjoy!
- Report of the Manhattan District Attorney’s Office on smartphone encryption and public safety.
- TNW News: older versions of Android can easily be remotely reset by Google if compelled by a court order, allowing investigators to easily view the contents of a device.
- Windows Phone 8 Case Study: Forensic Arifacts & Challenges
- Breaking into and Reverse Engineering iOS Photo Vaults
- Mobile Security News Update November 2015. Monthly news summary on mobile security.
- Automating Linux meory capture
- Defusing a binary bomb with
gdb, Part 1, Part 2
- Data Exfiltration via Blind OS Command Injection
- Introducing WMIOps, and Github Repo
- A king's ransom: an analysis of the CTB-locker ransomware
- DLL Hijacking Like a Boss!
- Plumbing the Depths: ShellBags
- Windows ShellBags forensics in depth
- DLL/PIC Injection on Windows from Wow64 process
- Destroying The Encryption of Hidden Tear Ransomware
- Windows Sandbox Attack Surface Analysis
- A Guide to Malware Binary Reconstruction
- PHP static code analysis vs ~1000 top wordpress plugins = 103 vulnerable plugins found. Most of them are XSS. Be careful when using WordPress and its plugins.
- XSSER, demo - From XSS to RCE 2.0 - Black Hat Europe Arsenal 2015
- Even the LastPass Will be Stolen, Deal with It!
- Rekall Memory Forensics, homepage and Github
- Evading Defenses with Acidrain, Powershell, Github and Pastebin
- HoneyPy: a low interaction honeypot
- APK Studio: cross-platform Qt5 based IDE for reverse-engineering android applications
- Router Exploitation Toolkit - REXT: small toolkit for easy creation and usage of various python scripts that work with embedded devices
- pemcracker: Tool to crack encrypted PEM files
- PowerTools: PowerTools is a collection of PowerShell projects with a focus on offensive operations
- IDA Pro Quick Reference Sheet
- Tor forensics on Windows OS
- Break a dozen secret keys, get a million more for free
- Hacking GCN via OpenGL
- UAV (aka drone) Forensics
- TIFU by using Math.random()
- A Forensic Look at Bitcoin Cryptocurrency
- x86 Assembly Guide
- Inspecting Heap Objects with LLDB
- Best of Oracle Security 2015
- No money, but Pony! From a mail to a trojan horse
The resources are collected in various sources such as blog feeds, Twitter and Weibo. Here, I list some of my personally favorite sources.