- Abusing Android ClipData
- What’s in a web browser a description of the Android Browser Graphics Architecture
- Remote Code Execution as System User on Android 5 Samsung Devices abusing WifiCredService (Hotspot 2.0)
- 三星安卓5.0设备WifiCredService 远程代码执行 (Chinese)
- BackStab: mobile backup data under attack from malware
- Android device encryption user interface flaw
- Nexus Security Bulletin - December 2015
- write-what-where plus heap address leaking in OMX
- CertifiGate: front door access to pwning hundreds of millions of Android PDF, Video
- CVE-2015-8088: Heap Overflow Vulnerability in the HIFI Driver of Huawei Smart Phone
- Defeating iOS Jailbreak detection for Mobile Application Testing
- iOS 9 vulnerability: Content Blockers can track browser history
- System Integrity Protection (SIP) bypass for OSX 10.11.1
- Mac OS X 10.11 FTS Buffer Overflow
- MacOS/iPhone/Apple Watch/Apple TV libc File System Buffer Overflow
- Two new samples of installers signed by #eDellRoot popped up, 1, 2
- Low-Level Windows API Access From PowerShell
- Windows Memory Forensics with Volatility
- Crafting Queries and Extracting Data from Event Logs using Microsoft Log Parser
- Malware analysis – dridex & process hollowing
- Bypass DEP and CFG using JIT compiler in Chakra engine
- Advanced Web Shell
- MASSCAN Web Interface
- A Quick Glance at Modern Browsers's Protection Part #1
- Injecting Flask
- Bad life advice - Replay attacks against HTTPS
- exploitable: 'exploitable' is a GDB extension that classifies Linux application bugs by severity.
- SprayWMI – PowerShell Injection Mass Spray Tool
- SPartan: SPartan is a Frontpage and Sharepoint fingerprinting and attack tool.
- Bypassing McAfee‘s Application Whitelisting for critical infrastructure systems
- Do not underestimate credentials leaks.
- ZERO Nights Slides
- MITM 101: ARPSpoofing
- Controlling a motorcycle tachometer with a raspberry pi
- ZeroDB, an end-to-end encrypted database, is open source!
- def.camp 2015 slides and video
- Tutorial: How to reverse unknown protocols using Netzob
- Exploiting Windows Media Center
- SECCON 2015
The resources are collected in various sources such as blog feeds, Twitter and Weibo. Here, I list some of my personally favorite sources.