【特别推荐】
=============
XLL技术分析:能否为Office文件钓鱼破局?
Apache JSPWiki 任意文件删除漏洞(CVE-2021-44140)
https://cve.report/CVE-2021-44140
所有Windows版本均受影响,Cisco Talos发现一个高危提权漏洞
https://www.cnbeta.com/articles/tech/1207121.htm
TP-Link TL-XVR1800L 设备零日漏洞
漏洞发掘者WP:CVE-2021-43557(Apache APISIX)
Popping iOS <=14.7 with IOMFB(CVE-2021-30807)
https://jsherman212.github.io/2021/11/28/popping\_ios14\_with\_iomfb.html
Poc&Patch:Exchange RCE(CVE-2021-42321)
适用于红队演习的各种EDR相关信息
https://github.com/Mr-Un1k0d3r/EDRs/
4-ZERO-3:Tool to bypass 403/401
https://github.com/Dheerajmadhukar/4-ZERO-3
Katana:Python Tool For google Hacking
https://github.com/TebbaaX/Katana
不用写代码的图形化爬虫平台
https://github.com/ssssssss-team/spider-flow
汽车安全测试工具集
https://github.com/firmianay/Vehicle-Security-Toolkit
WP:HackTheBox - Union
https://0xdf.gitlab.io/2021/11/22/htb-union.html
使用JADX和Frida进行Andriod应用逆向
https://httptoolkit.tech/blog/android-reverse-engineering/
从APPLE.COM的XSS发现到构建POC获取PII
2021信息安全挑战赛Writeup完整版
https://spaceraccoon.dev/the-infosecurity-challenge-2021-full-writeup-battle-royale-for-30k
更多详情请查看原文