有些可能需要VPN访问，安全性方面自己多留意:P

The x86 processor fuzzer

https://github.com/xoreaxeaxeax/sandsifter

A New Paradigm For Full System Analysis

https://github.com/fireeye/rvmi

Detecting Host-Based Code Injection Attacks in Memory Dumps

https://github.com/tbarabosch/quincy

A Free and Open Source program diffing tool

https://github.com/joxeankoret/diaphora

A .NET Class Library for processing ShellLink (LNK) files

https://github.com/securifybv/ShellLink

A categorized list of C++ resources

https://github.com/MattPD/cpplinks

Security Research from the Microsoft Security Response Center

https://github.com/Microsoft/MSRC-Security-Research

Hitch a free ride to Ring 0 on Windows

https://github.com/zerosum0x0/puppetstrings

IRPMon: An improved version of IrpTracker

https://github.com/MartinDrab/IRPMon

REcon Montreal 2017 slides

https://recon.cx/2017/montreal/slides/

DEFCON 25 slides

https://media.defcon.org/DEF%20CON%2025/DEF%20CON%2025%20presentations/

Abusing GDI Objects for ring0 Primitives Revolution

https://sensepost.com/blog/2017/abusing-gdi-objects-for-ring0-primitives-revolution/

Data Only Attacks Are Still Alive

https://improsec.com/blog//data-only-attacks-are-still-alive

EnglishmansDentist Exploit Analysis

https://blogs.technet.microsoft.com/srd/2017/07/20/englishmansdentist-exploit-analysis/

Firefox DEP and ASLR Bypass Using JIT-Spray

https://rh0dev.github.io/blog/2017/the-return-of-the-jit/

CVE-2017-0190: WMF Flaws Can Lead to Data Theft, Code Execution

https://securingtomorrow.mcafee.com/mcafee-labs/analyzing-cve-2017-0190-wmf-flaws-can-lead-data-theft-code-execution/

Analyzing a Patch of a Virtual Machine Escape on VMware

https://securingtomorrow.mcafee.com/mcafee-labs/analyzing-patch-of-a-virtual-machine-escape-on-vmware/

Pythonizing the VMware Backdoor

https://www.zerodayinitiative.com/blog/2017/8/1/pythonizing-the-vmware-backdoor

CVE-2017-8570: "Bypassing" Microsoft's Patch for CVE-2017-0199

http://justhaifei1.blogspot.com/2017/07/bypassing-microsofts-cve-2017-0199-patch.html

Analysis of a "new" RTF malware obfuscation method

https://furoner.wordpress.com/2017/07/06/analysis-of-new-rtf-malware-obfuscation-method/

Zeus Panda: Down To The Roots

https://cyberwtf.files.wordpress.com/2017/07/panda-whitepaper.pdf

Living off the land and fileless attack techniques

https://www.symantec.com/content/dam/symantec/docs/security-center/white-papers/istr-living-off-the-land-and-fileless-attack-techniques-en.pdf

A list of tools to work with malware

http://malwareanalysis.tools/

A Technical Survey Of Common And Trending Process Injection Techniques

https://www.endgame.com/blog/technical-blog/ten-process-injection-techniques-technical-survey-common-and-trending-process

Inject All the Things

http://blog.deniable.org/blog/2017/07/16/inject-all-the-things/

Hyper-V debugging for beginners

http://hvinternals.blogspot.com/2015/10/hyper-v-debugging-for-beginners.html

Elliptic Curve Cryptography Tutorial

https://www.johannes-bauer.com/compsci/ecc/

Vellvm: Verifying the LLVM

http://www.cis.upenn.edu/~stevez/vellvm/

PyDial: Multi-domain Statistical Dialogue System Toolkit

http://www.camdial.org/pydial/

How To Develop Your Own Boot Loader

https://www.apriorit.com/dev-blog/66-develop-boot-loader

BootStomp: On the Security of Bootloaders in Mobile Devices

http://cs.ucsb.edu/~yanick/publications/2017_sec_bootstomp.pdf

Vulnerabilities in High Assurance Boot of NXP i.MX microprocessors

https://blog.quarkslab.com/vulnerabilities-in-high-assurance-boot-of-nxp-imx-microprocessors.html

Emulation and Exploration of BCM WiFi Frame Parsing using LuaQEMU

https://comsecuris.com/blog/posts/luaqemu_bcm_wifi/

[招生]科锐逆向工程师培训(2024年11月15日实地，远程教学同时开班, 第51期)