Copy Data into Remote Process Address Space with Window Messages（代码注入）

https://github.com/vallejocc/PoC-Inject-Data-WM_COPYDATA

Exploits RDP auth for RCE（CVE-2018-0886 的 PoC）

https://github.com/preempt/credssp

Instant setup of VM for different CPU architectures（配置不同 CPU 架构的虚拟机）

https://github.com/nongiach/arm_now

A sandboxed container runtime（gVisor 沙箱）

https://github.com/google/gvisor

Awesome Firmware Security（固件安全）

https://github.com/PreOS-Security/awesome-firmware-security/

OPCDE 2018 Slides

https://github.com/comaeio/OPCDE/tree/master/2018

HITB 2018 AMS Slides

https://conference.hitb.org/hitbsecconf2018ams/materials/

Detecting Kernel Infoleaks with x86 Emulation, Slides（内核信息泄露）

http://j00ru.vexillium.org/slides/2018/infiltrate.pdf

The Life And Death of Kernel Object Abuse by Type Isolation, Slides（内核对象漏洞利用缓解）

https://github.com/comaeio/OPCDE/tree/master/2018/The%20Life%20%26%20Death%20of%20Kernel%20Object%20Abuse%20by%20Type%20Isolation%20-%20Saif%20ElSheri%20Ian%20Kronquist

Exploiting Branch Target Injection, Slides（CPU 漏洞）

https://drive.google.com/file/d/1caH71xMYbkB3q-HCkzsMhVK1_mWjz0yw/view

GLitch（GPU，Rowhammer 攻击）

https://www.vusec.net/projects/glitch/

Apple Safari - Wasm Section Exploit（Safari Wasm 组件漏洞分析）

https://labs.mwrinfosecurity.com/assets/BlogFiles/apple-safari-wasm-section-vuln-write-up-2018-04-16.pdf

https://github.com/mwrlabs/CVE-2018-4121

7-Zip: From Uninitialized Memory to Remote Code Execution（7-Zip CVE-2018-10115 漏洞分析）

https://landave.io/2018/05/7-zip-from-uninitialized-memory-to-remote-code-execution/

Breaking CFI: Exploiting CVE-2015-5122 using COOP（基于 COOP 的 CFI 绕过）

https://perception-point.io/2018/04/11/breaking-cfi-cve-2015-5122-coop/

Fuzzing Adobe Reader for exploitable vulns（Adobe Reader 的 Fuzzing）

https://kciredor.com/fuzzing-adobe-reader-for-exploitable-vulns-fun-not-profit.html

Automatic Heap Layout Manipulation for Exploitation（自动化构建漏洞利用堆内存布局）

https://arxiv.org/pdf/1804.08470.pdf

Hyper-V symbols for debugging（Hyper-V 调试符号）

https://blogs.technet.microsoft.com/virtualization/2018/04/25/hyper-v-symbols-for-debugging/

GravityRAT - The Two-Year Evolution Of An APT（反虚拟机之检测硬件温度）

https://blog.talosintelligence.com/2018/04/gravityrat-two-year-evolution-of-apt.html

Upgrading ApiScout: Introducing ApiVectors（基于 API 比对的恶意程序识别）

http://byte-atlas.blogspot.de/2018/04/apivectors.html

How to become the best Malware Analyst E-V-E-R（恶意程序逆向经验谈）

http://www.hexacorn.com/blog/2018/04/14/how-to-become-the-best-malware-analyst-e-v-e-r/

Tools for microarchitectural benchmarking（代码性能分析）

https://dendibakh.github.io/blog/2018/04/03/Tools-for-microarchitectural-benchmarking

Norton Core Secure WiFi Router（Norton 安全路由器分析）

https://embedi.com/blog/whos-watching-the-watchers-vol-ii-norton-core-secure-wifi-router/

The Connected Car - Ways to get unauthorized access and potential implications（汽车 hacking）

https://www.computest.nl/wp-content/uploads/2018/04/connected-car-rapport.pdf

[注意]传递专业知识、拓宽行业人脉——看雪讲师团队等你加入！