1、基于python的开源mac系统管理工具
https://github.com/timsutton/python-macadmin-tools
2、短网址对云服务的威胁
https://freedom-to-tinker.com/blog/vitaly/gone-in-six-characters-short-urls-considered-harmful-for-cloud-services/
3、CanSecWest2016会议PPT
http://www.slideshare.net/CanSecWest/presentations
4、cssi攻击:一个琐细但普遍存在的一种Web漏洞类型
http://www.scip.ch/en/?labs.20160414
5、VMware PowerCLI :开启/禁用每台vSphere cluster
https://davidring.ie/2016/04/14/vmware-powercli-enabledisable-ssh/
6、QuickTime Atom 处理导致堆损坏可引发远程代码执行
http://www.zerodayinitiative.com/advisories/ZDI-16-242/
7、使用javascript在企业中建立一个家园(替代powershell的另一种思路 )
http://subt0x10.blogspot.tw/2016/04/setting-up-homestead-in-enterprise-with.html
8、杀软逃逸(免杀)的一些方法
https://www.gracefulsecurity.com/anti-virus-evasion/
9、Tenable Nessus Bugs 可以构造CSS攻击和让远程认证用户拒绝服务
http://www.securitytracker.com/id/1035567
10、利用现有的注册文件中的栈指针副本进行错误检测
http://www.median-project.eu/wp-content/uploads/MEDIAN-Finale-s3-1.pdf
11、如何利用android备份导出沙盒APP文件
https://www.pentestpartners.com/blog/how-to-subvert-android-backups-to-export-sandboxed-app-files/
12、MS16-045 允许通过RCE实现 guest-to-host Hyper-V 逃逸
https://technet.microsoft.com/library/security/MS16-045
13、在IE的input hidden触发XSS
http://masatokinugawa.l0.cm/2016/04/hidden-input-xss.html
14、Linux 排错 Cheatsheet
https://sysdig.com/blog/linux-troubleshooting-cheatsheet/