1.使用elk stack + packetbeat和watcher检测DNS隧道(像iodine)的工具

https://github.com/elastic/examples/tree/master/packetbeat_dns_tunnel_detection

2.binary ninja（二进制忍者） api 介绍 

http://arm.ninja/2016/03/08/intro-to-binary-ninja-api/

3.视频演示如何搭建一个nsm实验平台 

http://chrissanders.org/2016/03/video-building-an-nsm-lab/

4.Honerix：一款在线的，分布式的蜜罐，用于捕捉基于WEB的攻击 

https://www.honerix.com/

5.Linux的审计无可避免的形态 

https://strcpy.net/audit.pdf

6.firmadyne：模拟和动态分析基于LINUX的固件的paper 

https://github.com/firmadyne/firmadyne/blob/master/paper/paper.pdf

7.internetwache 2015 writeup 

https://github.com/praetorian-inc/ctf-writeups/tree/master/internetwache-2015

8.CVE-2015-7547的另一版poc，GOOGLE版的在https://github.com/fjserna/CVE-2015-7547 

https://github.com/jgajek/cve-2015-7547

9.针对fedora的linux发行版的渗透测试工具脚本 

https://github.com/madmantm/fedora-pentest-tools

10.subsearch：一款java语言编写的子域暴力破解工具 

https://github.com/gavia/subsearch

11.能够获取wlanprofiles（存储无线连接配置的文件）文件里的加密字符串或者明文密码的powershell脚本 

https://github.com/BornToBeRoot/PowerShell_Get-WLANProfiles

12.ARCANUS：一款go语言编写的能够自定义payload的工具 

https://github.com/EgeBalci/ARCANUS

13.subtee在Troopers2016会议上演讲的POC代码 （大部分是应用白名单逃逸的) 

https://github.com/subTee/Troopers2016

14.openssh修补信息泄露漏洞(http://www.openssh.com/txt/x11fwd.adv) 

https://threatpost.com/openssh-patches-information-leak-flaw/116760/

15.闭路电视演示窃贼如何针对在3秒内对POS机安装信用卡密码偷取硬件的（POS credit card skimmer），另一篇报道http://securityaffairs.co/wordpress/45310/cyber-crime/skimmer-gas-station-card.html 

http://motherboard.vice.com/read/credit-card-reader-skimmer-video

16.在 iOS 8上dump内存 

https://blog.netspi.com/dumping-memory-on-ios-8/

17.onioncat:一款匿名的洋葱VPN适配器 

https://www.onioncat.org/download/

18.鱼叉式钓鱼的真实案例 

http://resources.infosecinstitute.com/spear-phishing-real-life-examples/

19.首席数字官（Chief Digital Officers）在2016年必须要做的5件事 

https://www.linkedin.com/pulse/4-must-dos-chief-digital-officers-2016-daniel-newman

20.事件响应的方法和工具集 

https://github.com/meirwah/awesome-incident-response

21.MobSF发布新版，相关ppt在http://www.slideshare.net/ajin25/nullcon-goa-2016-automated-mobile-application-security-testing-with-mobile-security-framework-mobsf 

https://github.com/ajinabraham/Mobile-Security-Framework-MobSF

22.如何在firefox os上利用XSS/HTML注入

https://gist.github.com/nishimunea/264695161a6796f1912f

23.通过c++模板元编程进行二进制代码混淆 

https://eden.dei.uc.pt/~sneves/pubs/2012-snfa2.pdf