| 2016-12-21 | MongoDB安全 – PHP注入攻击 | re4lity | 3390 | |
| 2016-12-21 | A collection of JavaScript engine CVEs with PoCs | BaCde | 2638 | |
| 2016-12-21 | Learning From A Year of Security Breaches – Starting Up Security | BaCde | 1682 | |
| 2016-12-20 | BurpSuite插件分享:基于Python的Web应用Fuzzing插件PyJFuzz | re4lity | 3082 | |
| 2016-12-20 | Oracle酒店管理平台的远程命令执行和持卡人数据泄漏漏洞分析(CVE-2016-5663/4/5) | re4lity | 2320 | |
| 2016-12-19 | 浅谈Web安全验证码 | ourren | 2664 | |
| 2016-12-19 | 秒爆十万字典:奇葩技巧快速枚举“一句话后门”密码 | ourren | 2637 | |
| 2016-12-19 | Mimikatz Delivery via ClickOnce with URL Parameters | ourren | 2544 | |
| 2016-12-18 | Paper/富文本存储型XSS的模糊测试之道 | ourren | 2750 | |
| 2016-12-16 | Flask框架注入科普 | re4lity | 2880 | |
| 2016-12-16 | Cracking Magento passwords for $1 | ourren | 1762 | |
| 2016-12-16 | AddThis Widget 调用 PostMessage API 导致上百万网站存在 XSS 漏洞 | re4lity | 7460 | |
| 2016-12-15 | Bruteforcer:分布式多线程破解RAR文件密码(附工具下载) | ourren | 4195 | |
