| 2016-12-21 | A collection of JavaScript engine CVEs with PoCs | BaCde | 2689 | |
| 2016-12-21 | Learning From A Year of Security Breaches – Starting Up Security | BaCde | 1697 | |
| 2016-12-20 | BurpSuite插件分享:基于Python的Web应用Fuzzing插件PyJFuzz | re4lity | 3120 | |
| 2016-12-20 | Oracle酒店管理平台的远程命令执行和持卡人数据泄漏漏洞分析(CVE-2016-5663/4/5) | re4lity | 2362 | |
| 2016-12-19 | 浅谈Web安全验证码 | ourren | 2677 | |
| 2016-12-19 | 秒爆十万字典:奇葩技巧快速枚举“一句话后门”密码 | ourren | 2670 | |
| 2016-12-19 | Mimikatz Delivery via ClickOnce with URL Parameters | ourren | 2614 | |
| 2016-12-18 | Paper/富文本存储型XSS的模糊测试之道 | ourren | 2764 | |
| 2016-12-16 | Flask框架注入科普 | re4lity | 2968 | |
| 2016-12-16 | Cracking Magento passwords for $1 | ourren | 1775 | |
| 2016-12-16 | AddThis Widget 调用 PostMessage API 导致上百万网站存在 XSS 漏洞 | re4lity | 7742 | |
| 2016-12-15 | Bruteforcer:分布式多线程破解RAR文件密码(附工具下载) | ourren | 4338 | |
| 2016-12-15 | Rar_crack: 开源RAR暴力破解工具 | ourren | 2464 | |
