| 2016-12-21 | A collection of JavaScript engine CVEs with PoCs | BaCde | 2720 | |
| 2016-12-21 | Learning From A Year of Security Breaches – Starting Up Security | BaCde | 1719 | |
| 2016-12-20 | BurpSuite插件分享:基于Python的Web应用Fuzzing插件PyJFuzz | re4lity | 3161 | |
| 2016-12-20 | Oracle酒店管理平台的远程命令执行和持卡人数据泄漏漏洞分析(CVE-2016-5663/4/5) | re4lity | 2398 | |
| 2016-12-19 | 浅谈Web安全验证码 | ourren | 2690 | |
| 2016-12-19 | 秒爆十万字典:奇葩技巧快速枚举“一句话后门”密码 | ourren | 2688 | |
| 2016-12-19 | Mimikatz Delivery via ClickOnce with URL Parameters | ourren | 2668 | |
| 2016-12-18 | Paper/富文本存储型XSS的模糊测试之道 | ourren | 2775 | |
| 2016-12-16 | Flask框架注入科普 | re4lity | 3018 | |
| 2016-12-16 | Cracking Magento passwords for $1 | ourren | 1788 | |
| 2016-12-16 | AddThis Widget 调用 PostMessage API 导致上百万网站存在 XSS 漏洞 | re4lity | 8167 | |
| 2016-12-15 | Bruteforcer:分布式多线程破解RAR文件密码(附工具下载) | ourren | 4420 | |
| 2016-12-15 | Rar_crack: 开源RAR暴力破解工具 | ourren | 2470 | |