| 2016-11-17 | 使用nmap和自定义子域名文件发现目标子域 | re4lity | 2827 | |
| 2016-11-16 | CVE-2016-5007 Spring Security / MVC Path Matching Inconsistency | re4lity | 2894 | |
| 2016-11-16 | 在SQLite中实现命令执行 | re4lity | 2676 | |
| 2016-11-16 | SHELLING - an offensive approach to the anatomy of improperly written OS command | BaCde | 2769 | |
| 2016-11-16 | jSQL Injection v0.77 - Java application for automatic SQL database injection | vicker | 5999 | |
| 2016-11-15 | lightbulb-framework: 一款WAF审计工具 | BaCde | 2958 | |
| 2016-11-15 | Open Source Intelligence Tools and Resources Handbook[PDF] | BaCde | 7474 | |
| 2016-11-15 | Pwning Your Java Messaging With Deserialization Vulnerabilities[PDF] | BaCde | 2100 | |
| 2016-11-14 | 使用Commix绕过安全防护利用命令执行漏洞 | re4lity | 2332 | |
| 2016-11-11 | SQLi, Privilage Escalation, and PowerShell Empire | BaCde | 2057 | |
| 2016-11-11 | Tplmap:一个自动化的服务端模板注射攻击检测和漏洞利用工具 | re4lity | 2907 | |
| 2016-11-11 | 利用 Python 代码实现 Web 应用的注入 | re4lity | 2558 | |
| 2016-11-10 | 利用服务端请求伪造(SSRF)攻击进入内网 | re4lity | 2637 | |
