| 2015-11-30 | Lucky Microseconds: A Timing Attack on Amazon’s s2n Implementation of TLS | tolive | 3889 | |
| 2015-11-30 | php-grinder:Simple PHP static code analysis for security researchers | ourren | 2931 | |
| 2015-11-28 | angularjs-expression-security-internals | tolive | 3410 | |
| 2015-11-27 | is_numeric的理解和PHP 脚本多字节字符解析模式带来的安全隐患 | ourren | 3626 | |
| 2015-11-27 | 3-attacks-on-cisco-tacacs-bypassing | tolive | 3065 | |
| 2015-11-25 | 360护心镜脚本分析及N种绕过方式 | ourren | 4410 | |
| 2015-11-25 | 新浪微博 CSRF & ClickJacking 蠕虫 | ourren | 4010 | |
| 2015-11-23 | A security scanner for HTTP response headers. | Bincker | 3318 | |
| 2015-11-23 | PHP static code analysis vs ~1000 top wordpress plugins | Bincker | 2026 | |
| 2015-11-23 | Exploiting JBoss with Empire and PowerShell | ourren | 2999 | |
| 2015-11-19 | Nishang: A Post-Exploitation Framework | ourren | 2880 | |
| 2015-11-19 | DZ 6.x getshell [20151117] | ourren | 2903 | |
| 2015-11-17 | Bug Bounty Web List | Bincker | 2420 | |