[ Debug ]  在共享库初始化前使用 Frida 来 Hook 共享库的方法: http://www.giovanni-rocca.com/giving-yourself-a-window-to-debug-a-shared-library-before-dt_init-with-frida-on-android/

[ Exploit ]  分析 GrandSoft 漏洞利用套件中的 CVE-2018-8174 漏洞利用 Shellcode：  https://www.nao-sec.org/2018/06/analyzing-shellcode-of-grandsofts-cve.html

[ Forensics ]  数字取证技巧 - 如何寻找 PlugX 的攻击痕迹：  https://countuponsecurity.com/2018/06/20/digital-forensics-plugx-and-artifacts-left-behind/

[ Hardware ]  利用缓存攻击ARM TrustZone中的AES实现，7分钟可还原密钥:  https://eprint.iacr.org/2018/621.pdf

[ iOS ]  有安全人员发现通过 Lightning 线发送 passcode 绕过 iPhone 或 iPad 的密码尝试次数限制：  https://appleinsider.com/articles/18/06/22/simple-hack-bypasses-ios-passcode-entry-limit-opens-door-to-brute-force-hacks

[ MalwareAnalysis ]  针对日本和韩国的 Tick 网络间谍组织通过U盘感染未联网计算机：  https://researchcenter.paloaltonetworks.com/2018/06/unit42-tick-group-weaponized-secure-usb-drives-target-air-gapped-critical-systems/

[ Popular Software ]  phpMyAdmin 4.8.1 本地文件包含漏洞 POC：  https://www.exploit-db.com/exploits/44924/

[ Tools ]  Recon-ng 教程系列： Part 1)： http://securenetworkmanagement.com/recon-ng-tutorial-part-1/  Part 2）： http://securenetworkmanagement.com/recon-ng-tutorial-part-2/  Part 3): http://securenetworkmanagement.com/recon-ng-tutorial-part-3/

[ Tools ]  xorm - Go语言实现的 ORM 库，支持多种数据库： https://github.com/go-xorm/xorm

[ Tools ]  Zeratool - 自动化生成漏洞利用并寻找 Flag 的 CTF 比赛工具：  https://github.com/ChrisTheCoolHut/Zeratool

[ Tools ]  dns-rebind-toolkit - DNS 重绑定漏洞利用工具：  https://github.com/Kinimiwar/dns-rebind-toolkit

[ Windows ]  使用 Windows Defender ATP 进行威胁狩猎: http://blog.sec-labs.com/2018/06/threat-hunting-with-windows-defender-atp/