[ MalwareAnalysis ]   AppRiver 研究人员发现一起针对 Spotify 用户的网络钓鱼活动:  https://threatpost.com/spotify-phishers-hijack-music-fans-accounts/139329/

[ Pentest ]  渗透测试中的无线网络攻击手法介绍：  https://www.synacktiv.com/ressources/SecurityPWNing2018-PentHertz_using_radio_during_redteam_tests.pdf

[ Pentest ]  只用一行命令进行子域名收集的小技巧：  https://twitter.com/JaneScott_/status/1065995260554170369

[ Tools ]  Blacklist3r - 滥用公开的机器密钥解密 ASP.NET Cookie 的项目 ：  https://www.notsosecure.com/project-blacklist3r/

[ Tools ]   XSS Fuzzer - XSS Payloads 在线生成工具:  https://xssfuzzer.com/

[ Vulnerability ]  整数溢出与 SMT 求解器：  https://yurichev.com/blog/int_over/

[ Web Security ]  XSS 测试用例集合：  https://brutelogic.com.br/knoxss.html

[ Windows ]  DelNodeRunDLL32W 函数的隐藏用法： http://www.hexacorn.com/blog/2018/11/24/advpack-dll-delnoderundll32-and-its-flags/