[ Android ]  RetroScope - Public release of the RetroScope Android memory forensics framework https://github.com/ProjectRetroScope/RetroScope

[ Attack ]  Here's a detailed analysis of the alleged NSA exploits recently dumped by #ShadowBrokers https://www.riskbasedsecurity.com/2016/08/the-shadow-brokers-lifting-the-shadows-of-the-nsas-equation-group/

[ Debug ]  Bypassing Application Whitelisting by using WinDbg/CDB as a Shellcode Runner http://www.exploit-monday.com/2016/08/windbg-cdb-shellcode-runner.html

[ Defend ]  ELFbac (2016): ELF ABI metadata for run-time policy enforcement @ sergeybratus @ mlocasto https://www.blackhat.com/docs/us-16/materials/us-16-Bratus-Intra-Process-Memory-Protection-For-Applications-On-ARM-And-x86-wp.pdf https://t.co/jWyVXBos5p

[ Fuzzing ]  Just published the slides + code from @ NerdKernel & @ munmap @ defcon presentation on platform agnostic kernel fuzzing https://labs.mwrinfosecurity.com/publications/platform-agnostic-kernel-fuzzing

[ Linux ]  System Integrity Protection (SIP) for FreeBSD https://github.com/2trill2spill/SIP

[ Malware ]  New post: New Locky Ransomware Spotted in the Brazilian Underground Market, Uses Windows Script Files http://bit.ly/2breXY4 @ TrendMicro

[ Network ]  CVE-2016-5696 and its effects on Tor https://blog.patternsinthevoid.net/cve-2016-5696-and-its-effects-on-tor.html

[ OpenSourceProject ]  Vulnerability Spotlight: Multiple Remote Code Execution Vulnerabilities Within Lexmark Perceptive Document Filters. http://blog.talosintel.com/2016/08/vulnerability-spotlight-multiple-remote.html

[ Others ]  Jailbreaking the Amazon Kindle E Ink Reader https://github.com/sgayou/kindle-5.6.5-jailbreak/blob/master/doc/README.md

[ Others ]  Windows system call tables updated, refreshed and reworked. Now include Win10 1507/1511/1607, among other changes. http://j00ru.vexillium.org/?p=2920

[ Others ]  Very cool: https://lafintel.wordpress.com/2016/08/15/circumventing-fuzzing-roadblocks-with-compiler-transformations/

[ Others ]  “Fileless” UAC Bypass Using eventvwr.exe and Registry Hijacking https://enigma0x3.net/2016/08/15/fileless-uac-bypass-using-eventvwr-exe-and-registry-hijacking/

[ Others ]  DDoSCoin, the cryptocurrency that pays the participation in DDoS attacks http://securityaffairs.co/wordpress/50287/hacking/ddoscoin-ddos-cryptocurrency.html

[ Others ]  A write-up, with code & open hw release of @ RoganDawes & @ singe's @ defcon 24 talk; Remote Physical Attacks via USB: https://www.sensepost.com/blog/2016/universal-serial-abuse/

[ Others ]  My old summaries of “The Art of Software Security Assessment”, with @ mdowd’s blessing :) http://www.surrendercontrol.com/2016/08/blast-from-past-taossa-summaries.html

[ Popular Software ]  JetBrains IDE Remote Code Execution and Local File Disclosure http://blog.saynotolinux.com/blog/2016/08/15/jetbrains-ide-remote-code-execution-and-local-file-disclosure-vulnerability-analysis/

[ Popular Software ]  PoC #Python #IDE #0day Write following & save it as "tabnanny.py" import os os.system("calc.exe") right-click the .py => "Edit with IDLE".

[ ReverseEngineering ]  SkidSuite2 - A set of projects focusing on java reverse engineering using ASM. CC: @ timstrazz @ caleb_fenton https://github.com/LPK-Matt/SkidSuite2

[ ThreatIntelligence ]  Great example of using PassiveTotal to capture domain shadowing in action! #infosec #shadowing #threatintel https://www.riskiq.com/blog/labs/shadowed-domains-lead-to-neutrino-exploit-kit/

[ Tools ]  Waiting PVS-Studio for Linux: Checking the Code of #Inkscape Graphics Editor http://www.viva64.com/en/b/0419/ #programming https://t.co/7tGOVqv2ru

[ Web Security ]  Stored Cross-Site Scripting vulnerability in Photo Gallery WordPress Plugin http://goo.gl/fb/ek85ci #FullDisclosure