[ Browser ]  Maxthon Browser Exploitation http://d3adend.org/blog/?p=851

[ Browser ]  #DailyBug #MSIE11 MSHTML CMapElement::Notify use-after-free non-reantrant functions and event handling do not mix http://blog.skylined.nl/20161114001.html

[ Linux ]  [0day] [exploit] Compromising a Linux desktop using 6502 processor opcodes on the NES http://scarybeastsecurity.blogspot.in/2016/11/0day-exploit-compromising-linux-desktop.html?m=1

[ MalwareAnalysis ]  It looks like my Ph.D thesis "Advances in Modern Malware and Memory Analysis" is available at: http://www.eurecom.fr/en/publication/4686/download/sec-publi-4686.pdf

[ MalwareAnalysis ]  Master Decryption Keys and Decryptor for the Crysis Ransomware Released. http://www.bleepingcomputer.com/news/security/master-decryption-keys-and-decryptor-for-the-crysis-ransomware-released-/

[ Others ]  Introducing simultaneous “nirvana” JavaScript debugging for Chrome and Node.js in VS Code https://medium.com/@ auchenberg/introducing-simultaneous-nirvana-javascript-debugging-for-node-js-and-chrome-in-vs-code-d898a4011ab1#.twl9jj9u3 by @ auchenberg

[ Others ]  Just released PatchExtract v1.25 - Should be able to handle Cumulative Patches for Windows 10 with sub-cabs #infosec https://t.co/dMmEGiBRr5

[ Others ]  avmdbg - a lightweight debugger for android virtual machine. https://github.com/cheetahsec/avmdbg

[ Others ]  Local file inclusion vulnerability paved the way for another hack of Adult Friend Finder. https://threatpost.com/adult-friendfinder-hack-exposes-400-million-accounts/121930/

[ Others ]  AtomBombing CFG Protected Processes https://breakingmalware.com/injection-techniques/atombombing-cfg-protected-processes/

[ Others ]  Scripting radare2 with python for dynamic analysis - TUMCTF 2016 Zwiebel part 2 https://www.youtube.com/watch?v=y69uIxU0eI8

[ Popular Software ]  VMware patches for #PwnFest2016 vulns released: http://www.vmware.com/security/advisories/VMSA-2016-0019.html https://t.co/1W2GvdzOoA

[ Protocol ]  So, I wrote a thing on the @ Rapid7 community blog: Project Sonar Study of LDAP on the Internet - https://community.rapid7.com/community/infosec/sonar/blog/2016/11/08/project-sonar-study-of-ldap-on-the-internet

[ Tools ]  Visual Studio for Mac https://msdn.microsoft.com/en-us/magazine/mt790182.aspx

[ Tools ]  Slides of our talk at #CSAW16 SOS about how Triton can help to reverse virtual machine based software protections https://t.co/AfdpzbsXR9

[ Tools ]  jSQL Injection v0.77 - Java application for automatic SQL database injection. http://www.kitploit.com/2016/11/jsql-injection-v077-java-application.html

[ Vulnerability ]  Redirecting execution flow to a wirtable map through RtlDecompressBuffer http://jolmos.blogspot.com.es/2016/11/rtldecompresbuffer-vulnerability.html #security

[ Vulnerability ]  mq_setattr() in FreeBSD's mqueuefs leaks kernel stack memory https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=214488

[ Web Security ]  SQLite as a Shell Script : https://www.invincealabs.com/blog/2016/11/sqlite-shell-script/ , SQLite3 Injection Cheat Sheet : http://atta.cked.me/home/sqlite3injectioncheatsheet

[ WirelessSecurity ]  fuzzing & exploiting wireless device drivers (2007) https://fuzzinginfo.files.wordpress.com/2012/05/deepsec__keil_kolbitsch-presentation-virtual_fuzzing.pdf