| 2019-04-13 | Java 反序列化过程深究 | ourren | 1939 | |
| 2019-04-04 | I-See-You: Bash and Javascript tool to find the exact location of user | ourren | 1727 | |
| 2019-03-31 | 从零开始Java代码审计系列(一) | ourren | 2274 | |
| 2019-03-31 | browspy: 浏览器用户全部信息收集JavaScript | ourren | 2074 | |
| 2019-03-27 | Attacking Java RMI services after JEP 290 | re4lity | 2180 | |
| 2019-03-22 | Java Serialization Objects (JSO): An Exploitation Guide | re4lity | 1754 | |
| 2019-03-20 | .NET高级代码审计(第四课) JavaScriptSerializer反序列化漏洞 | ourren | 2078 | |
| 2019-03-20 | Java deserialization RCE in Tomcat cluster | re4lity | 6116 | |
| 2019-02-20 | Oracle Java glyph_CloseContour 的运行时 TTF 字体越界读取漏洞 | mimblewimble | 1870 | |
| 2019-02-18 | 如何对 JavaScript 引擎进行 Fuzzing | mimblewimble | 1781 | |
