| 2019-04-13 | Java 反序列化过程深究 | ourren | 1918 | |
| 2019-04-04 | I-See-You: Bash and Javascript tool to find the exact location of user | ourren | 1727 | |
| 2019-03-31 | 从零开始Java代码审计系列(一) | ourren | 2261 | |
| 2019-03-31 | browspy: 浏览器用户全部信息收集JavaScript | ourren | 2056 | |
| 2019-03-27 | Attacking Java RMI services after JEP 290 | re4lity | 2161 | |
| 2019-03-22 | Java Serialization Objects (JSO): An Exploitation Guide | re4lity | 1725 | |
| 2019-03-20 | .NET高级代码审计(第四课) JavaScriptSerializer反序列化漏洞 | ourren | 2038 | |
| 2019-03-20 | Java deserialization RCE in Tomcat cluster | re4lity | 5984 | |
| 2019-02-20 | Oracle Java glyph_CloseContour 的运行时 TTF 字体越界读取漏洞 | mimblewimble | 1852 | |
| 2019-02-18 | 如何对 JavaScript 引擎进行 Fuzzing | mimblewimble | 1774 | |
