| 2016-11-18 | Bypassing Two-Factor Authentication on OWA & Office365 Portals | BaCde | 1949 | |
| 2016-11-18 | 从XSS到RCE2.5 - Black Hat Europe Arsenal 2016 | BaCde | 2313 | |
| 2016-11-17 | 命令执行和绕过的一些小技巧 | ourren | 3017 | |
| 2016-11-17 | 使用nmap和自定义子域名文件发现目标子域 | re4lity | 2806 | |
| 2016-11-16 | CVE-2016-5007 Spring Security / MVC Path Matching Inconsistency | re4lity | 2862 | |
| 2016-11-16 | 在SQLite中实现命令执行 | re4lity | 2663 | |
| 2016-11-16 | SHELLING - an offensive approach to the anatomy of improperly written OS command | BaCde | 2743 | |
| 2016-11-16 | jSQL Injection v0.77 - Java application for automatic SQL database injection | vicker | 5837 | |
| 2016-11-15 | lightbulb-framework: 一款WAF审计工具 | BaCde | 2952 | |
| 2016-11-15 | Open Source Intelligence Tools and Resources Handbook[PDF] | BaCde | 7368 | |
| 2016-11-15 | Pwning Your Java Messaging With Deserialization Vulnerabilities[PDF] | BaCde | 2098 | |
| 2016-11-14 | 使用Commix绕过安全防护利用命令执行漏洞 | re4lity | 2320 | |
| 2016-11-11 | SQLi, Privilage Escalation, and PowerShell Empire | BaCde | 2051 | |
