1、基于python的开源mac系统管理工具

https://github.com/timsutton/python-macadmin-tools

2、短网址对云服务的威胁

https://freedom-to-tinker.com/blog/vitaly/gone-in-six-characters-short-urls-considered-harmful-for-cloud-services/

3、CanSecWest2016会议PPT

http://www.slideshare.net/CanSecWest/presentations

4、cssi攻击:一个琐细但普遍存在的一种Web漏洞类型

http://www.scip.ch/en/?labs.20160414

5、VMware PowerCLI :开启/禁用每台vSphere cluster

https://davidring.ie/2016/04/14/vmware-powercli-enabledisable-ssh/

6、QuickTime Atom 处理导致堆损坏可引发远程代码执行

http://www.zerodayinitiative.com/advisories/ZDI-16-242/

7、使用javascript在企业中建立一个家园(替代powershell的另一种思路 )

http://subt0x10.blogspot.tw/2016/04/setting-up-homestead-in-enterprise-with.html

8、杀软逃逸(免杀)的一些方法

https://www.gracefulsecurity.com/anti-virus-evasion/

9、Tenable Nessus Bugs 可以构造CSS攻击和让远程认证用户拒绝服务

http://www.securitytracker.com/id/1035567

10、利用现有的注册文件中的栈指针副本进行错误检测

http://www.median-project.eu/wp-content/uploads/MEDIAN-Finale-s3-1.pdf

11、如何利用android备份导出沙盒APP文件

https://www.pentestpartners.com/blog/how-to-subvert-android-backups-to-export-sandboxed-app-files/

12、MS16-045 允许通过RCE实现 guest-to-host Hyper-V 逃逸

https://technet.microsoft.com/library/security/MS16-045

13、在IE的input hidden触发XSS

http://masatokinugawa.l0.cm/2016/04/hidden-input-xss.html

14、Linux 排错 Cheatsheet

https://sysdig.com/blog/linux-troubleshooting-cheatsheet/