PHP 内核分析(1):sapi_module_struct
http://blog.jobbole.com/108631/

A tool that can scan php vulnerabilities automatically using static analysis methods
https://github.com/OneSourceCat/phpvulhunter

扫目录过狗过waf方法
https://www.webshell.cc/6274.html

Windows API Hooking in Python - .Little Hann
http://www.cnblogs.com/LittleHann/p/6133733.html

[原]apache安全配置参考
http://blog.csdn.net/qq_29277155/article/details/52915206

(译)Python的隐藏特性(StackOverflow)
http://pyzh.readthedocs.io/en/latest/python-hidden-features.html

Teaching an Old Dog (not that new) Tricks. Stego in TCP/IP made easy (part-1)
https://www.exploit-db.com/docs/40891.pdf

OpenSSH 7.2 Denial Of Service
https://cxsecurity.com/issue/WLB-2016120047

利用 XML Signature 攻击绕过 SAML 2.0 单点登录
http://www.mottoin.com/93405.html

Dracnmap:基于Nmap的图形化网络信息搜集工具
http://www.mottoin.com/93448.html

PHP 7.1.0 Released
http://php.net/archive/2016.php#id2016-12-01-3

The pitfalls of postMessage
https://labs.detectify.com/2016/12/08/the-pitfalls-of-postmessage/