A collection of security blogs
Cons
Feeds
- https://pocorgtfo.hacke.rs
- https://tmpout.sh/zine.html
- Speaker Deck
- Freebuf
- Seebug Papers
- Insecure.org Mailing List
Blockchain
Web security
- http://xxlegend.com/
- https://www.lz1y.cn/
- https://devco.re/blog/
- http://blog.portswigger.net/
- http://blog.blindspotsecurity.com/
- https://ricterz.me/
- https://leucosite.com/
- https://blog.bentkowski.info/
- https://www.ambionics.io/blog/
- https://raz0r.name/
- https://ysamm.com/
- https://epi052.gitlab.io/notes-to-self/blog/
- http://agrrrdog.blogspot.com/
- https://web-in-security.blogspot.com/
Threat hunting / forensics
Pentest
- https://www.gosecure.net/blog
- https://ijustwannared.team/
- https://blog.menasec.net/
- https://pentest.blog/
- http://www.harmj0y.net/blog/
- https://adapt-and-attack.com/
- https://pentesterslife.blog/
- http://staaldraad.github.io/
- http://decidedlygray.com/
- http://www.labofapenetrationtester.com/
- http://www.moonsec.com/
- https://milo2012.wordpress.com/
- https://x-c3ll.github.io/
Cloud security
Windows security
- https://csandker.io/
- https://big5-sec.github.io/
- https://decoder.cloud/
- http://www.leeholmes.com/blog - Powershell的,作者写了本书
- https://86hh.github.io - 反汇编的
- https://winitor.com/articles.html - 主要是安全机制
- https://modexp.wordpress.com - 专注进程注入
- https://oddvar.moe/
- https://www.shelliscoming.com/
- http://scz.617.cn/windows/
- https://secureidentity.se/
- https://3gstudent.github.io/
- https://tyranidslair.blogspot.com/
- https://www.dsinternals.com/en/
- https://adsecurity.org/
- https://homjxi0e.wordpress.com/
- https://enigma0x3.net/
- https://rastamouse.me/
- https://sid-500.com/
- http://redplait.blogspot.com/
- https://bohops.com/
Linux security
Mobile security
- https://bxl1989.github.io - 白小龙,阿里专家
- https://github.com/zhengmin1989/MyArticles - 蒸米的文章(iOS冰与火之歌系列,一步一步学ROP系列,安卓动态调试七种武器系列等)
- http://www.alonemonkey.com/archives/
- https://kov4l3nko.github.io/
- https://www.pnfsoftware.com/blog/
- https://alephsecurity.com/
- https://www.piratemoo.net/moosings/
- https://gtoad.github.io/
- https://blog.zimperium.com/
- https://www.allysonomalley.com/
- http://c0reteam.org/blog.html
Mac/iOS
- https://grepharder.github.io/blog/
- https://kov4l3nko.github.io/
- http://saitjr.com/
- http://www.alonemonkey.com/
- https://bazad.github.io/
- https://objective-see.com/blog.html
- http://newosxbook.com/index.php
- https://www.mac4n6.com/blog/
- https://worthdoingbadly.com/
- https://geosn0w.github.io/
Hardware security
Reverse engineering
- https://n4r1b.netlify.com/en/posts/
- https://stragedevices.blogspot.com/
- https://maxkersten.nl/
- http://blog.rewolf.pl/blog/
- https://doar-e.github.io/archives.html
- https://qmemcpy.io/
- https://www.usualsuspect.re/archives/
- https://www.msreverseengineering.com/blog/
- https://reverse.put.as/post/
- https://lightbulbone.com/
- http://0xeb.net/
- https://int0xcc.svbtle.com/
- http://www.msreverseengineering.com/blog
- http://riscy.business/
- https://sww-it.ru/
- http://www.hexacorn.com/blog/
- https://signal11.io/
- https://lifeinhex.com/
- http://www.hexblog.com/
- https://revers.engineering/
- http://blog.ret2.io/
- http://jmpews.github.io/
- https://rayanfam.com/page/
- https://blog.k3170makan.com/
Malware analysis
Vulnerability research
- https://security.googleblog.com/
- https://www.inversecos.com/
- https://a13xp0p0v.github.io/
- https://vul.360.net/
- https://connormcgarr.github.io/
- https://evilpan.com/posts/
- https://legalhackers.com/
- https://payatu.com/research/
- https://d4stiny.github.io/
- https://exp101t.blogspot.com/
- https://blog.zecops.com/
- https://webrtchacks.com/
- https://techblog.mediaservice.net/
- https://unit42.paloaltonetworks.com/
- https://blog.ropchain.com/
- https://blog.scrt.ch/
- https://www.voidsecurity.in/
- https://www.merckedsecurity.com/blog/
- https://nafiez.github.io/
- http://www.greyhathacker.net/
- https://medium.com/@CodeColorist
- https://blog.exodusintel.com/
- http://tacxingxing.com/
- https://rootkits.xyz/blog/
- https://xiaodaozhi.com/archives.html
- https://lazytyped.blogspot.com.au/
- https://landave.io/
- http://www.nul.pw/
- https://embedi.com/blog/
- https://srcincite.io/blog/
- https://hardenedlinux.github.io/
- https://kbdsmoke.me/
- https://fail0verflow.com/blog/
- https://whereisk0shl.top/
- https://siberas.de/blog/
- https://xorl.wordpress.com/
- https://www.zerodayinitiative.com/blog/
- https://googleprojectzero.blogspot.com/
- http://www.exploit-monday.com/
- https://blog.xpnsec.com/
- https://blog.flanker017.me/
- https://jmpesp.me/
- https://insinuator.net/
- https://nickbloor.co.uk/
- https://ricklarabee.blogspot.com/
- https://www.somersetrecon.com/blog/
- https://dangokyo.me/
- https://abiondo.me/
Browser security
- https://microsoftedge.github.io/edgevr/
- https://www.brokenbrowser.com/
- http://c0d3g33k.blogspot.com/
Incident response
Code audit
Paper / magazines
- http://uninformed.org/
- https://arxiv.org/
- http://www.irongeek.com/
- https://www.sec-wiki.com/index.php
Forums
- https://isc.sans.edu/
- https://0x00sec.org/
- https://www.t00ls.net/Penetration-articles.html
- https://xz.aliyun.com/
Uncategorized
- https://www.gnucitizen.org/blog/
- https://blog.jessfraz.com/
- https://omespino.com/
- https://secrary.com/
- https://blog.skullsecurity.org/
- https://blog.didierstevens.com - 主要做OFFICE分析的
- https://laconicwolf.com/
- https://www.darknet.org.uk/
- https://teamultimate.in
- https://tunnelshade.in/blog/
- https://room362.com/post/
- https://www.cybereason.com/blog
- https://blog.silentsignal.eu/
- https://www.tarlogic.com/en/cybersecurity-blog/
- https://www.coresecurity.com/blog/
- https://www.bishopfox.com/blog/
- https://blog.doyensec.com/
- https://riscybusiness.wordpress.com/
- https://labs.bluefrostsecurity.de/
- https://posts.specterops.io/
- https://blog.trailofbits.com/
- https://quequero.org/
- https://blog.binarydefense.com/
- https://www.mdsec.co.uk/blog/
- https://www.darkoperator.com/blog/
- https://pentestlab.blog/
- https://blog.quarkslab.com/archives.html
- http://blog.talosintelligence.com
- https://blogs.securiteam.com/
- https://sensepost.com/blog/
- https://www.ernw.de/category/research/index.html
- http://blog.ioactive.com/
- https://securingtomorrow.mcafee.com/mcafee-labs/
- https://theevilbit.blogspot.hu/
- https://labs.nettitude.com/blog/
- https://securityoversimplicity.wordpress.com/
- https://www.n0tr00t.com/archives.html