Web安全
利用 Jetty 中间件特性攻击 Web 应用程序
https://swarm.ptsecurity.com/jetty-features-for-hacking-web-apps/
不使用括号实现 JavaScript 的函数调用
https://portswigger.net/research/the-seventh-way-to-call-a-javascript-function-without-parentheses
对滥用 WebLogic 漏洞的 Coinminers 的后利用研究
https://www.trendmicro.com/en_us/research/22/i/a-post-exploitation-look-at-coinminers-abusing-weblogic-vulnerab.html
通过图卷积神经网络识别Web登录入口
https://paper.seebug.org/1969/
内网渗透
autobloody:自动利用 BloodHound 显示的 Active Directory 权限提升路径的工具
https://github.com/CravateRouge/autobloody
终端对抗
Heroinn:跨平台C2/后渗透框架
https://github.com/b23r0/Heroinn
构建CobaltStike External C2
https://xret2pwn.github.io/Myths-About-External-C2/
WriteProcessMemoryAPC - 使用 APC 调用将内存写入远程进程
https://www.x86matthew.com/view_post?id=writeprocessmemory_apc
D-Generating EDR 内部实现剖析
https://fool.ish.wtf/2022/09/d-generating-edr-internals-part-1.html
https://raw.githubusercontent.com/jonaslyk/temp/main/dg.bat
Sliver C2绕过 Win Defender 并持久化
https://youtu.be/QO_1UMaiWHk
规避内存扫描器
https://blog.kyleavery.com/posts/avoiding-memory-scanners/
TangledWinExec:用于研究 Windows 进程执行技术的C#存储库
https://github.com/daem0nc0re/TangledWinExec
cobaltstrike-headless:将无头Aggressor客户端变成功能性Cobalt Strike客户端的Aggressorscript
https://github.com/CodeXTF2/cobaltstrike-headless
利用Electron程序的ASAR文件注入恶意代码
https://taggart-tech.com/quasar-electron/
漏洞相关
超越内存损坏的模糊测试:自动查找更广泛的漏洞类别
https://security.googleblog.com/2022/09/fuzzing-beyond-memory-corruption.html
CVE-2022-22629:Safari 15.4 WebGL 缓冲区溢出漏洞PoC
https://github.com/parsdefense/CVE-2022-22629
CVE-2022-27925:Zimbra 路径穿越漏洞EXP
https://github.com/mohamedbenchikh/CVE-2022-27925
CVE-2022-30078:Netgear R6200_v2 和 R6300v2 路由器中的命令注入漏洞
https://github.com/10TG/vulnerabilities/blob/main/Netgear/CVE-2022-30078/CVE-2022-30078.md
.NET XML 签名验证期间的外部实体注入
https://bugs.chromium.org/p/project-zero/issues/detail?id=2313
CVE-2022-29021、CVE-2022-29022、CVE-2022-29023:OpenRazer Linux 内核驱动漏洞的分析
https://www.cyberark.com/resources/threat-research-blog/colorful-vulnerabilitie
CVE-2022-34721:Windows IKE 漏洞PoC
https://github.com/78ResearchLab/PoC/tree/main/CVE-2022-34721
KCon 2022:自动化API漏洞挖掘
https://paper.seebug.org/1964/
CVE-2022-35837:Windows GDI+组件信息泄漏漏洞分析
https://www.seljan.hu/posts/arbitrary-read-information-disclosure-vulnerability-in-microsoft-windows-gdi-emr_startdoc-record/
云安全
Azure威胁研究矩阵
https://microsoft.github.io/Azure-Threat-Research-Matrix/
通过Azure API权限滥用进行提权
https://posts.specterops.io/azure-privilege-escalation-via-azure-api-permissions-abuse-74aee1006f48
Azure Active Directory Pass-Through认证缺陷
https://www.secureworks.com/research/azure-active-directory-pass-through-authentication-flaws
CloudFox:云环境攻击面探测工具
https://bishopfox.com/blog/introducing-cloudfox
Constellation:第一个加密 Kubernetes,使用机密计算将整个 Kubernetes 集群与(云)基础设施隔离开来
https://github.com/edgelesssys/constellation
通过挖掘令牌破坏 Microsoft Teams 安全性
https://www.vectra.ai/blogpost/undermining-microsoft-teams-security-by-mining-tokens
“GIFShell”——利用 Microsoft Teams GIF 的隐蔽攻击链和 C2
https://medium.com/@bobbyrsec/gifshell-covert-attack-chain-and-c2-utilizing-microsoft-teams-gifs-1618c4e64ed7
其他
绕过Github Required Reviewers 限制,向开源项目提交恶意代码
https://www.legitsecurity.com/blog/bypassing-github-required-reviewers-to-submit-malicious-code
KCon 2022 PPT部分公开
https://paper.seebug.org/1967/
2022 Falcon OverWatch 威胁狩猎报告
https://go.crowdstrike.com/rs/281-OBQ-266/images/2022OverWatchThreatHuntingReport.pdf
区块链黑暗森林自救手册
https://github.com/slowmist/Blockchain-dark-forest-selfguard-handbook/blob/main/README_CN.md
闯入 WiFi 网络并与服务交互
https://tbhaxor.com/pivot-through-protected-wifi-network/
通过IPv6绕过针对IP的暴力破解防护
https://www.cyberis.com/article/bypassing-ip-based-brute-force-protection-ipv6
M01N Team公众号
聚焦高级攻防对抗热点技术
绿盟科技蓝军技术研究战队
官方攻防交流群
网络安全一手资讯
攻防技术答疑解惑
扫码加好友即可拉群
往期推荐
如有侵权请联系:admin#unsafe.sh