Web安全
Python pickle反序列化浅析
https://tttang.com/archive/1782/
内网渗透
AD域渗透获取Domain信息方法对比
https://rastamouse.me/getdomain-vs-getcomputerdomain-vs-getcurrentdomain/
终端对抗
通过Microsoft Speech API写入二进制文件
https://red.0xbad53c.com/red-team-operations/initial-access/macro-attacks/binary-file-write-via-microsoft-speech-api
DeleteShadowCopies:在纯C++中删除卷影复制
https://github.com/ORCx41/DeleteShadowCopies
Play With Windows Defender -- ASR篇
https://mp.weixin.qq.com/s/Mbs2E3_zjp5BFPd_99iGvQ
TerraLdr:具有高级规避功能的载荷加载器
https://github.com/ORCx41/TerraLdr
BOF-herpaderping:进程Herpaderping技术的Beacon Object File部分实现
https://github.com/MrAle98/BOF-herpaderping
Spartacus:DLL劫持发现工具
https://github.com/Accenture/Spartacus
siphon:在Linux中拦截任何进程输入输出和监视用户Shell
https://github.com/liamg/siphon
漏洞相关
CVE-2022-37969:Windows CLFS 0 day漏洞的技术分析,漏洞成因及利用
https://www.zscaler.com/blogs/security-research/technical-analysis-windows-clfs-zero-day-vulnerability-cve-2022-37969-part
https://www.zscaler.com/blogs/security-research/technical-analysis-windows-clfs-zero-day-vulnerability-cve-2022-37969-part2-exploit-analysis
Visual Studio Code .ipynb Jupyter Notebook RCE漏洞分析
https://blog.doyensec.com/2022/10/27/jupytervscode.html
Fugu15:IOS15越狱,包含代码签名绕过、内核利用、内核PAC绕过和PPL绕过
https://github.com/pinauten/Fugu15
CVE-2022-3602 OpenSSL漏洞分析与检测建议
https://securitylabs.datadoghq.com/articles/openssl-november-1-vulnerabilities/
CVE-2022-34169:JIT编译器整数截断错误,导致可在支持SAML单点登录的Java Web应用程序和身份提供程序中执行任意代码
https://googleprojectzero.blogspot.com/2022/11/gregor-samsa-exploiting-java-xml.html
云安全
GCP身份与访问控制最佳实践
https://www.praetorian.com/blog/iam-best-practices-gcp/
利用Github Action实现对目标植入后门容器
https://www.praetorian.com/blog/self-hosted-github-runners-are-backdoors/
AWS中危险的信任策略
https://blog.nviso.eu/2022/10/25/the-dangers-of-trust-policies-in-aws/
其他
ariadne:二进制文件Ninja可视化分析插件
https://github.com/seeinglogic/ariadne
USENIX Security 22技术会议研讨会出版的完整论文集
https://www.usenix.org/conference/usenixsecurity22/technical-sessions
使用贴纸干扰人脸识别
https://adversarial-designs.shop/blogs/blog/faceoff-using-stickers-to-fool-face-id
M01N Team公众号
聚焦高级攻防对抗热点技术
绿盟科技蓝军技术研究战队
官方攻防交流群
网络安全一手资讯
攻防技术答疑解惑
扫码加好友即可拉群
往期推荐