Web安全
ThinkPHP多语言RCE漏洞分析
https://tttang.com/archive/1865/
利用可编排结构实现低代码扫描器
https://mp.weixin.qq.com/s/Y8MP_QEFPi4uO7PfLwzHdg
内网渗透
使用Microsoft Sentinel审核ADCS服务
https://www.kaidojarvemets.com/audit-active-directory-certificate-services-using-microsoft-sentinel/
终端对抗
Venom:使用被盗的浏览器套接字执行规避通信
https://github.com/Idov31/Venom
Blindside:使用硬件断点规避EDR的技术
https://cymulate.com/blog/blindside-a-new-technique-for-edr-evasion-with-hardware-breakpoints
wanderer:用C#编写的可注入进程枚举开源工具
https://github.com/gh0x0st/wanderer
linux_injector:用于x64 Linux的简单无ptrace共享库注入器
https://github.com/namazso/linux_injector
C++编写的Rundll32 COM劫持执行器
https://ghoulsec.medium.com/reddev-5-rundll32-com-hijack-executor-in-c-40b632fc7e37
MacOS中的新旧内存执行
https://rtx.meta.security/post-exploitation/2022/12/19/In-Memory-Execution-in-macOS.html
漏洞相关
CVE-2022-41080和CVE-2022-41082链接,以绕过Microsoft为ProxyNotShell提供的URL重写缓解措
https://www.rapid7.com/blog/post/2022/12/21/cve-2022-41080-cve-2022-41082-rapid7-observed-exploitation-of-owassrf-in-exchange-for-rce/
CVE-2022-4543:绕过KASLR漏洞缓解机制
https://www.willsroot.io/2022/12/entrybleed.html
CVE-2022-2602:Linux内核特权提升漏洞利用
https://exploiter.dev/blog/2022/CVE-2022-2602.html
https://blog.hacktivesecurity.com/index.php/2022/12/21/cve-2022-2602-dirtycred-file-exploitation-applied-on-an-io_uring-uaf/
绕过Apple Gatekeeper安全机制
https://www.microsoft.com/en-us/security/blog/2022/12/19/gatekeepers-achilles-heel-unearthing-a-macos-vulnerability/
使用泄漏的Sentinel值绕过最新的Chrome v8 HardenProtect
https://medium.com/@numencyberlabs/using-leaking-sentinel-value-to-bypass-the-latest-chrome-v8-hardenprotect-c4ed40e3d34f
CVE-2022-23093:FreeBSD ping漏洞分析
https://www.archcloudlabs.com/projects/cve-2022-23093/
云安全
检测Azure AD帐户接管攻击
https://posts.bluraven.io/detecting-azure-ad-account-takeover-attacks-b2652bb65a4c
云原生组件Nacos新型红队手法研究
https://mp.weixin.qq.com/s/Jwwd5ailKNhwR57ACXB1kQ
AWS ECR Public漏洞
https://blog.lightspin.io/aws-ecr-public-vulnerability
其他
IRM-2022(2022年事件响应方法)
https://github.com/certsocietegenerale/IRM
MSI Dump:分析恶意MSI安装包、提取文件、流、二进制数据并集成YARA扫描程序的工具
https://github.com/mgeeky/msidump
M01N Team公众号
聚焦高级攻防对抗热点技术
绿盟科技蓝军技术研究战队
官方攻防交流群
网络安全一手资讯
攻防技术答疑解惑
扫码加好友即可拉群
往期推荐