Web安全
MinIO从信息泄漏到RCE复现
https://mp.weixin.qq.com/s/GNhQLuzD8up3VcBRIinmgQ
JVM核心对抗术
https://mp.weixin.qq.com/s/89Bmvy_uY97TZm3vR9lyWw
内网渗透
如何手动将objectSID属性添加到AD CS证书
https://elkement.blog/2023/03/30/lord-of-the-sid-how-to-add-the-objectsid-attribute-to-a-certificate-manually/
终端对抗
攻击Visual Studio以获得初始访问权限
https://outflank.nl/blog/2023/03/28/attacking-visual-studio-for-initial-access/
逐步讲解,如何绕过AMSI并攻陷Windows 11
https://medium.com/@sharonms3377/how-i-bypassed-amsi-in-2023-ff2cd81bda6c
使用Microsoft Linux 子系统 (WSL) 绕过Defender Endpoint中的设备隔离
https://sec1.dk/blog.html
防御削弱:利用进程暂停禁用反病毒软件
https://www.trustedsec.com/blog/disabling-av-with-process-suspension/
ZwProcessHollowing:使用直接系统调用、Dll脱钩和RC4 payload加密的x64进程镂空武器化项目
https://github.com/XaFF-XaFF/ZwProcessHollowing
HeapCrypt:利用函数Hook实现睡眠时堆加密
https://github.com/TheD1rkMtr/HeapCrypt
Chaos-Rootkit:具有进程隐藏和特权升级功能的x64 Ring0 Rootkit
https://github.com/ZeroMemoryEx/Chaos-Rootkit
漏洞相关
CVE-2023-23752:Joomla 4.2.8版本前CMS未授权信息泄漏
https://github.com/Acceis/exploit-CVE-2023-23752
CVE-2023-23397:微软发布该漏洞攻击利用的调查指南
https://www.microsoft.com/en-us/security/blog/2023/03/24/guidance-for-investigating-attacks-using-cve-2023-23397/
云安全
Terraform安全配置最佳实践
https://sysdig.com/blog/terraform-security-best-practices/
Untitled Goose Tool:对AzureAD、Azure和M365环境进行全面调查搜索和事件响应的工具
https://github.com/cisagov/untitledgoosetool
容器安全基础:从系统进程的角度探索容器
https://securitylabs.datadoghq.com/articles/container-security-fundamentals-part-1/
https://securitylabs.datadoghq.com/articles/container-security-fundamentals-part-2/
Recon365:从连接到AzureAD或Office 365的电子邮件地址收集信息
https://github.com/netsecurity-as/recon365
其他
3CX Desktop App供应链攻击跟踪与防护
https://www.reddit.com/r/crowdstrike/comments/125r3uu/20230329_situational_awareness_crowdstrike/
https://www.elastic.co/cn/security-labs/elastic-users-protected-from-suddenicon-supply-chain-attack
Red Canary 2023威胁检测报告
https://resource.redcanary.com/rs/003-YRU-314/images/2023_ThreatDetectionReport_RedCanary.pdf
Threatmon社交媒体数据泄漏报告
https://threatmon.io/report-on-data-leaks-reported-in-social-media/
ChatGPT-大型语言模型对执法的影响
https://www.europol.europa.eu/publications-events/publications/chatgpt-impact-of-large-language-models-law-enforcement
M01N Team公众号
聚焦高级攻防对抗热点技术
绿盟科技蓝军技术研究战队
官方攻防交流群
网络安全一手资讯
攻防技术答疑解惑
扫码加好友即可拉群
往期推荐