内网渗透
横向移动工具开发:wmiexec-Pro
https://mp.weixin.qq.com/s/FzesFjuhcag8UsSV_RLA1A
https://github.com/XiaoliChan/wmiexec-Pro
终端对抗
使用Windows Defender排除项Registry.pol进行权限维持
https://medium.com/@markmotig/windows-defender-exclusion-persistence-with-registry-pol-666acef2bb9
Supershell:基于反向SSH隧道获取完全交互式Shell
https://github.com/tdragon6/Supershell/
PatchGuardBypass:绕过x64系统的PatchGuard
https://github.com/AdamOron/PatchGuardBypass
检测FreeLibrary EDR规避技术
https://github.com/xelemental/Windows-Toolkit/blob/main/D-Dump_Detecting_FreeLibrary_Unloading_technique..pdf
FreeMetsrvLoader:定位和释放Metsrv的初始化反射DLL包
https://github.com/attl4s/freeMetsrvLoader
不使用调试符号在NTDLL中定位kernel32!BaseThreadInitThunk
https://gist.github.com/odzhan/fe278c2588e462edf3a9fd61f3c51d93
LOLDrivers:可被滥用驱动汇总及狩猎规则
https://www.loldrivers.io/
LOOBins:macOS内置二进制文件和脚本滥用
https://github.com/infosecB/LOOBins
漏洞相关
Microsoft Teams中存在NTLM中继攻击
https://medium.com/@bobbyrsec/malicious-microsoft-teams-invite-ntlm-relay-and-drive-by-download-attack-265821e3da9e
IDM远程代码执行漏洞披露
https://www.exploit-db.com/exploits/51131?utm_source=dlvr.it&utm_medium=twitter
利用CVE-2021-31199逃逸Adobe沙箱
https://blog.exodusintel.com/2023/04/06/escaping-adobe-sandbox-exploiting-an-integer-overflow-in-microsoft-windows/
CVE-2022–40684:FortiOS系统中的身份绕过漏洞分析
https://medium.com/@INTfinity/fortinet-series-1-analysis-of-cve-2022-40684-88870994e6e0
云安全
Microsoft Teams中的用户枚举
https://medium.com/sse-blog/a-fresh-look-at-user-enumeration-in-microsoft-teams-405d614df70a
使用Azure数据资源管理器对Microsoft 365 Defender进行无限制高级狩猎
https://koosg.medium.com/unlimited-advanced-hunting-for-microsoft-365-defender-with-azure-data-explorer-646b08307b75
AWS KMS威胁模型
https://airwalkreply.com/aws-kms-threat-model
未授权访问获取Github云开发环境Codespace密钥
https://ophionsecurity.com/blog/access-organization-secrets-in-github
其他
构建IP相似度,可帮助防御者找到同一组织的攻击IP
https://www.greynoise.io/blog/how-we-built-ip-similarity
通过假定身份和场景绕过ChatGPT限制
https://medium.com/@proton00x05/2-ways-to-bypass-chatgpt-security-baae0e448fb1
M01N Team公众号
聚焦高级攻防对抗热点技术
绿盟科技蓝军技术研究战队
官方攻防交流群
网络安全一手资讯
攻防技术答疑解惑
扫码加好友即可拉群
往期推荐