XLL技术分析:能否为Office文件钓鱼破局?
https://yoroi.company/research/office-documents-may-the-xll-technique-change-the-threat-landscape-in-2022/
Apache JSPWiki 任意文件删除漏洞(CVE-2021-44140)
https://cve.report/CVE-2021-44140
所有Windows版本均受影响,Cisco Talos发现一个高危提权漏洞
https://www.cnbeta.com/articles/tech/1207121.htm
TP-Link TL-XVR1800L 设备零日漏洞
https://securityaffairs.co/wordpress/125016/hacking/0-day-tp-link-wi-fi-6.html?utm_source=feedly&utm_medium=rss&utm_campaign=0-day-tp-link-wi-fi-6
漏洞发掘者WP:CVE-2021-43557(Apache APISIX)
https://xvnpw.github.io/posts/cve_2021_43557_apache_apisix_path_traversal_in_request_uri_variable/
Popping iOS <=14.7 with IOMFB(CVE-2021-30807)
https://jsherman212.github.io/2021/11/28/popping_ios14_with_iomfb.html
Poc&Patch:Exchange RCE(CVE-2021-42321)
https://www.bleepingcomputer.com/news/security/exploit-released-for-microsoft-exchange-rce-bug-patch-now/
适用于红队演习的各种EDR相关信息
https://github.com/Mr-Un1k0d3r/EDRs/
4-ZERO-3:Tool to bypass 403/401
https://github.com/Dheerajmadhukar/4-ZERO-3
Katana:Python Tool For google Hacking
https://github.com/TebbaaX/Katana
不用写代码的图形化爬虫平台
https://github.com/ssssssss-team/spider-flow
汽车安全测试工具集
https://github.com/firmianay/Vehicle-Security-Toolkit
WP:HackTheBox - Union
https://0xdf.gitlab.io/2021/11/22/htb-union.html
使用JADX和Frida进行Andriod应用逆向
https://httptoolkit.tech/blog/android-reverse-engineering/
从APPLE.COM的XSS发现到构建POC获取PII
https://zseano.medium.com/finding-xss-on-apple-com-and-building-a-proof-of-concept-to-leak-your-pii-information-d7bc93cff2df
2021信息安全挑战赛Writeup完整版
https://spaceraccoon.dev/the-infosecurity-challenge-2021-full-writeup-battle-royale-for-30k
更多详情请查看原文