Web安全
cookie-monster:能够窃取edge、chrome和firefox浏览器cookie的BOF或EXE
https://github.com/KingOfTheNOPs/cookie-monster
内网渗透
ADCSync:利用AD CS滥用中的ESC1实现的DCSync
https://github.com/JPG0mez/ADCSync
PsMapExec:powershell版本的CrackMapExec
https://github.com/The-Viper-One/PsMapExec
滥用DCOM Execl应用程序进行横向移动
https://posts.specterops.io/lateral-movement-abuse-the-power-of-dcom-excel-application-3c016d0d9922
使用K-means算法进行横向移动检测
https://www.huntandhackett.com/blog/kmeans-clustering-for-lateral-movement-detection
终端对抗
SharpKiller:.net 4.8框架下的永久AMSI绕过
https://github.com/S1lkys/SharpKiller
.NetConfigLoader:微软签名的.Net应用程序列表,可用于通过.config文件加载dll规避EDR/AV或执行策略绕过
https://github.com/Mr-Un1k0d3r/.NetConfigLoader
LdrLibraryEx:能够将dll加载到内存的轻量级x64库
https://github.com/Cracked5pider/LdrLibraryEx
Defender-Exclusions-Creator-BOF:能够修改Windows Defender排除项的BOF
https://github.com/EspressoCake/Defender-Exclusions-Creator-BOF#supported-methods
GhostTask:无日志痕迹的计划任务
https://github.com/netero1010/GhostTask#ghost-scheduled-task
pandora:从不同的密码管理器中dump主凭据或实体的工具
https://github.com/efchatz/pandora
脱离命令行内联运行PE
https://www.coresecurity.com/core-labs/articles/running-pes-inline-without-console
Perfect DLL Hijacking:详细分析Windows下DLL劫持时的Loader Lock问题
https://elliotonsecurity.com/perfect-dll-hijacking/
漏洞相关
CVE-2023-20273:思科IOS XE提权漏洞分析
https://blog.leakix.net/2023/10/cisco-root-privesc/
CVE-2023-47246:SysAid中的RCE漏洞分析
https://www.huntress.com/blog/critical-vulnerability-sysaid-cve-2023-47246
CVE-2023-31247:Weston中的堆溢出漏洞
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1746
云安全
EC2用户数据到RCE
https://medium.com/@xploiterd/ec2-user-data-to-rce-f601264a75c2
其他
Azure AD主刷新令牌网络钓鱼
https://dirkjanm.io/phishing-for-microsoft-entra-primary-refresh-tokens/
cuddlephish:利用中间浏览器(BiTM)工具cuddlephish进行钓鱼
https://medium.com/@fakasler/phishing-with-dynamite-7d33d8fac038
https://github.com/fkasler/cuddlephish
HP Wolf 2023年Q3安全威胁洞察报告
https://threatresearch.ext.hp.com/hp-wolf-security-threat-insights-report-q3-2023/
谷歌云2023年Q3威胁视野报告
https://services.google.com/fh/files/blogs/gcat_threathorizons_full_oct2023.pdf
多源分析TOP MITRE ATT&CK技术报告
https://www.cyentia.com/wp-content/uploads/2023/11/CyentiaATTACK.pdf
进攻型机器学习手册
https://github.com/5stars217/offsecml
使用Volatility3分析现代Windows休眠文件
https://www.forensicxlab.com/posts/hibernation/
度量易受域前置影响的CDN
https://arxiv.org/abs/2310.17851
M01N Team公众号
聚焦高级攻防对抗热点技术
绿盟科技蓝军技术研究战队
官方攻防交流群
网络安全一手资讯
攻防技术答疑解惑
扫码加好友即可拉群
往期推荐