Web安全
滥用DHCP DNS动态更新欺骗DNS记录
https://www.akamai.com/blog/security-research/spoofing-dns-by-abusing-dhcp
内网渗透
godap:go实现的LDAP TUI
https://github.com/Macmod/godap
检测基于资源的约束委派滥用
https://swolfsec.github.io/2023-11-29-Detecting-Resource-Based-Constrained-Delegation/
终端对抗
SharpTokenFinder:从Office桌面程序窃取M365访问令牌的C#实现
https://github.com/HuskyHacks/SharpTokenFinder
ClickOnce-AppDomain-Manager-Injection:ClickOnce应用+AppDomain Manager注入绕过smart screen
https://github.com/weaselsec/ClickOnce-AppDomain-Manager-Injection
Gitlab蓝军的自动化C2测试方案
https://about.gitlab.com/blog/2023/11/28/how-gitlabs-red-team-automates-c2-testing/
GhostDriver:使用BYOVD关闭安全产品
https://github.com/BlackSnufkin/GhostDriver
RMML:可能被滥用的远程管理监控工具列表
https://github.com/LivingInSyn/RMML
漏洞相关
CVE-2023-49103、CVE-2023-49105:ownCloud PHPInfo页面信息泄露和RCE
https://www.ambionics.io/blog/owncloud-cve-2023-49103-cve-2023-49105
VectorKernel:多种内核模式rootkit技术PoC集合
https://github.com/daem0nc0re/VectorKernel
云安全
ROADtools:Azure AD攻防工具集合
https://github.com/dirkjanm/ROADtools
ROADTools-Analyser:查询Azure AD用户密码元数据用于账户安全分析
https://github.com/FlyingPhish/ROADTools-Analyser
ADOKit:Azure DevOps服务攻击工具集合
https://github.com/xforcered/ADOKit
Google Workspace域范围委派中存在提权和未授权漏洞
https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover
其他
LLMs安全:针对业务模型应用场景下提示词的攻击手段与危害
https://mp.weixin.qq.com/s/2bm7nuXkORLZ20mfpOmwrA
LLMs安全:针对业务模型应用场景下提示词攻击的防御检测方案
https://mp.weixin.qq.com/s/lU8o25OoMYSwM3HKRp6eEw
llamafile:单文件运行LLM
https://github.com/mozilla-Ocho/llamafile
VirusTotal发布AI如何助力恶意软件分析报告
https://assets.virustotal.com/reports/2023-ai
黑莓2023年6-8月全球威胁情报报告
https://www.blackberry.com/content/dam/bbcomv4/blackberry-com/en/solutions/threat-intelligence/2023/threat-intelligence-report-nov/Blackberry-Global-Threat-Intelligence-Report-November-2023.pdf
Meta 2023 Q3对抗性威胁报告
https://transparency.fb.com/sr/Q3-2023-Adversarial-threat-report
M01N Team公众号
聚焦高级攻防对抗热点技术
绿盟科技蓝军技术研究战队
官方攻防交流群
网络安全一手资讯
攻防技术答疑解惑
扫码加好友即可拉群
往期推荐