每周蓝军技术推送(2023.12.23-12.29)
2023-12-29 18:26:53 Author: mp.weixin.qq.com(查看原文) 阅读量:7 收藏

Web安全

Above:用于网络漏洞发现的协议嗅探器

https://securityonline.info/above-invisible-protocol-sniffer-for-finding-vulnerabilities-in-the-network/

https://github.com/wearecaster/Above

Nuclei插件合集:支持跨不同Web应用程序与服务进行安全扫描与检测

https://github.com/linuxadi/40k-nuclei-templates/

submonit88r:子域监控脚本

https://github.com/h0tak88r/submonit88r

honeypots-detection:开源蜜罐扫描

https://github.com/UnaPibaGeek/honeypots-detection

Java代码混淆:隐藏方法、字段以及代码片段

https://y4tacker.github.io/2023/12/22/year/2023/12/Hacking-FernFlower/

https://github.com/Y4tacker/HackingFernFlower

内网渗透

smbsocks:Sliver的smbsocks扩展

https://tishina.in/ops/sliver-forward-pivoting

https://github.com/zimnyaa/smbsocks/

终端对抗

PrivescCheck:本地提权发现

https://github.com/itm4n/PrivescCheck

LOLBAS:StandaloneRunner

https://github.com/nasbench/Misc-Research/blob/main/LOLBINs/StandaloneRunner.md

远程监控与管理工具相关LOLBAS滥用整理

https://docs.google.com/spreadsheets/d/1G_pJ1H2yJeoLUnki6kibujUJ9445M_2hRTEm3kUCf0M

vs-shellcode:Visual Studio的Shellcode项目模板

https://github.com/RtlDallas/vs-shellcode

EDRSilencer:检测并拦截EDR的出站流量

https://github.com/netero1010/EDRSilencer

Nidhogg:后渗透多功能Rootkit开发库

https://github.com/Idov31/Nidhogg

CLR堆加密:利用IHostMemoryManager接口在睡眠时加密CLR分配的内存

https://github.com/lap1nou/CLR_Heap_encryption

Ghidriff:Ghidra二进制比较引擎

https://clearbluejar.github.io/posts/ghidriff-ghidra-binary-diffing-engine/

https://github.com/clearbluejar/ghidriff

漏洞相关

CVE-2023-51385:SSH ProxyCommand中的代码执行

https://vin01.github.io/piptagole/ssh/security/openssh/libssh/remote-code-execution/2023/12/20/openssh-proxycommand-libssh-rce.html

CVE-2023-50254:深度Linux默认文档查看器RCE

https://github.com/febinrev/deepin-linux_reader_RCE-exploit

卡巴斯基对“三角测量行动”攻击漏洞链的完整分析

https://securelist.com/operation-triangulation-the-last-hardware-mystery/111669/

利用CVE-2023-35384、CVE-2023-36710实现Outlook 客户端 0click RCE

https://www.akamai.com/blog/security-research/chaining-vulnerabilities-to-achieve-rce-part-one

https://www.akamai.com/blog/security-research/2023/dec/chaining-vulnerabilities-to-achieve-rce-part-two

云安全

利用AWS服务实现数据窃取

https://airwalkreply.com/cloud-services-as-exfiltration-mechanisms?utm_source=cloudseclist.com&utm_medium=referral&utm_campaign=CloudSecList-issue-218

社工钓鱼

OUTLOOK攻击面综合分析

https://research.checkpoint.com/2023/the-obvious-the-normal-and-the-advanced-a-comprehensive-analysis-of-outlook-attack-vectors/

其他

利用LLM进行辅助开发时产生的漏洞引入风险

https://arxiv.org/pdf/2308.03109.pdf

利用GPT-4微调API绕过其安全机制

https://mp.weixin.qq.com/s?__biz=MzI4MDYzNzg4Mw==&mid=2247560124&idx=1&sn=a432320c5d52f8dbd0bc774d3c2bdf85&chksm=ebb6d368dcc15a7e80120a7de0525b5c2463b4a697a716fb5ab8c359b61b7a3c8cb91fd47ac6&mpshare=1&scene=1&srcid=1228GE9KHqzTvGjhlFGGYiWf&sharer_shareinfo=58e932eec7b3a9e655c3b2faaa09d6d4&sharer_shareinfo_first=58e932eec7b3a9e655c3b2faaa09d6d4&from=industrynews&version=4.1.16.6007&platform=win#rd

https://arxiv.org/pdf/2312.14302.pdf

M01N Team公众号

聚焦高级攻防对抗热点技术

绿盟科技蓝军技术研究战队

官方攻防交流群

网络安全一手资讯

攻防技术答疑解惑

扫码加好友即可拉群

往期推荐

每周蓝军技术推送(2023.12.16-12.22)

每周蓝军技术推送(2023.12.9-12.15)

每周蓝军技术推送(2023.12.2-12.8)


文章来源: https://mp.weixin.qq.com/s?__biz=MzkyMTI0NjA3OA==&mid=2247493213&idx=2&sn=caa0ee439bd4665406f1998567cb772b&chksm=c184264cf6f3af5a9e3ff27a1fa2ce68b2549c9154ed03be59d2df943cd6656f294e60fbd152&scene=58&subscene=0#rd
如有侵权请联系:admin#unsafe.sh