每周蓝军技术推送(2024.1.13-1.19)
2024-1-19 18:6:25 Author: M01N Team(查看原文) 阅读量:28 收藏

Web安全

Scanme:基于GoPacket库的网络扫描器

https://github.com/CyberRoute/scanme

Domainim:针对组织网络的快速域名扫描工具

https://github.com/pptx704/domainim

工程化编写Agent-filter内存马

https://xz.aliyun.com/t/13268

内网渗透

未经授权访问域控制器中的NTDS.DIT文件

https://medium.com/@bartukilickaya/unauthorized-access-to-ntds-dit-file-in-domain-controllers-69505ec67f20

DFSCoerce-exe-2:MS-DFSNM强制身份验证,支持为显式身份验证指定备用凭据

https://github.com/decoder-it/DFSCoerce-exe-2/

SuperSharpShares:域共享枚举工具,允许通过关联的域帐户快速验证可访问的共享

https://labs.lares.com/supersharpshares-release/

https://github.com/LaresLLC/SuperSharpShares

Impacket的SSPI实现

https://swarm.ptsecurity.com/python-sspi-teaching-impacket-to-respect-windows-sso/

https://github.com/fortra/impacket

终端对抗

raddebugger:多进程图形化调试器

https://github.com/EpicGames/raddebugger

LLVM-YX-Callobfuscator:LLVM插件,在编译时应用堆栈欺骗和间接系统调用

https://github.com/janoglezcampos/llvm-yx-callobfuscator

用于绕过EDR的CS配置文件生成器

https://github.com/EvilGreys/Cobalt-Strike-Profiles-for-EDR-Evasion

基于ebpf的渗透利用工具集

https://github.com/bfengj/eBPFeXPLOIT

revng:ELF二进制文件分析并转换成等效的LLVM IR

https://github.com/revng/revng

漏洞相关

CVE-2024-20656:Visual Studio调试服务中的任意文件DACL重置漏洞

https://www.mdsec.co.uk/2024/01/cve-2024-20656-local-privilege-escalation-in-vsstandardcollectorservice150-service/

https://github.com/Wh04m1001/CVE-2024-20656

CVE-2023-36003:XAML诊断API权限提升漏洞

https://m417z.com/Privilege-escalation-using-the-XAML-diagnostics-API-CVE-2023-36003/

https://github.com/m417z/CVE-2023-36003-POC

CVE-2024-21305:Windows HVCI机制绕过

https://tandasat.github.io/blog/2024/01/15/CVE-2024-21305.html

https://github.com/tandasat/CVE-2024-21305

Ubuntu内存对齐导致ASLR绕过

https://zolutal.github.io/aslrnt/

SploitScan:CVE详细信息与公开PoC搜集工具

https://github.com/xaitax/SploitScan

云安全

Entra ID Connect任意密码覆盖

https://nullg0re.com/2024/01/entra-id-connect-arbitrary-password-overwrite/

社工钓鱼

Bob the Smuggler:HTML Smuggling工具,隐藏有效载荷压缩包到图像文件中

https://medium.com/@TheCyb3rAlpha/bobthesmuggler-your-covert-cyber-swiss-knife-for-undetectable-payload-delivery-bc84f3037522

https://github.com/TheCyb3rAlpha/BobTheSmuggler

其他

LLM的敏感数据泄露风险

https://mikensec.medium.com/covert-data-exfiltration-via-llms-uncovering-the-hidden-risks-c50c106c87c8

M01N Team公众号

聚焦高级攻防对抗热点技术

绿盟科技蓝军技术研究战队

官方攻防交流群

网络安全一手资讯

攻防技术答疑解惑

扫码加好友即可拉群

往期推荐

每周蓝军技术推送(2024.1.6-2024.1.12)

每周蓝军技术推送(2023.12.30-2024.1.15)

每周蓝军技术推送(2023.12.23-12.29)


文章来源: http://mp.weixin.qq.com/s?__biz=MzkyMTI0NjA3OA==&mid=2247493280&idx=1&sn=6d862a8d53484c3c8611e2b64646b133&chksm=c06fa89b948b1097ef3ec51dfd50f04352bf660a8a974e5040e3af283a618983e2d0f3b9a509&scene=0&xtrack=1#rd
如有侵权请联系:admin#unsafe.sh