Web安全
CVE-2024-4577:PHP CGI参数注入漏洞的Nuclei模板POC
https://github.com/huseyinstif/CVE-2024-4577-Nuclei-Template
内网渗透
Conpass:持续进行密码喷射攻击而规避锁定风险
https://github.com/login-securite/conpass
https://en.hackndo.com/password-spraying-lockout/
MAT:MSSQL服务器漏洞扫描与利用
https://github.com/SySS-Research/MAT
chromedb:无需启动浏览器,直接读取Chrome浏览器数据
https://github.com/noperator/chromedb
针对F5 Big-IP的root权限提升与后渗透利用
https://offsec.almond.consulting/post-exploiting-f5-BIG-IP.html
Windows Server 2025起将逐渐移除NTLM认证支持
https://learn.microsoft.com/en-us/windows-server/get-started/removed-deprecated-features-windows-server-2025
终端对抗
RflDllOb:自定义反射DLL与注入器项目
https://github.com/oldboy21/RflDllOb
https://oldboy21.github.io/posts/2023/12/all-i-want-for-christmas-is-reflective-dll-injection/
MDE_Enum:Window Defender ASR规则提取工具
https://github.com/0xsp-SRD/MDE_Enum
Disable-TamperProtection:禁用Windows Defender防篡改功能
https://github.com/AlteredSecurity/Disable-TamperProtection
File-Tunnel:借助文件隧道打通TCP连接
https://github.com/fiddyschmitt/File-Tunnel
借助合法取证工具绕过EDR读取NTDS.dit
https://medium.com/@0xcc00/bypassing-edr-ntds-dit-protection-using-blueteam-tools-1d161a554f9f
编写自己的C#混淆器
https://www.ribbiting-sec.info/posts/2024-06-05_csharp_obfuscator/
深入剖析Window内核Secure Image对象
https://connormcgarr.github.io/secure-images/
TrustedSec武器、POC存储库
https://github.com/trustedsec/The_Shelf
https://trustedsec.com/blog/introducing-the-shelf
漏洞相关
CVE-2024-29824:Ivati EPM SQL注入RCE漏洞POC
https://www.horizon3.ai/attack-research/attack-blogs/cve-2024-29824-deep-dive-ivanti-epm-sql-injection-remote-code-execution-vulnerability/
https://github.com/horizon3ai/CVE-2024-29824
CVE-2024-29849:Veeam 企业认证管理器认证绕过漏洞POC
https://summoning.team/blog/veeam-enterprise-manager-cve-2024-29849-auth-bypass/
https://github.com/sinsinology/CVE-2024-29849
云安全
基于云的身份渗透攻击
https://github.com/LearningKijo/SecurityResearcher-Note/blob/main/SecurityResearcher-Note-Folder/Day16-CloudId-Exfiltration-AttackReport-Part1.md
Windows EntraId缓存凭据爆破风险及原理分析
https://www.synacktiv.com/en/publications/whfb-and-entra-id-say-hello-to-your-new-cache-flow
https://github.com/synacktiv/CacheData_decrypt
Azure 云令牌盗窃技术思维导图
https://rootsecdev.medium.com/introduction-to-azure-cloud-token-theft-mindmap-v1-22d015cb5ee8
CI/CD攻击研究资源整合仓库
https://github.com/TupleType/awesome-cicd-attacks
人工智能和安全
新型攻击技术“Sleepy Pickle”瞄准机器学习模型
https://thehackernews.com/2024/06/new-attack-technique-sleepy-pickle.html
https://blog.trailofbits.com/2024/06/11/exploiting-ml-models-with-pickle-file-attacks-part-1/
如何针对特定任务微调模型,以IDA反编译插件为例
https://www.atredis.com/blog/2024/6/3/how-to-train-your-large-language-model
https://github.com/atredispartners/aidapal
社工钓鱼
如何提升钓鱼网站域名的可信度
https://posts.specterops.io/one-phish-two-phish-red-teams-spew-phish-1a2f02010ed7
Evilginx网络钓鱼基础设施部署指南
https://github.com/An0nUD4Y/Evilginx-Phishing-Infra-Setup
其他
Defender XDR检测隐藏桌面上运行的可疑进程
https://techcommunity.microsoft.com/t5/microsoft-defender-for-endpoint/detect-suspicious-processes-running-on-hidden-desktops/ba-p/4072322
BoxedApp商业加壳器在野滥用态势与技术分析
https://research.checkpoint.com/2024/inside-the-box-malwares-new-playground/
能在大部分Linux系统执行的静态链接工具集
https://github.com/soxrok2212/ubiquity-toolkit
深入了解F5 Secure Vault机制
https://offsec.almond.consulting/deep-diving-f5-secure-vault.html
JA4+流量指纹特征数据库
https://ja4db.com/
omakub:Ubuntu系统一键安全加固脚本
https://github.com/basecamp/omakub
M01N Team公众号
聚焦高级攻防对抗热点技术
绿盟科技蓝军技术研究战队
官方攻防交流群
网络安全一手资讯
攻防技术答疑解惑
扫码加好友即可拉群
往期推荐