每周蓝军技术推送（2023.3.4-3.10）

https://www.pavel.gr/blog/obfuscating-rubeus-using-codecepticon

https://tij.me/blog/harvesting-active-directory-credentials-via-http-request-smuggling/

https://github.com/TrimarcJake/Locksmith

https://www.secura.com/uploads/whitepapers/Secura-WP-Timeroasting-v3.pdf
https://github.com/SecuraBV/Timeroast

https://www.cobaltstrike.com/blog/cobalt-strike-4-8-system-call-me-maybe/

https://skr1x.github.io/keepass-dll-hijacking/

https://github.com/ZeroMemoryEx/Amsi-Killer

https://github.com/mrexodia/lolbin-poc

https://www.coresecurity.com/blog/hardware-call-stack

https://www.bleepingcomputer.com/news/security/proof-of-concept-released-for-critical-microsoft-word-rce-bug/

https://github.com/chompie1337/Windows_LPE_AFD_CVE-2023-21768

https://medium.com/@laythchebbi/azure-infiltrated-how-attackers-exploit-misconfigured-environments-to-breach-data-and-cause-damage-f24ba5342bfe

https://starlabs.sg/blog/2023/02-microsoft-azure-account-takeover-via-dom-based-xss-in-cosmos-db-explorer/

https://cloudbrothers.info/en/prem-global-admin-password-reset/

https://www.synacktiv.com/en/publications/cicd-secrets-extraction-tips-and-tricks.html

https://fortynorthsecurity.com/blog/redirecting-maldoc-transfers-in-the-cloud/

https://www.vice.com/en/article/dy7axa/how-i-broke-into-a-bank-account-with-an-ai-generated-voice

https://github.com/CosmodiumCS/SpiderCat

https://techcommunity.microsoft.com/t5/microsoft-sentinel-blog/anomaly-detection-and-explanation-with-isolation-forest-and-shap/ba-p/3750086