Web安全
chromecookiestealer:通过DevTools (–remote-debugging-port) 协议窃取/注入Chrome cookie
https://github.com/magisterquis/chromecookiestealer
隐蔽通信的演变:从域前置到PAAS重定向器
https://www.bc-security.org/the-evolution-of-covert-communication-from-domain-fronting-to-paas-redirectors/
通过Sitecore 9.3 中的三个RCE和两个Auth绕过绕过IIS授权
https://blog.assetnote.io/2023/05/10/sitecore-round-two/
CVE-2023-2825:一个罕见的Gitlab目录穿越漏洞
https://rce.moe/2023/05/25/Gitlab-CVE-2023-2825/
集权设施攻防兵法:实战攻防之Exchange篇
https://mp.weixin.qq.com/s/2yL9RbOdX8DY8rHwYKci5w
内网渗透
CypherDog:通过Neo4j HTTP API与BloodHound数据交互
https://github.com/SadProcessor/CypherDog
ADCSKiller:自动化发现和利用ADCS漏洞
https://github.com/grimlockx/ADCSKiller
ssh-key-backdoor:在SSH公钥中植入后门
https://blog.thc.org/infecting-ssh-public-keys-with-backdoors
https://github.com/hackerschoice/ssh-key-backdoor
终端对抗
Chimera:具有EDR规避功能的自动化DLL侧加载工具
https://github.com/georgesotiriadis/Chimera
规避内存中Yara扫描的可拓展CS C2配置文件
https://www.cobaltstrike.com/blog/cobalt-strike-and-yara-can-i-have-your-signature/
HiddenDesktop:在用户不知情的情况下与远程桌面会话进行交互的CS BOF工具
https://github.com/WKL-Sec/HiddenDesktop
PPLFaultDumpBOF:PPL Fault Dump凭据获取CS BOF工具
https://github.com/trustedsec/PPLFaultDumpBOF
漏洞相关
CVE-2022-42475: FortiGate和FortiProxy设备中的堆溢出漏洞分析
https://bishopfox.com/blog/exploit-cve-2022-42475
CVE-2023-28771:Zyxel网络设备中存在未经身份验证的命令注入漏洞
https://attackerkb.com/topics/N3i8dxpFKS/cve-2023-28771/rapid7-analysis
CVE-2023-32784:KeePass 2.X可从内存转储文件中恢复明文主密码
https://github.com/vdohney/keepass-password-dumper
CVE-2023-1586:Avast中存在任意文件写入漏洞
https://the-deniss.github.io/posts/avast-privileged-arbitrary-file-create-on-restore/
其他
Postmaniac:Postman OSINT工具,可从Postman Public Workspaces中提取cred、token、用户名、电子邮件等
https://github.com/boringthegod/postmaniac
动态设备代码钓鱼
https://www.blackhillsinfosec.com/dynamic-device-code-phishing/
InterPlanetary文件系统:去中心化的网络钓鱼内容托管设施
https://www.netskope.com/blog/interplanetary-file-system-a-decentralized-place-to-host-phishing-content
RootedCON 2023:软件保护的故事:更好地结合密码学和混淆技术
https://github.com/arnaugamez/talks/tree/main/2023/01_rootedcon
Hypervisor:虚拟化网络安全技术资料汇总
https://github.com/AtonceInventions/Hypervisor
M01N Team公众号
聚焦高级攻防对抗热点技术
绿盟科技蓝军技术研究战队
官方攻防交流群
网络安全一手资讯
攻防技术答疑解惑
扫码加好友即可拉群
往期推荐
原文始发于微信公众号(M01N Team):每周蓝军技术推送(2023.5.20-5.26)
