每周蓝军技术推送（2023.12.9-12.15）

https://isc.sans.edu/diary/30466

https://gist.github.com/paj28/86c7b8f37371d89c9a36ed0280fcf450

https://www.synacktiv.com/publications/using-ntdissector-to-extract-secrets-from-adam-ntds-files.html

https://www.akamai.com/blog/security-research/spoofing-dns-by-abusing-dhcp

https://github.com/Pennyw0rth/NetExec

https://github.com/referefref/canarytokendetector

https://www.blackhat.com/eu-23/briefings/schedule/#the-pool-party-you-will-never-forget-new-process-injection-techniques-using-windows-thread-pools-35446

https://github.com/SafeBreach-Labs/PoolParty

https://github.com/0xEr3bus/PoolPartyBof

https://github.com/myzxcg/RealBlindingEDR

https://github.com/jmpoep/vmprotect-3.5.1

https://twitter.com/Siebene7/status/1731870759130427726

https://seclists.org/oss-sec/2023/q4/257

https://github.com/rvizx/CVE-2023-30547

https://github.com/diego-tella/CVE-2023-1326-PoC

https://github.blog/2023-12-06-cueing-up-a-calculator-an-introduction-to-exploit-development-on-linux/

https://ssd-disclosure.com/ssd-advisory-windows-kernel-pool-clfs-sys-corruption-privilege-escalation/

https://rcvalle.com/blog/2023/12/09/llvm-cfi-and-cross-language-llvm-cfi-support-for-rust/

https://www.microsoft.com/en-us/security/blog/2023/12/05/microsoft-incident-response-lessons-on-preventing-cloud-identity-compromise/

https://medium.com/@crd0x49/0-click-account-takeover-steal-mfa-token-and-party-0cd561827593

https://www.vectra.ai/blog/csv-injection-in-azure-logs

https://techcommunity.microsoft.com/t5/microsoft-defender-for-office/protect-your-organizations-against-qr-code-phishing-with/ba-p/4007041

https://arxiv.org/abs/2312.02119

https://securelist.com/story-of-the-year-2023-ai-impact-on-cybersecurity/111341/

https://github.com/onhexgroup/Conferences/tree/main/Black%20Hat%20Europe%202023%20slides