每周蓝军技术推送（2024.1.27-2.2）

https://moopinger.github.io/blog/smugglefuzz/fuzzing/smuggling/2024/01/31/SmuggleFuzz.html

https://github.com/moopinger/smugglefuzz

https://github.com/FalconForceTeam/SOAPHound

https://github.com/rasta-mouse/CsWhispers/

https://github.com/The-Z-Labs/bof-launcher

https://redops.at/en/blog/leveraging-fake-dlls-guard-pages-and-veh-for-enhanced-detection

https://5pider.net/blog/2024/01/27/modern-shellcode-implant-design/

https://cwresearchlab.co.kr/entry/CVE-2024-0517-Out-of-Bounds-Write-in-V8

https://github.com/duy-31/CVE-2023-35636

https://glassyamadeus.github.io/2024/01/31/CVE_2024_20931/

https://seclists.org/oss-sec/2024/q1/31

https://www.docker.com/blog/docker-security-advisory-multiple-vulnerabilities-in-runc-buildkit-and-moby/

https://aws.amazon.com/cn/blogs/security/data-masking-and-granular-access-control-using-amazon-macie-and-aws-lake-formation/

https://github.com/rohsec/LEAKEY

https://github.com/waelmas/frameless-bitb

https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/trusted-domain-hidden-danger-deceptive-url-redirections-in-email-phishing-attacks/

https://github.com/blackorbird/APT_REPORT/blob/master/summary/2024/GRIT_Ransomware_Annual_Report_2023.pdf

https://github.com/blackorbird/APT_REPORT/blob/master/summary/2024/Symantec_Ransomware_Threat_Landscape_2024.pdf

https://github.com/Cyb3rWard0g/IntelRAGU

https://linear.red/blog/2024/01/29/llm01—prompt-injections-vulnerabilities-in-large-language-models/

https://linear.red/blog/2024/02/01/llm02—insecure-output-handling/

https://github.com/google/oss-fuzz-gen