内网渗透
Invoke-ADEnum:自动化AD枚举工具
https://github.com/Leo4j/Invoke-ADEnum
AD域内权限维持技术研究
https://www.huntandhackett.com/blog/how-to-achieve-eternal-persistence
https://www.huntandhackett.com/blog/how-to-achieve-eternal-persistence-part-2
https://www.huntandhackett.com/blog/how-to-achieve-eternal-persistence-part-3
利用SCCM绕过防御进行横向移动
https://www.guidepointsecurity.com/blog/sccm-exploitation-evading-defenses-and-moving-laterally-with-sccm-application-deployment
利用.NET Profiler进行横向移动
https://posts.specterops.io/lateral-movement-with-the-net-profiler-8772c86f9523
https://github.com/MayerDaniel/profiler-lateral-movement
终端对抗
VOIDGATE:借助VEH和汇编指令加密规避内存扫描
https://github.com/vxCrypt0r/Voidgate
睡眠状态Beacon识别工具
https://github.com/thefLink/Hunt-Sleeping-Beacons
恶意Windows进程、线程异常状态识别
https://www.trustedsec.com/blog/windows-processes-nefarious-anomalies-and-you-threads
绕过PowerShell ScriptBlock日志
https://bc-security.org/scriptblock-smuggling/
https://github.com/BC-SECURITY/ScriptBlock-Smuggling
RdpStrike:借助硬件断点提取明文RDP密码
https://github.com/0xEr3bus/RdpStrike
漏洞相关
CVE-2024-20693:Windows 缓存代码签名伪造漏洞
https://sector7.computest.nl/post/2024-06-cve-2024-20693-windows-cached-code-signature-manipulation/
CVE-2024-26229:Windows csc.sys驱动LPE漏洞
https://github.com/varwara/CVE-2024-26229
https://github.com/NVISOsecurity/CVE-2024-26229-BOF
CVE-2024-30078:Windows WiFi 驱动程序RCE漏洞
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30078
https://github.com/lvyitian/CVE-2024-30078-
Linux内核攻击面探索与模糊测试方法分享
https://github.com/sam4k/talk-slides/blob/main/so_you_wanna_find_bugs_in_the_linux_kernel.pdf
CVE-2024-27815:XNU内核中的缓冲区溢出漏洞分析
https://jprx.io/cve-2024-27815/
CVE-2024-21378:Microsoft Outlook RCE漏洞分析
https://www.netspi.com/blog/technical-blog/red-team-operations/microsoft-outlook-remote-code-execution-cve-2024-21378/
Chromium V8 堆沙箱中的代码执行
https://anvbis.au/posts/code-execution-in-chromiums-v8-heap-sandbox/
云安全
Kubernetes中allowPrivilegeEscalation选项滥用风险辨析
https://blog.christophetd.fr/stop-worrying-about-allowprivilegeescalation/
gcpwn:谷歌存储桶渗透辅助工具
https://github.com/NetSPI/gcpwn
人工智能和安全
JailbreakEval:用于评估针对大型语言模型进行越狱尝试的集成工具包
https://arxiv.org/abs/2406.09321
Github Copilot提示词注入漏洞分析
https://embracethered.com/blog/posts/2024/github-copilot-chat-prompt-injection-data-exfiltration/
AI基础设施风险,NVIDIA Triton服务器的Preauth RCE漏洞
https://sites.google.com/site/zhiniangpeng/blogs/Triton-RCE
社工钓鱼
渐进式 Web 应用程序 (PWA) 网络钓鱼
https://mrd0x.com/progressive-web-apps-pwa-phishing/
其他
Kdrill:Windows内核rootkit检测工具
https://github.com/ExaTrack/Kdrill
Linux与macOS系统EDR agent分析工具
https://github.com/outflanknl/edr-internals/
SteppingStones:红队攻击日志集中记录平台,已支持CS与BloodHound
https://github.com/nccgroup/SteppingStones
https://research.nccgroup.com/2024/06/12/stepping-stones-a-red-team-activity-hub/
Bridewell发布2024网络威胁年度报告
https://www.bridewell.com/insights/white-papers/detail/cyber-threat-intelligence-report-2024
x33fcon 2024研讨会幻灯片和代码
https://github.com/rtecCyberSec/Packer_Development
M01N Team公众号
聚焦高级攻防对抗热点技术
绿盟科技蓝军技术研究战队
官方攻防交流群
网络安全一手资讯
攻防技术答疑解惑
扫码加好友即可拉群
往期推荐
原文始发于微信公众号(M01N Team):每周蓝军技术推送(2024.6.15-6.21)
