每周蓝军技术推送（2022.4.2-4.8）

https://red.0xbad53c.com/red-team-operations/initial-access/webshells/iis-soap

https://github.com/fullhunt/spring4shell-scan

https://www.trustedsec.com/blog/making-smb-accessible-with-ntlmquic/

https://github.com/IcebreakerSecurity/DelegationBOF

https://www.mdsec.co.uk/2022/04/process-injection-via-component-object-model-com-irundowndocallback/

https://bohops.com/2022/04/02/unmanaged-code-execution-with-net-dynamic-pinvoke/

https://billdemirkapi.me/sharing-is-caring-abusing-shared-sections-for-code-injection/

https://kymb0.github.io/malwaredev-bypass-av-xml/

https://twitter.com/mrd0x/status/1511415432888131586

https://github.com/HuskyHacks/CobaltNotion

https://jsecurity101.medium.com/bypassing-access-mask-auditing-strategies-480fb641c158

https://github.com/arget13/DDexec

https://github.com/kris-nova/boopkit

https://medium.com/falconforce/debugging-the-undebuggable-and-finding-a-cve-in-microsoft-defender-for-endpoint-ce36f50bb31

https://docs.google.com/presentation/d/1E3uE-4mYpenw0s40rtMbIdxj3fJgC79aHCeiIlJSY5Y

https://blog.dbouman.nl/2022/04/02/How-The-Tables-Have-Turned-CVE-2022-1015-1016/

https://github.com/pqlx/CVE-2022-1015

https://www.secureworks.com/research/azure-active-directory-exposes-internal-information

https://labs.f-secure.com/blog/performing-and-preventing-attacks-on-azure-cloud-environments-through-azure-devops/

https://msrc-blog.microsoft.com/2022/04/05/randomizing-the-kuser_shared_data-structure-on-windows/