每周蓝军技术推送（2022.4.9-4.15）

https://tttang.com/archive/1525/

https://tttang.com/archive/1530/

https://devcraft.io/2022/04/04/universal-deserialisation-gadget-for-ruby-2-x-3-x.html

https://systemweakness.com/exploiting-xss-with-javascript-jpeg-polyglot-4cff06f8201a

https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a

https://www.x86matthew.com/view_post?id=import_dll_injection

https://medium.com/@tamirye94/office-multiple-search-order-dll-hijacking-67e76001ecf1

https://blog.scrt.ch/2022/04/05/automatically-extracting-static-antivirus-signatures/

https://mrd0x.com/cortex-xdr-analysis-and-bypass/

https://www.hackingarticles.in/a-detailed-guide-on-amsi-bypass/

https://vollragm.github.io/posts/abusing-large-page-drivers/

https://mp.weixin.qq.com/s/VJEgxfcuDRKMGBdkrXyRlA

https://alice.climent-pommeret.red/posts/a-syscall-journey-in-the-windows-kernel/

https://www.coresecurity.com/core-labs/articles/analysis-cve-2022-21882-win32k-window-object-type-confusion-exploit

https://www.thezdi.com/blog/2022/4/7/cve-2022-26381-gone-by-others-triggering-a-uaf-in-firefox

https://mp.weixin.qq.com/s/tGwCwOQ8eAwm26fHXTCy5A

https://rhinosecuritylabs.com/aws/cve-2022-25165-aws-vpn-client

https://www.coresecurity.com/core-labs/articles/proof-concept-cve-2022-21907-http-protocol-stack-remote-code-execution

https://blog.lightspin.io/aws-rds-critical-security-vulnerability

https://arxiv.org/pdf/2204.05122.pdf

https://medium.com/@airlockdigital/make-phishing-great-again-vsto-office-files-are-the-new-macro-nightmare-e09fcadef010

https://mp.weixin.qq.com/s/qywbXyHDPvZpqY0GABDbwg

https://mp.weixin.qq.com/s/N6CWX9ZVnbyeYBIibwb0SA

https://assume-breach.medium.com/home-grown-red-team-internal-windows-phishing-with-pickl3-and-insideman-2cd2e92f7d3e

https://tttang.com/archive/1542/