每周蓝军技术推送（2022.5.14-5.20）

https://blog.stazot.com/stealing-google-drive-oauth-tokens-from-dropbox/

https://www.vidocsecurity.com/blog/hacking-swagger-ui-from-xss-to-account-takeovers/

https://barbellsandrootshells.com/electron-shellcode-loader

https://labs.f-secure.com/blog/scheduled-task-tampering/

https://offensivedefence.co.uk/posts/ntcreateuserprocess/

https://tttang.com/archive/1584/

https://github.com/badboycxcc/Netgear-ssl-vpn-20211222-CVE-2022-29383#cve-2022-29383

https://github.com/theori-io/CVE-2022-26717-Safari-WebGL-Exploit

https://googleprojectzero.github.io/0days-in-the-wild/0day-RCAs/2022/CVE-2022-22675.html

https://pwn.win/2022/05/11/python-buffered-reader.html

https://github.com/kn32/python-buffered-reader-exploit/blob/master/exploit.py

https://github.com/sailay1996/SpoolTrigger

https://github.com/p0dalirius/Awesome-RCE-techniques

https://blog.security.sea.com/posts/pwn2own-2021-rv340/

https://i.blackhat.com/Asia-22/Friday-Materials/AS-22-Zhang-Bypass-CFG-In-Chrome.pdf

https://i.blackhat.com/Asia-22/Friday-Materials/AS-22-Xu-The-Next-Generation-of-Windows-Exploitation-Attacking-the-Common-Log-File-System.pdf

http://security.googleblog.com/2022/05/privileged-pod-escalations-in.html

https://i.blackhat.com/Asia-22/Thursday-Materials/AS-22-Qiuhao-Recursive-MMIO-final.pdf

https://github.com/gabriel-sztejnworcel/pipe-intercept

https://vul.360.net/archives/391?continueFlag=2065c4d6bed3a8e7a80c495d7066e013

https://github.com/Octoberfest7/XLL_Phishing

https://www.blackhat.com/asia-22/briefings/schedule/