每周蓝军技术推送（2022.5.28-6.2）

https://speakerdeck.com/heirhabarov/hunting-for-active-directory-certificate-services-abuse

https://github.com/necreas1ng/VLANPWN

https://github.com/ValtteriL/UPnProxyChain

https://shufflingbytes.com/posts/upnproxychain-a-tool-to-exploit-devices-vulnerable-to-upnproxy/

https://github.com/mtth-bfft/adeleg

https://csandker.io/2022/05/29/Debugging-And-Reversing-ALPC.html

https://github.com/S4ntiagoP/freeBokuLoader

https://github.com/kleiton0x00/Shelltropy

https://github.com/Cracked5pider/KaynStrike

https://github.com/nickvourd/COM-Hunter

https://www.huntress.com/blog/microsoft-office-remote-code-execution-follina-msdt-bug

https://gist.github.com/tothi/66290a42896a97920055e50128c9f040

http://noahblog.360.cn/a-new-exploit-method-for-cve-2021-3560-policykit-linux-privilege-escalation/

https://www.horizon3.ai/vmware-authentication-bypass-vulnerability-cve-2022-22972-technical-deep-dive/

https://github.com/sbasu7241/AWS-Threat-Simulation-and-Detection

https://labs.detectify.com/2022/05/30/leveraging-aws-quicksight-dashboards-to-visualize-recon-data/

https://securityshenanigans.medium.com/enumeration-and-lateral-movement-in-gcp-environments-c3b82d342794

https://www.verizon.com/business/resources/reports/2022/dbir/2022-data-breach-investigations-report-dbir.pdf

https://github.com/Nautilus-Institute/quals-2022

https://assume-breach.medium.com/home-grown-red-team-using-phishpi-for-captive-portal-evil-twin-attacks-and-website-cloning-c63d1d814516