每日安全动态推送(02-15)

渗透技巧 2年前 (2022) admin
626 0 0
Tencent Security Xuanwu Lab Daily News


• [Malware] PrivateLoader: The first step in many malware schemes:
https://intel471.com/blog/privateloader-malware

   ・ PrivateLoader: The first step in many malware schemes – Jett


• 汽车安全测试终极指南,第一篇(译文):
https://tttang.com/archive/1427/

   ・ 汽车安全测试终极指南,第一篇(译文) – lanying37


• CVE-2021-4034 pkexec 本地提权漏洞利用解析:
https://www.iceswordlab.com/2022/02/10/CVE-2021-4034/

   ・ CVE-2021-4034 pkexec 本地提权漏洞利用解析 – Jett


• Progamming for Wannabes XV. Crypters Part III:
https://0x00sec.org/t/progamming-for-wannabes-xv-crypters-part-iii/27934

   ・ Programming for Wannabes XIV. Crypters Part II  – lanying37


• Parallels Desktop虚拟机逃逸:
https://dawnslab.jd.com/pd-exploit-blog1/

   ・ 京东 DawnsLab 对 Parallels Desktop 虚拟机逃逸漏洞的分析 – Jett


• Persistence – Notepad++ Plugins – Penetration Testing Lab:
https://pentestlab.blog/2022/02/14/persistence-notepad-plugins/

   ・ 编写 Notepad++ Plugins 实现渗透时的权限维持 – Jett


• PropR: Property-based Program repair using GHC:
https://github.com/Tritlo/PropR

   ・ PropR: Property-based Program repair using GHC – Jett


• [Linux] Binary Exploitation:
https://github.com/rosehgal/BinExp

   ・ Linux 二进制开发学习资料. – lanying37


• [Pentest] Dropping Files on a Domain Controller Using CVE-2021-43893:
https://blog.rapid7.com/2022/02/14/dropping-files-on-a-domain-controller-using-cve-2021-43893/

   ・ 利用 Windows EFS CVE-2021-43893 漏洞在 Domain Controller 上写文件 – Jett


• [Tools] Eliminating Dangling Elastic IP Takeovers with Ghostbuster:
https://blog.assetnote.io/2022/02/13/dangling-eips/

   ・ 利用 Ghostbuster 工具发现 AWS 云环境 IP 变更导致的 Dangling IP – Jett


* 查看或搜索历史推送内容请访问:
https://sec.today

* 新浪微博账号:腾讯玄武实验室
https://weibo.com/xuanwulab


原文始发于微信公众号(腾讯玄武实验室):每日安全动态推送(02-15)

版权声明:admin 发表于 2022年2月15日 上午4:22。
转载请注明:每日安全动态推送(02-15) | CTF导航

相关文章

暂无评论

您必须登录才能参与评论!
立即登录
暂无评论...