Tencent Security Xuanwu Lab Daily News
• Attack Flow:
https://github.com/center-for-threat-informed-defense/attack-flow
・ Attack Flow – 为攻击者攻击流程进行辅助建模的工具
– Jett
• GitHub – engn33r/awesome-bluetooth-security: List of Bluetooth BR/EDR/LE security resources:
https://github.com/engn33r/awesome-bluetooth-security
・ 近些年蓝牙相关的安全研究资料整理
– Jett
• [Virtualization] Kubernetes and HostPath, a Love-Hate Relationship:
http://blog.quarkslab.com/kubernetes-and-hostpath-a-love-hate-relationship.html
・ Kubernetes 与 HostPath 相关的几个漏洞的分析
– Jett
• [PDF] https://saelo.github.io/presentations/bluehat_il_22_a_brief_history_of_imessage_exploitation.pdf:
https://saelo.github.io/presentations/bluehat_il_22_a_brief_history_of_imessage_exploitation.pdf
・ A Brief History of iMessage Exploitation
– Jett
• Journey-to-McAfee/EDR-Recasting at main · RedTeamOperations/Journey-to-McAfee:
https://github.com/RedTeamOperations/Journey-to-McAfee/tree/main/EDR-Recasting
・ Re-casting EDR functions,滥用 McAfee EDR 加载执行 Shellcode
– Jett
• bluehatil22:
https://github.com/decoder-it/bluehatil22/
・ Bluehat 2022 会议的议题,滥用 RPC/DCOM 协议实现本地提权
– Jett
• Rogue RDP – Revisiting Initial Access Methods:
https://www.blackhillsinfosec.com/rogue-rdp-revisiting-initial-access-methods/
・ Rogue RDP – Revisiting Initial Access Methods.
– lanying37
• [Tools, Pentest] Alan Framework:
https://github.com/enkomio/AlanFramework
・ 一款支持在内存中执行 JS 脚本的 C2 Post-Exploitation 框架
– Jett
• MiSecurity / Cyber-Security-Baseline-for-Consumer-Internet-of-Things:
https://github.com/MiSecurity/Cyber-Security-Baseline-for-Consumer-Internet-of-Things
・ 小米发布 《消费级物联网安全基线》2.0 版本
– Jett
• Manipulating User Passwords Without Mimikatz – TrustedSec:
https://www.trustedsec.com/blog/manipulating-user-passwords-without-mimikatz/?utm_campaign=Blog%20Posts&utm_content=199879719&utm_medium=social&utm_source=twitter&hss_channel=tw-403811306
・ 不依赖 Mimikatz 重置用户的密码
– Jett
* 查看或搜索历史推送内容请访问:
https://sec.today
* 新浪微博账号:腾讯玄武实验室
https://weibo.com/xuanwulab
原文始发于微信公众号(腾讯玄武实验室):每日安全动态推送(03-04)