每周蓝军技术推送（2023.12.16-12.22）

https://github.com/synacktiv/bbs

https://github.com/crissyfield/troll-a

https://github.com/danti1988/adcshunter

https://www.akamai.com/blog/security-research/weaponizing-dhcp-dns-spoofing-hands-on-guide

https://github.com/akamai/DDSpoof

https://github.com/Unprotect-Project/FuncInEvasionTechniqueDemo?tab=readme-ov-file

https://ipslav.github.io/2023-12-12-let-me-manage-your-appdomain/

https://github.com/ipSlav/DirtyCLR

https://github.com/es3n1n/obfuscator

https://blog.es3n1n.eu/posts/obfuscator-pt-1/

https://github.com/bohops/DynamicDotNet

https://github.com/jborean93/PSEtw

https://xz.aliyun.com/t/13187

https://medium.com/@ChandSingh/cve-2023-43837-two-factor-authentication-x2fa-bypass-vulnerability-in-roundcube-webmail-plugin-f2fef177187e

https://gist.github.com/testanull/dac6029d306147e6cc8dce9424d09868

https://securelist.com/windows-clfs-exploits-ransomware-cve-2023-28252/111601/

https://www.gamingdeputy.com/terrapin-exploiting-a-vulnerability-in-the-ssh-protocol-to-weaken-connection-security/

https://msrc.microsoft.com/blog/2023/12/azure-serial-console-attack-and-defense-part-2/

https://github.com/olafhartong/DefenderHarvester

https://www.csoonline.com/article/1261461/cloud-squatting-how-attackers-can-use-deleted-cloud-assets-against-you.html

https://github.com/HuntDownProject/HEDnsExtractor

https://www.lakera.ai/blog/llm-security-tools

https://xz.aliyun.com/t/13189

https://github.com/montysecurity/C2-Tracker