Web安全
http-garden:HTTP服务器和代理的差异测试和模糊测试
https://github.com/narfindustries/http-garden/
AlphaScan:用于漏洞扫描的BurpSuite扩展
https://github.com/Anof-cyber/AlphaScan
内网渗透
ntlm_relay_gat:自动化利用ntlmrelayx身份验证会话
https://github.com/ad0nis/ntlm_relay_gat
SharpADWS:AD域侦察与利用工具
https://github.com/wh0amitz/SharpADWS
终端对抗
使用反恐精英1.6服务器作为C2控制端
https://github.com/eversinc33/1.6-C2
利用EDR Preloading机制绕过EDR DLL注入
https://malwaretech.com/2024/02/bypassing-edrs-with-edr-preload.html
Dirty Vanity 与 Pool Party 注入技术分析和思考
https://xz.aliyun.com/t/13579
Proctools:Windows进程敏感信息转储工具
https://github.com/mlcsec/proctools
BTIGhidra:辅助恢复类型信息的Ghidra插件
https://blog.trailofbits.com/2024/02/07/binary-type-inference-in-ghidra/
https://github.com/trailofbits/BTIGhidra
FromThief:基于WinForms和WPF的欺骗登录工具
https://github.com/mlcsec/FormThief
InflativeLoading:PE to shellcode转换工具
https://github.com/senzee1984/InflativeLoading
BadExclusionsNWBO:通过判断Ntdll是否被Hook识别AV/EDR的文件夹排除项
https://github.com/iamagarre/BadExclusionsNWBO
UAC-BOF-Bonanza:公开的UAC Bypass方法集合
https://github.com/icyguider/UAC-BOF-Bonanza
.Net无线程进程注入规避执行链监测
https://vovohelo.medium.com/net-threadless-process-injection-6c389a9ce585
https://github.com/bananabr/CLRInjector
漏洞相关
APT 组织 Water Hydra利用CVE-2024-21412新攻击链实现入口突破
https://www.trendmicro.com/en_us/research/24/b/cve202421412-water-hydra-targets-traders-with-windows-defender-s.html
CVE-2024-21413:Microsoft Outlook远程代码执行漏洞
https://github.com/labesterOct/CVE-2024-21413
Libc-GOT-Hijacking:Libc GOT表的新利用手段
https://github.com/n132/Libc-GOT-Hijacking
CVE-2024-25600:WordPress Bricks插件中的rce
https://snicco.io/vulnerability-disclosure/bricks/unauthenticated-rce-in-bricks-1-9-6
https://github.com/Chocapikk/CVE-2024-25600
CVE-2023-46214:Splunk Enterprise 中的RCE漏洞分析
https://blog.hrncirik.net/cve-2023-46214-analysis
云安全
AWS网络防火墙规则管理的自动化
https://aws.amazon.com/cn/blogs/security/how-to-automate-rule-management-for-aws-network-firewall/
EKS中的新攻击向量
https://www.wiz.io/blog/new-attack-vectors-emerge-via-recent-eks-access-entries-and-pod-identity-features
新的EKS访问管理和Pod身份功能:安全分析
https://www.wiz.io/blog/eks-cluster-access-management-and-pod-identity-security-recommendations
社工钓鱼
前端Canarytokens对抗克隆网站的钓鱼攻击
https://blog.thinkst.com/2024/01/defending-against-the-attack-of-the-cloned-websites.html
其他
PyRIT:微软发布针对生成式AI的红队自动化测试框架
https://www.microsoft.com/en-us/security/blog/2024/02/22/announcing-microsofts-open-automation-framework-to-red-team-generative-ai-systems/
aiocrioc:基于GPT4的IOC提取工具
https://github.com/referefref/aiocrioc
COLD-Attack框架:使用可控文本生成算法进行对抗性LLM攻击
https://arxiv.org/abs/2402.08679
https://github.com/Yu-Fangxu/COLD-Attack
LLM代理执行网络攻击
https://arxiv.org/abs/2402.06664
2023 年十大网络黑客技术
https://portswigger.net/research/top-10-web-hacking-techniques-of-2023
M01N Team公众号
聚焦高级攻防对抗热点技术
绿盟科技蓝军技术研究战队
官方攻防交流群
网络安全一手资讯
攻防技术答疑解惑
扫码加好友即可拉群
往期推荐
原文始发于微信公众号(M01N Team):每周蓝军技术推送(2024.2.2-2.23)
