每周蓝军技术推送（2024.2.24-3.1）

https://securityonline.info/brutespray-automatically-attempts-default-creds-on-found-services/

https://github.com/x90skysn3k/brutespray

https://xz.aliyun.com/t/13706

https://xz.aliyun.com/t/13779

https://itm4n.github.io/peap-credentials-wired-connections

https://github.com/garrettfoster13/sccmhunter/tree/v1.0.0

https://thehackernews.com/2024/02/new-silver-saml-attack-evades-golden.html

https://boostsecurityio.github.io/lotp/

https://github.com/Helixo32/CrimsonEDR

https://eversinc33.com/posts/kernel-mode-keylogging/

https://xz.aliyun.com/t/13902

https://github.com/yutianqaq/CSx4Ldr

https://github.com/orph3usLyre/muddy-waters

https://github.com/watchtowrlabs/connectwise-screenconnect_auth-bypass-add-user-poc

https://decoded.avast.io/janvojtesek/lazarus-and-the-fudmodule-rootkit-beyond-byovd-with-an-admin-to-kernel-zero-day/

https://dev.to/tutorialboy/analyzing-the-google-chrome-v8-cve-2024-0517-out-of-bounds-code-execution-vulnerability-28i3

https://github.com/ewilded/CVE-2024-25376-POC

https://xz.aliyun.com/t/13757

https://whiteknightlabs.com/2024/02/21/pivoting-from-microsoft-cloud-to-on-premise-machines/

https://aws.amazon.com/cn/blogs/security/modern-web-application-authentication-and-authorization-with-amazon-vpc-lattice/

https://bank-security.medium.com/cyber-criminals-exploit-formcrafts-to-craft-phishing-pages-3596714f8433

https://xz.aliyun.com/t/13629

https://github.com/dnakov/r2d2