每周蓝军技术推送（2022.10.22-10.28）

https://github.com/n00py/GetFGPP

https://medium.com/@kuwaitison/active-directory-lateral-movement-and-post-exploitation-cheat-sheet-3170982a7055

https://github.com/fin3ss3g0d/cypherhound

https://github.com/D1rkMtr/PatchThatAMSI

https://github.com/bugch3ck/SharpEfsPotato

https://github.com/CodeXTF2/ScreenshotBOF

https://www.tarlogic.com/blog/token-handles-abuse-one-shell-to-handle-them-all/

https://www.mdsec.co.uk/2022/10/autodialdlling-your-way/

https://github.com/mdsecactivebreach/DragonCastle

https://github.com/H4de5-7/geacon_pro

https://medium.com/@lsecqt/creating-fully-undetectable-payload-fud-with-c-46a734837d1c

https://www.youtube.com/watch?v=Pu06zYUdpGs

https://starlabs.sg/blog/2022/10-sharepoint-post-authenticated-ssrf-vulnerability/

https://googleprojectzero.blogspot.com/2022/10/rc4-is-still-considered-harmful.html

https://medium.com/numen-cyber-labs/analysis-and-summary-of-tcp-ip-protocol-remote-code-execution-vulnerability-cve-2022-34718-8fcc28538acf

http://www.whsgwl.net/images/NtosKrnl_ALPC_UAF_AlpcpMapLegacyPortView.pdf

https://blog.doyensec.com/2022/10/18/cloudsectidbit-dataimport.html

https://www.netspi.com/blog/technical/social-engineering/bypassing-mimecast-email-defenses/

https://www.youtube.com/user/DEFCONConference/videos

https://warroom.rsmus.com/wp-content/uploads/2022/10/2022-Attack-Vectors-Report.pdf

https://github.blog/2022-10-25-why-were-excited-about-the-sigstore-general-availability/

https://openssf.org/press-release/2022/10/25/sigstore-announces-general-availability-at-sigstorecon/

https://github.com/hanoglu/TermiC