内网渗透
Group Policy易受攻击的配置分析与风险探讨
https://decoder.cloud/2024/11/26/group-policy-nightmares-pt2/
KrbRelayEx:Kerberos AP-REQ票据中间人攻击工具
https://github.com/decoder-it/KrbRelayEx
ShadowHound:使用PowerShell进行Active Directory枚举的脚本集合
https://github.com/Friends-Security/ShadowHound
GPOHunter:分析Active Directory GPO的安全评估工具
https://github.com/PShlyundin/GPOHunter
reg_snake:Python工具与WMI StdRegProv交互
https://github.com/0xthirteen/reg_snake
利用iDRAC访问提升到域管理员权限
https://infosecwriteups.com/idrac-to-domain-admin-4acb89391070
终端对抗
Hooka:多功能Shellcode加载器生成器
https://github.com/D3Ext/Hooka
利用Godot游戏引擎加载恶意软件的隐蔽技术分析
https://research.checkpoint.com/2024/gaming-engines-an-undetected-playground-for-malware-loaders/
Eclipse:激活上下文劫持以加载任意DLL
https://github.com/Kudaes/Eclipse
Enumprotections_BOF:用于枚举系统进程及其保护级别的BOF工具
https://github.com/Octoberfest7/Enumprotections_BOF
BootExecuteEDR:利用BootExecute机制抢先启动二进制绕过EDR
https://github.com/rad9800/BootExecuteEDR
无代码注入的CryptProtectMemory
https://blog.slowerzs.net/posts/cryptdecryptmemory/
Nighthawk 0.3.3发布:增强内存隐匿和Python API功能
https://www.mdsec.co.uk/2024/11/nighthawk-0-3-3-evanesco/
UDRL、SleepMask与BeaconGate:Cobalt Strike反射加载与自定义避障技术探讨
https://rastamouse.me/udrl-sleepmask-and-beacongate/
微软威胁情报ETW新增支持识别令牌假冒攻击分析
https://jsecurity101.medium.com/behind-the-mask-unpacking-impersonation-events-fca909e08d00
漏洞相关
CVE-2024-38193:Windows afd.sys驱动LPE漏洞分析与利用
https://blog.exodusintel.com/2024/12/02/windows-sockets-from-registered-i-o-to-system-privileges/
CVE-2024-38144:windows ksthunk.sys驱动整数溢出漏洞分析
https://ssd-disclosure.com/ssd-advisory-ksthunk-sys-integer-overflow-pe/
RomCom利用Firefox和Windows零日漏洞进行攻击
https://www.welivesecurity.com/en/eset-research/romcom-exploits-firefox-and-windows-zero-days-in-the-wild/
云安全
AWS SSO中PKCE认证实施分析与安全性讨论
https://blog.christophetd.fr/pkce-aws-sso/
人工智能和安全
LLM防火墙不足以保障 AI 安全
https://securiti.ai/blog/llm-firewalls-are-not-enough-for-ai-security/
深入探讨LLM护栏
https://community.datascience.hp.com/artificial-intelligence-62/a-deep-dive-into-llm-guardrails-250
通过红队挑战解析对抗性机器学习攻击
https://boschko.ca/adversarial-ml/
DeepSeek AI通过提示注入实现账户接管漏洞分析
https://embracethered.com/blog/posts/2024/deepseek-ai-prompt-injection-to-xss-and-account-takeover/
HackSynth:用于自主渗透测试的LLM代理和评估框架
https://arxiv.org/abs/2412.01778
社工钓鱼
微软365反钓鱼措施更新及绕过探讨
https://certitude.consulting/blog/en/exploring-anti-phishing-measures-inmicrosoft-365-pt-2
攻击者利用损坏的ZIP和Office文档规避防病毒和邮件网关检测
https://thehackernews.com/2024/12/hackers-use-corrupted-zips-and-office.html
https://x.com/anyrun_app/status/1861024182210900357
其他
Censeye:帮助研究人员测绘类似目标主机
https://github.com/Censys-Research/censeye
BitLocker密钥提取方法及安全性分析
https://blog.nviso.eu/2024/11/26/wake-up-and-smell-the-bitlocker-keys/
M01N Team公众号
聚焦高级攻防对抗热点技术
绿盟科技蓝军技术研究战队
官方攻防交流群
网络安全一手资讯
攻防技术答疑解惑
扫码加好友即可拉群
往期推荐
每周蓝军技术推送(2024.11.23-11.29)
每周蓝军技术推送(2024.11.16-11.22)
每周蓝军技术推送(2024.11.9-11.15)
如有侵权请联系:admin#unsafe.sh