红队工具
各种类型 SQL 注入大集合
https://github.com/kleiton0x00/Advanced-SQL-Injection-Cheatsheet
POC bomber:一款可快速获取目标服务器权限的漏洞检测工具
https://github.com/tr0uble-mAker/POC-bomber
CVE-2021-42287/CVE-2021-42278 扫描程序
https://github.com/ricardojba/noPac
特殊PDF生成器
https://github.com/pussycat0x/malicious-pdf
开启wininet的etw事件,可用于抓取样本特征https://github.com/howmp/WinINetLogger
一个基于Golang的分布式任务调度系统
https://github.com/labulaka521/crocodile
用于渗透测试前期信息收集
https://github.com/rufherg/Web\_InfoCollector
红队文章
CVE-2021-42287/CVE-2021-42278 域内大杀器详解(正确原理版)
https://exploit.ph/cve-2021-42287-cve-2021-42278-weaponisation.html
CVE-2021-40444: Office RCE的深度技术分析
https://billdemirkapi.me/unpacking-cve-2021-40444-microsoft-office-rce/
Apple Safari 整数溢出RCE(CVE-2021-30734)-WebAssembly 功能详情分析
https://blog.ret2.io/2021/06/02/pwn2own-2021-jsc-exploit/
关于抓取明文密码的探究
GENESIS64反序列化漏洞分析
https://www.anquanke.com/post/id/264690
HTB Previse 中的重定向后执行 (EAR)
===
漏洞研究
Backdoor.Win32.Wollf.m / Authentication Bypass
http://seclists.org/fulldisclosure/2022/Jan/6
Backdoor.Win32.Fantador / Insecure Password Storage
https://seclists.org/fulldisclosure/2022/Jan/7
Backdoor.Win32.Fantador / Divide by Zero DoS
http://seclists.org/fulldisclosure/2022/Jan/8
Backdoor.Win32.Skrat / Cleartext Hardcoded Password
http://seclists.org/fulldisclosure/2022/Jan/9
Backdoor.Win32.SilentSpy.10 / Authentication Bypass Command Execution
http://seclists.org/fulldisclosure/2022/Jan/10
Backdoor.Win32.SilentSpy.10 / Authentication Race Condition
http://seclists.org/fulldisclosure/2022/Jan/11
Projeqtor 9.3.1 Cross Site Scripting
https://cxsecurity.com/issue/WLB-2022010010
Computer And Mobile Repair Shop Management 1.0 SQL Injection
https://cxsecurity.com/issue/WLB-2022010011
TRIGONE Remote System Monitor 3.61 Unquoted Service Path
https://cxsecurity.com/issue/WLB-2022010012
BeyondTrust Remote Support 6.0 Cross Site Scripting
https://cxsecurity.com/issue/WLB-2022010013
WordPress CRM Form Entries Cross Site Scripting
https://cxsecurity.com/issue/WLB-2022010014
Media k - Sql Injection Vulnerability
https://cxsecurity.com/issue/WLB-2022010015
Nettmp NNT 5.1 SQL Injection
https://cxsecurity.com/issue/WLB-2022010016
WordPress Catch Themes Demo Import Shell Upload
https://cxsecurity.com/issue/WLB-2022010017
cWifi Hotspot Wireless CP Code Execution
https://cxsecurity.com/issue/WLB-2022010018
RiteCMS 3.1.0 Arbitrary File Overwrite
https://cxsecurity.com/issue/WLB-2022010019
Hospitals Patient Records Management System 1.0 SQL Injection
https://cxsecurity.com/issue/WLB-2022010020
Easy Cart Shopping Cart 2021 Cross Site Scripting
https://cxsecurity.com/issue/WLB-2022010021
uDoctorAppointment 2.1.1 Cross Site Scripting
https://cxsecurity.com/issue/WLB-2022010022
Vodafone H-500-s 3.5.10 WiFi Password Disclosure
https://cxsecurity.com/issue/WLB-2022010024
TermTalk Server 3.24.0.2 Arbitrary File Read
https://cxsecurity.com/issue/WLB-2022010025
Affiliate Pro 1.7 Cross Site Scripting
https://cxsecurity.com/issue/WLB-2022010026
Gerapy 0.9.7 Remote Code Execution
https://cxsecurity.com/issue/WLB-2022010027
AWebServer GhostBuilding 18 Denial Of Service
https://cxsecurity.com/issue/WLB-2022010028
Powered by INSPIROXINDIA - Blind Sql Injection Vulnerability
https://cxsecurity.com/issue/WLB-2022010029
Dixell XWEB 500 Arbitrary File Write
https://cxsecurity.com/issue/WLB-2022010031
Active PHP BookMarks 1.3 - Sql Injection Vulnerability
https://cxsecurity.com/issue/WLB-2022010032
Simple Music Cloud Community System 1.0 SQL Injection
https://cxsecurity.com/issue/WLB-2022010033
Backdoor.Win32.SVC / Remote Stack Buffer Overflow
https://cxsecurity.com/issue/WLB-2022010034
Backdoor.Win32.Dsklite.a / Remote Denial of Service
https://cxsecurity.com/issue/WLB-2022010035
Backdoor.Win32.Dsklite.a / Insecure Transit
https://cxsecurity.com/issue/WLB-2022010036
Backdoor.Win32.Jtram.a / Port Bounce Scan
https://cxsecurity.com/issue/WLB-2022010037
Backdoor.Win32.Jtram.a / Insecure Credential Storage
https://cxsecurity.com/issue/WLB-2022010038
Backdoor.Win32.SVC / Directory Traversal
https://cxsecurity.com/issue/WLB-2022010040
PixelPro Designs - Sql Injection Vulnerability
https://cxsecurity.com/issue/WLB-2022010041
NEETAI TECH - Sql Injection Vulnerability
https://cxsecurity.com/issue/WLB-2022010043
XNU inm_merge Heap Use-After-Free
https://cxsecurity.com/issue/WLB-2022010044
Automox Agent 32 Local Privilege Escalation
https://cxsecurity.com/issue/WLB-2022010046
PoC for CVE-2021-25079
http://seclists.org/fulldisclosure/2022/Jan/12
Microsoft Windows SMB Direct Session Takeover
https://cxsecurity.com/issue/WLB-2022010047
openSIS Student Information System 8.0 SQL Injection
https://cxsecurity.com/issue/WLB-2022010048
Microsoft Windows 11- 'Jolt2.c' Denial of Service (MS00-029)
https://cxsecurity.com/issue/WLB-2022010049
sixdaysworks - Sql Injection Vulnerability
https://cxsecurity.com/issue/WLB-2022010050
New RCA up! CVE-2021-38000 - Chrome Intents Logic Flaw
https://googleprojectzero.github.io/0days-in-the-wild//0day-RCAs/2021/CVE-2021-38000.html
更多详情请查看原文