【漏洞研究】
=============
https://cxsecurity.com/issue/WLB-2021120088
https://cxsecurity.com/issue/WLB-2021120089
https://cxsecurity.com/issue/WLB-2021120090
https://cxsecurity.com/issue/WLB-2021120091
https://cxsecurity.com/issue/WLB-2021120092
https://cxsecurity.com/issue/WLB-2021120093
https://cxsecurity.com/issue/WLB-2021120094
https://cxsecurity.com/issue/WLB-2021120095
https://cxsecurity.com/issue/WLB-2021120096
https://cxsecurity.com/issue/WLB-2021120097
https://cxsecurity.com/issue/WLB-2021120098
生成各方面AD报告,便于进行安全管理或咨询。
https://github.com/ziesemer/ad-privileged-audit#execution
SQLbit - 基于布尔盲注的自动化脚本
https://github.com/Sunlight-Rim/sqlbit
https://github.com/daddycocoaman/turdshovel
https://github.com/S3cur3Th1sSh1t/MultiPotato
攻防资产处理小工具,便于筛选有价值资产
https://github.com/dr0op/bufferfly
原生JNDI注入漏洞的高版本JDKBypass利用
https://github.com/exp1orer/JNDI-Inject-Exploit
辅助攻防项目快速打点的综合工具
https://github.com/P1-Team/AlliN
【红队文章】
https://infosecwriteups.com/hacking-microservices-for-fun-and-bounty-5cc302769e94
Auerswald PBX 固件后门分析
https://blog.redteam-pentesting.de/2021/inside-a-pbx/
https://payloads.online/archivers/2020-07-16/1/
更多详情请查看原文