长亭百川云 - 文章详情

第十二周/20211220红队推送

凌晨一点零三分

43

2024-07-13


===

【特别推荐】

Zero Project:深入研究 NSO 的零点击 iMessage 漏洞

https://googleprojectzero.blogspot.com/2021/12/a-deep-dive-into-nso-zero-click.html

【漏洞研究】

Cibele Thinfinity VirtualUI 2.5.41.0 User Enumeration

https://cxsecurity.com/issue/WLB-2021120082

NETGEAR ProSafe™ Gigabit Quad WAN SSL VPN Firewall SRX5308 | SQL Injection Vulnerability

https://cxsecurity.com/issue/WLB-2021120077

Sofico Miles RIA 2020.2 Build 127964T Cross Site Scripting

https://cxsecurity.com/issue/WLB-2021120076

SAP Netweaver IUUC_RECON_RC_COUNT_TABLE_BIG ABAP Code Injection

https://cxsecurity.com/issue/WLB-2021120075

SAP Netweaver IUUC_GENERATE_ACPLAN_DELIMITER ABAP Code Injection

https://cxsecurity.com/issue/WLB-2021120074

SAP Netweaver IUUC_RECON_RC_COUNT_TABLE_BIG SQL Injection

https://cxsecurity.com/issue/WLB-2021120073

Zucchetti Axess CLOKI Access Control 1.64 Cross Site Request Forgery

https://cxsecurity.com/issue/WLB-2021120072

meterN 1.2.3 Remote Command Execution

https://cxsecurity.com/issue/WLB-2021120071

WordPress Typebot 1.4.3 Cross Site Scripting

https://cxsecurity.com/issue/WLB-2021120070

Apache Log4j2 2.14.1 Information Disclosure

https://cxsecurity.com/issue/WLB-2021120069

OpenEMR 6.0.0 / 6.1.0-dev SQL Injection

https://cxsecurity.com/issue/WLB-2021120068

【红队工具】

端口管理工具,可以根据端口号关掉进程

https://github.com/penghaojie/port

SpringBootEnvDecrypt:获取被星号脱敏的密码的明文

https://github.com/heikanet/SpringBootEnvDecrypt

CTFCrackTools:中国国内首个CTF工具框架,旨在帮助CTFer快速攻克难关

https://github.com/0Chencc/CTFCrackTools

PwdBUD:一款SRC密码生成工具,尝试top字典无果后,可以根据域名、公司名等因素来生成特定的字典

https://github.com/fcre1938/PwdBUD

ARL-NPoC:集漏洞验证和任务运行的一个框架 

https://github.com/1c3z/ARL-NPoC

【红队文章】

快速探测目标防火墙出网端口的工具化实现

https://xz.aliyun.com/t/10677

云原生之Kubernetes安全

https://mp.weixin.qq.com/s/8lhmjPtLTlVkS1Q3-6-mHA

利用log4shell传播的StealthLoader病毒分析

https://mp.weixin.qq.com/s/E8828A-1f6w\_uwB81DMF4A

Java中间件通用回显方法的问题及处理

https://blog.csdn.net/fnmsd/article/details/106890242

C语言:了解House of Einherjar

https://hackmd.io/@gand3lf/houseofeinherjar


更多详情请查看原文

相关推荐
关注或联系我们
添加百川云公众号,移动管理云安全产品
咨询热线:
4000-327-707
百川公众号
百川公众号
百川云客服
百川云客服

Copyright ©2024 北京长亭科技有限公司
icon
京ICP备 2024055124号-2