Persistsolution - Sql Injection Vulnerability
https://cxsecurity.com/issue/WLB-2021120005
WordPress Plugin DZS Zoomsounds 6.45 Arbitrary File Read (Unauthenticated)(CVE-2021-39316)
https://cxsecurity.com/issue/WLB-2021120012
WordPress DZS Zoomsounds 6.45 Arbitrary File Read:
https://cxsecurity.com/issue/WLB-2021120021
WordPress Plugin Slider by Soliloquy 2.6.2 - 'title' Stored Cross Site Scripting (XSS) (Authenticated)
https://cxsecurity.com/issue/WLB-2021120019
Auerswald COMfortel 1400/2600/3600 IP Authentication Bypass(CVE-2021-40856)
https://seclists.org/fulldisclosure/2021/Dec/9
Ubuntu Overlayfs Local Privilege Escalation(CVE-2021-3493)
https://cxsecurity.com/issue/WLB-2021120022
Backdoor.Win32.Vernet.axt / Insecure Permissions(MVID-2021-0413)
https://seclists.org/fulldisclosure/2021/Dec/5
Backdoor.Win32.Bionet.10 / Authentication Bypass RCE(MVID-2021-0414)
https://seclists.org/fulldisclosure/2021/Dec/6
一个在 Linux 6pack 驱动程序中存在 16 年的漏洞分析:CVE-2021-42008
https://syst3mfailure.io/sixpack-slab-out-of-bounds
VMware vCenter (测试于7.0.2.00100) SSRF + XSS 未经授权任意文件读取
https://mp.weixin.qq.com/s/pWoInwVDM8p0ZL0hNWgK3Q
ThePhish: 钓鱼邮件自动分析工具
https://securityonline.info/thephish-automated-phishing-email-analysis-tool/
XMGoat – Azure开源渗透测试工具
https://www.xmcyber.com/xmgoat-an-open-source-pentesting-tool-for-azure/
EDRHunt: 扫描 Windows 服务、驱动程序、进程、注册表以查找已安装的 EDR
https://github.com/FourCoreLabs/EDRHunt
开源、轻量、快速、跨平台 的红队内外网打点扫描器
https://github.com/redtoolskobe/scaninfo
一款可以探测Chrome插件的前端工具
https://github.com/neargle/crx-scouter
Proxy pool: Python爬虫代理IP池
https://github.com/jhao104/proxy\_pool
关于DLL注入
https://infosecwriteups.com/dll-injection-dllinjector-d1b30c6760eb?source=rss----7b722bfd1b8d---4
Popping iOS <=14.7 with IOMFB
https://www.reddit.com/r/ReverseEngineering/comments/r5n5pq/popping\_ios\_147\_with\_iomfb/
SSRF漏洞利用与getshell实战(精选)
https://mp.weixin.qq.com/s/SGrZIhKmOdpmRE3cmb_XkA
分享一些更快速的刷SRC赏金的自动化挖洞技巧命令和工具协同
https://github.com/taielab/Taie-Bugbounty-killer
渗透工具实战技巧大合集
https://mp.weixin.qq.com/s/Y32hTQV-ggYFaHZ_p-p7Wg
钓鱼与社工系列之某信聊天记录解密
https://skewwg.github.io/2021/06/15/diao-yu-yu-she-gong-xi-lie-zhi-wei-xin-liao-tian-ji-lu-jie-mi/