长亭百川云 - 文章详情

第二周/20211108红队推送

凌晨一点零三分

44

2024-07-13


===

【漏洞研究】

=============

无法代码审计的隐形漏洞“Trojan Source”

https://krebsonsecurity.com/2021/11/trojan-source-bug-threatens-the-security-of-all-code/

Linux TIPC 模块内核漏洞 RCE(CVE-2021-43267)

https://thehackernews.com/2021/11/critical-rce-vulnerability-reported-in.html

PHP Event Calendar 存储型XSS(CVE-2021-42078)

https://seclists.org/fulldisclosure/2021/Nov/24

Writeup:Linux kernel v5.8 - v5.13.13 [CVE-2021-34866]

https://blog.hexrabbit.io/2021/11/03/CVE-2021-34866-writeup/

Writeup:Chrome V8 [CVE-2021-38001]

https://github.com/vngkv123/articles/blob/main/CVE-2021-38001.md

===

【红队工具】

RedTeam Toolkit:基于Django制作的开源红队工具包

https://securityonline.info/redteam-toolkit-the-useful-offensive-tools/

aDLL:自动检测DLL挟持漏洞的二进制分析工具

https://github.com/ideaslocas/aDLL

HandleKatz:内存混淆转储工具

https://github.com/codewhitesec/HandleKatz

PowerShellRunner:绕过Defender的WinAPI利用脚本

https://github.com/dievus/PowerShellRunner

SMBeagle:排查内部SMB弱权限文件共享资源

https://github.com/punk-security/SMBeagle#usage

LDAP Monitor:实时监控 LDAP 对象的创建、删除和更改

https://github.com/p0dalirius/LDAPmonitor

全网黑IP收集

https://github.com/AttackTeamFamily/blackip

自动JAVA代码审计工具

https://github.com/EmYiQing/CodeInspector

【红队文章】

卡巴斯基针对恶意钓鱼和垃圾电邮的第三季度报告

https://securelist.com/spam-and-phishing-in-q3-2021/104741/

域接管漏洞五大场景及防护建议

https://redhuntlabs.com/blog/5-ways-to-exploit-a-domain-takeover-vulnerability.html

Achieving LFI to RCE

https://twitter.com/i/web/status/1455412396256686082

DCOM滥用于Cobalt Strike横向移动

https://www.pentestpartners.com/security-blog/dcom-abuse-and-lateral-movement-with-cobalt-strike/

对恶意软件conti的横向技术分析及防护建议 - Part 1

https://www.unh4ck.com/detection-engineering-and-threat-hunting/lateral-movement/detecting-conti-cobaltstrike-lateral-movement-techniques-part-1


更多详情请查看原文

相关推荐
关注或联系我们
添加百川云公众号,移动管理云安全产品
咨询热线:
4000-327-707
百川公众号
百川公众号
百川云客服
百川云客服

Copyright ©2024 北京长亭科技有限公司
icon
京ICP备 2024055124号-2