web安全
CVE-2024-40725&CVE-2024-40898:Apache HTTP服务器源代码泄露与SSRF漏洞
https://securityonline.info/cve-2024-40725-cve-2024-40898-apache-http-server-flaws-put-millions-of-websites-at-risk/
内网渗透
Gigaproxy:借助AWS API网关的渗透代理工具
https://github.com/Sprocket-Security/gigaproxy
终端对抗
借助未公开API进行远程会话枚举
https://0xv1n.github.io/posts/sessionenumeration/
IHxExec:Windows跨用户session代码执行技术
https://cicada-8.medium.com/process-injection-is-dead-long-live-ihxhelppaneserver-af8f20431b5d
https://github.com/CICADA8-Research/IHxExec
静默安装 Chrome 扩展以实现持久化
https://syntax-err0r.github.io/Silently_Install_Chrome_Extension.html
CobaltStrike 4.10发布,引入BeaconGate、C2主机热切换等重磅功能
https://www.cobaltstrike.com/blog/cobalt-strike-410-through-the-beacongate
TTD监控驱动配合PROCEXP驱动实现受保护进程终止
https://www.sentinelone.com/labs/fin7-reboot-cybercrime-gang-enhances-ops-with-new-edr-bypasses-and-automated-attacks/
漏洞
CVE-2024-6695:WordPress配置生成器中的未认证权限提升漏洞
https://wpscan.com/blog/unauthenticated-privilege-escalation-in-profile-builder-plugin/
https://gist.github.com/bolhasec/9d40dfb4c304189d5ef433b1594feeea
Windows 11安装程序服务中的未修复本地权限提升漏洞
https://blog.doyensec.com/2024/07/18/custom-actions.html
CVE-2024-22274:vCenter认证后远程代码执行漏洞POC
https://github.com/mbadanoiu/CVE-2024-22274
Havoc C2 TeamServer 未认证SSRF漏洞
https://blog.chebuya.com/posts/server-side-request-forgery-on-havoc-c2/
微软Dynamics 365 Business Central文件写入漏洞挖掘
https://frycos.github.io/vulns4free/2024/07/10/dynamics-ups-and-downs.html
pdf-exploit:近期pdf解析器漏洞利用生成
https://github.com/rzte/pdf-exploit
漏洞利用开发入门
https://dayzerosec.com/blog/2024/07/11/getting-started-2024.html
人工智能和安全
多智能体环境中的传染性越狱
https://arxiv.org/pdf/2402.08567v2
借助提示词注入实现跨聊天会话的chatgpt拒绝服务
https://embracethered.com/blog/posts/2024/chatgpt-persistent-denial-of-service/
SAP AI Core 漏洞,允许恶意攻击者接管服务并访问客户数据
https://www.wiz.io/blog/sapwned-sap-ai-vulnerabilities-ai-security
社工钓鱼
借助不同浏览器PDF渲染机制区别实施网络钓鱼
https://portswigger.net/research/fickle-pdfs-exploiting-browser-rendering-discrepancies
其他
使用 Red Commander 实现统一的红队自动化
https://www.youtube.com/watch?v=QbOzNxiUHzA
CrowdStrike故障影响全球用户,包括航空、媒体和银行
https://x.com/Xaaavier_8613/status/1814192758560870430
https://mashable.com/article/windows-bsod-crash-crowdstrike-update-worldwide-outage
https://www.bbc.com/news/live/cnk4jdwp49et
M01N Team公众号
聚焦高级攻防对抗热点技术
绿盟科技蓝军技术研究战队
官方攻防交流群
网络安全一手资讯
攻防技术答疑解惑
扫码加好友即可拉群
往期推荐