每周蓝军技术推送(2024.6.8-6.14)

科技   科技   2024-06-14 18:02   北京  


Web安全


CVE-2024-4577:PHP CGI参数注入漏洞的Nuclei模板POC

https://github.com/huseyinstif/CVE-2024-4577-Nuclei-Template


 内网渗透


Conpass:持续进行密码喷射攻击而规避锁定风险

https://github.com/login-securite/conpass

https://en.hackndo.com/password-spraying-lockout/

MAT:MSSQL服务器漏洞扫描与利用

https://github.com/SySS-Research/MAT

chromedb:无需启动浏览器,直接读取Chrome浏览器数据

https://github.com/noperator/chromedb

针对F5 Big-IP的root权限提升与后渗透利用

https://offsec.almond.consulting/post-exploiting-f5-BIG-IP.html

Windows Server 2025起将逐渐移除NTLM认证支持

https://learn.microsoft.com/en-us/windows-server/get-started/removed-deprecated-features-windows-server-2025


终端对抗


RflDllOb:自定义反射DLL与注入器项目

https://github.com/oldboy21/RflDllOb

https://oldboy21.github.io/posts/2023/12/all-i-want-for-christmas-is-reflective-dll-injection/

MDE_Enum:Window Defender ASR规则提取工具

https://github.com/0xsp-SRD/MDE_Enum

Disable-TamperProtection:禁用Windows Defender防篡改功能

https://github.com/AlteredSecurity/Disable-TamperProtection

File-Tunnel:借助文件隧道打通TCP连接

https://github.com/fiddyschmitt/File-Tunnel

借助合法取证工具绕过EDR读取NTDS.dit

https://medium.com/@0xcc00/bypassing-edr-ntds-dit-protection-using-blueteam-tools-1d161a554f9f

编写自己的C#混淆器

https://www.ribbiting-sec.info/posts/2024-06-05_csharp_obfuscator/

深入剖析Window内核Secure Image对象

https://connormcgarr.github.io/secure-images/

TrustedSec武器、POC存储库

https://github.com/trustedsec/The_Shelf

https://trustedsec.com/blog/introducing-the-shelf


漏洞相关


CVE-2024-29824:Ivati EPM SQL注入RCE漏洞POC

https://www.horizon3.ai/attack-research/attack-blogs/cve-2024-29824-deep-dive-ivanti-epm-sql-injection-remote-code-execution-vulnerability/

https://github.com/horizon3ai/CVE-2024-29824

CVE-2024-29849:Veeam 企业认证管理器认证绕过漏洞POC

https://summoning.team/blog/veeam-enterprise-manager-cve-2024-29849-auth-bypass/

https://github.com/sinsinology/CVE-2024-29849


云安全


基于云的身份渗透攻击

https://github.com/LearningKijo/SecurityResearcher-Note/blob/main/SecurityResearcher-Note-Folder/Day16-CloudId-Exfiltration-AttackReport-Part1.md

Windows EntraId缓存凭据爆破风险及原理分析

https://www.synacktiv.com/en/publications/whfb-and-entra-id-say-hello-to-your-new-cache-flow

https://github.com/synacktiv/CacheData_decrypt

Azure 云令牌盗窃技术思维导图

https://rootsecdev.medium.com/introduction-to-azure-cloud-token-theft-mindmap-v1-22d015cb5ee8

CI/CD攻击研究资源整合仓库

https://github.com/TupleType/awesome-cicd-attacks


人工智能和安全


新型攻击技术“Sleepy Pickle”瞄准机器学习模型

https://thehackernews.com/2024/06/new-attack-technique-sleepy-pickle.html

https://blog.trailofbits.com/2024/06/11/exploiting-ml-models-with-pickle-file-attacks-part-1/

如何针对特定任务微调模型,以IDA反编译插件为例

https://www.atredis.com/blog/2024/6/3/how-to-train-your-large-language-model

https://github.com/atredispartners/aidapal


社工钓鱼


如何提升钓鱼网站域名的可信度

https://posts.specterops.io/one-phish-two-phish-red-teams-spew-phish-1a2f02010ed7

Evilginx网络钓鱼基础设施部署指南

https://github.com/An0nUD4Y/Evilginx-Phishing-Infra-Setup


其他


Defender XDR检测隐藏桌面上运行的可疑进程 

https://techcommunity.microsoft.com/t5/microsoft-defender-for-endpoint/detect-suspicious-processes-running-on-hidden-desktops/ba-p/4072322

BoxedApp商业加壳器在野滥用态势与技术分析

https://research.checkpoint.com/2024/inside-the-box-malwares-new-playground/

能在大部分Linux系统执行的静态链接工具集

https://github.com/soxrok2212/ubiquity-toolkit

深入了解F5 Secure Vault机制

https://offsec.almond.consulting/deep-diving-f5-secure-vault.html

JA4+流量指纹特征数据库

https://ja4db.com/

omakub:Ubuntu系统一键安全加固脚本

https://github.com/basecamp/omakub


M01N Team公众号

聚焦高级攻防对抗热点技术

绿盟科技蓝军技术研究战队

官方攻防交流群

网络安全一手资讯

攻防技术答疑解惑

扫码加好友即可拉群


往期推荐

每周蓝军技术推送(2024.6.1-6.7)

每周蓝军技术推送(2024.5.25-5.31)

每周蓝军技术推送(2024.5.18-5.24)

M01N Team
研战一体,以攻促防,共筑网络安全未来!
 最新文章