每周蓝军技术推送(2024.8.3-8.9)

科技   2024-08-09 18:03   北京  



内网渗透


BloodHoundOperator:PowerShell版BloodHound客户端

https://github.com/SadProcessor/BloodHoundOperator

https://posts.specterops.io/bloodhound-operator-dog-whispering-reloaded-156020b7c5e9


终端对抗


如何设计Guardrail载荷执行护栏

https://trustedsec.com/blog/execution-guardrails-no-one-likes-unintentional-exposure

BinarySpy:基于函数覆写的PE感染工具

https://github.com/yj94/BinarySpy

BinHol:支持函数覆写/入口函数/TLS注入的PE感染工具

https://github.com/timwhitez/BinHol

white_patch_detect:基于GS寄存器访问的PE感染通杀检测

https://github.com/huoji120/white_patch_detect

OST-C2-Spec:开源C2通讯数据结构标准

https://github.com/rasta-mouse/OST-C2-Spec

Nimplant:基于Nim语言开发的轻量级开源C2

https://github.com/chvancooten/NimPlant

https://github.com/chvancooten/conferences/blob/main/2024-08%20-%20Nimplant%20%40%20Black%20Hat%20Arsenal%202024%2FNimplant-BHUS24-Arsenal.pdf

OST工具集Stage1木马升级为OST C2

https://www.outflank.nl/blog/2024/08/07/introducing-outflank-c2-with-implant-support-for-windows-macos-and-linux/

跨平台与CPU架构的C2框架0xc2发布

https://www.0xc2.io/

https://twitter.com/cube0x0/status/1821179746480210390


漏洞


CVE-2024-38077:“狂躁许可“远程桌面服务RCE漏洞,影响主流Windows服务器版本

https://sites.google.com/site/zhiniangpeng/blogs/MadLicense

https://mp.weixin.qq.com/s/wsupxpHxddPukFQusFYj4Q

https://github.com/qi4L/CVE-2024-38077

CVE-2024-43044:Jenkins远程代码执行漏洞

https://www.jenkins.io/security/advisory/2024-08-07/

CVE-2024-21302、CVE-2024-38202:Windows系统更新降级漏洞

https://www.safebreach.com/blog/downgrade-attacks-using-windows-updates/

GhostWrite漏洞:使RISC-V CPU安全功能失效,允许低权限攻击者控制内存和外设

https://ghostwriteattack.com/

Chrome与火狐浏览器JS引擎新攻击面与4个RCE漏洞分析

https://www.blackhat.com/us-24/briefings/schedule/index.html#super-hat-trick-exploit-chrome-and-firefox-four-times-40037

V8 沙盒绕过及逃逸漏洞报告与EXP

https://github.com/xv0nfers/V8-sbx-bypass-collection


云安全


apeman:AWS攻击路径管理工具

https://github.com/hotnops/apeman

在微软Entra ID中自动滚动更新Kerberos解密密钥

https://www.cloudcoffee.ch/microsoft-azure/microsoft-entra-id-automatically-roll-over-kerberos-decryption-key/


人工智能和安全


CVE-2024-2952:LiteLLM框架模板注入漏洞

https://hackyboiz.github.io/2024/08/07/ogu123/cve-2024-2952/

微软如何借助LLM进行安全响应

https://github.com/microsoft/MSRC-Security-Research/blob/master/presentations/2024_08_BlackHatUSA/Predict%2C%20Prioritize%2C%20Patch-%20How%20Microsoft%20Harnesses%20LLMs%20for%20Security%20Response.pdf

DIANA:借助LLM自动化解析威胁情报与分析日志

https://github.com/dwillowtree/diana

利用Amazon Bedrock提升聊天机器人应用程序安全性的最佳实践

https://aws.amazon.com/cn/blogs/security/hardening-the-rag-chatbot-architecture-powered-by-amazon-bedrock-blueprint-for-secure-design-and-anti-pattern-migration/

CSA 发布《使用人工智能 (AI) 实现进攻性安全》

https://cloudsecurityalliance.org/artifacts/using-ai-for-offensive-security

NVIDIA LLM 安全团队分享一年实战安全经验总结

https://i.blackhat.com/BH-US-24/Presentations/US24-Harang-Practical-LLM-Security-Takeaways-From-Wednesday.pdf


社工钓鱼


电子邮件域名混淆攻击

https://portswigger.net/research/splitting-the-email-atom


其他


Blackhat USA 2024议题列表

https://www.blackhat.com/us-24/briefings/schedule/index.html

CrowdStrike发布蓝屏崩溃事件根本原因分析报告

https://www.crowdstrike.com/wp-content/uploads/2024/08/Channel-File-291-Incident-Root-Cause-Analysis-08.06.2024.pdf

CrowdStrike发布2024年度威胁狩猎与全球威胁分析报告

https://github.com/blackorbird/APT_REPORT/blob/master/summary/2024/crowdstrike-2024-threat-hunting-report.pdf

https://www.crowdstrike.com/global-threat-report/

Gato-X:针对Github存储库和组织的高级枚举和利用工具

https://github.com/AdnaneKhan/Gato-X

微软与NIST联合发布零信任架构实践指南

https://www.microsoft.com/en-us/security/blog/2024/08/06/how-microsoft-and-nist-are-collaborating-to-advance-the-zero-trust-implementation/

https://www.nccoe.nist.gov/sites/default/files/2024-07/zta-nist-sp-1800-35-preliminary-draft-4.pdf

开放目录如何揭示渗透工具以及针对特定地区的攻击活动

https://hunt.io/blog/pentester-or-threat-actor-open-directory-exposes-test-results-and-possible-targeting-of-government-organizations


M01N Team公众号

聚焦高级攻防对抗热点技术

绿盟科技蓝军技术研究战队

官方攻防交流群

网络安全一手资讯

攻防技术答疑解惑

扫码加好友即可拉群


往期推荐

每周蓝军技术推送(2024.7.27-8.2)

每周蓝军技术推送(2024.7.20-7.26)

每周蓝军技术推送(2024.7.13-7.19)



M01N Team
研战一体,以攻促防,共筑网络安全未来!
 最新文章