文章预览
内网渗透 Invoke-ADEnum:自动化AD枚举工具 https://github.com/Leo4j/Invoke-ADEnum AD域内权限维持技术研究 https://www.huntandhackett.com/blog/how-to-achieve-eternal-persistence https://www.huntandhackett.com/blog/how-to-achieve-eternal-persistence-part-2 https://www.huntandhackett.com/blog/how-to-achieve-eternal-persistence-part-3 利用SCCM绕过防御进行横向移动 https://www.guidepointsecurity.com/blog/sccm-exploitation-evading-defenses-and-moving-laterally-with-sccm-application-deployment 利用.NET Profiler进行横向移动 https://posts.specterops.io/lateral-movement-with-the-net-profiler-8772c86f9523 https://github.com/MayerDaniel/profiler-lateral-movement 终端对抗 VOIDGATE:借助VEH和汇编指令加密规避内存扫描 https://github.com/vxCrypt0r/Voidgate 睡眠状态Beacon识别工具 https://github.com/thefLink/Hunt-Sleeping-Beacons 恶意Windows进程、线程异常状态识别 https://www.trustedsec.com/blog/windows-processes-nefarious-an
………………………………
