文章预览
WEB安全 利用Apache HTTP服务器中隐藏的语义歧义 https://blog.orange.tw/posts/2024-08-confusion-attacks-ch/ 内网渗透 MaLDAPtive:LDAP SearchFilter 解析/混淆/解混淆及检测框架 https://github.com/MaLDAPtive/Invoke-Maldaptive 借助SSH隧道穿越企业防火墙 https://labs.jumpsec.com/ssh-tunnelling-to-punch-through-corporate-firewalls-updated-take-on-one-of-the-oldest-lolbins/ 终端对抗 Shwmae:在特权用户上下文中滥用Windows Hello https://github.com/CCob/Shwmae ShimMe:使用OfficeClickToRun未公开结构与接口注入代码 https://github.com/deepinstinct/ShimMe .NET程序集感染与权限维持技术 https://habr.com/ru/companies/ru_mts/articles/832892/ Hookchain:借助IAT Hook、系统调用等技术重定向Windows子系统规避EDR挂钩 https://github.com/helviojunior/hookchain 使用VEH规避EDR进行进程注入 https://securityintelligence.com/x-force/using-veh-for-defense-evasion-process-injection/ DriverJack:滥用符号链
………………………………
