文章预览
Web安全 CVE-2024-4577:PHP CGI 参数注入远程代码执行漏洞 https://securityonline.info/cve-2024-4577-critical-php-vulnerability-exposes-millions-of-servers-to-rce/ https://devco.re/blog/2024/06/06/security-alert-cve-2024-4577-php-cgi-argument-injection-vulnerability-en/ 内网渗透 goLAPS:域内LAPS凭据检索工具 https://github.com/felmoltor/goLAPS 从备份中恢复失陷的ADCS系统 https://techcommunity.microsoft.com/t5/microsoft-security-experts-blog/recover-an-adcs-platform-from-compromise/ba-p/4120889 VirtualGHOST:识别未在vCenter/ESXI中注册的虚拟机 https://github.com/CrowdStrike/VirtualGHOST Cadiclus:适用于Linux的权限提升漏洞识别脚本 https://github.com/tjnull/pentest-arsenal/tree/main/Cadiclus smbclient-ng:基于python的SMB共享访问工具 https://github.com/p0dalirius/smbclient-ng NetWrapper:具备HTML报告导出的netexec工具封装 https://github.com/Edd13Mora/NetWrapper 终端对抗 RtlClone:使用NtCreateUserProce
………………………………
