0x00 如题
记录2月份阅读过的有价值的文章。
0x01 顶尖内网红队的基本能力
熟悉 Impacket, Rubeus,Certipy,kekeo等AD域和ADCS 域证书工具。
https://cloud.tencent.com/developer/article/1946138 如何使用Certipy检测活动目录证书安全
https://www.cnblogs.com/dajjjjjj/articles/10796015.html Rubeus域渗透
https://www.freebuf.com/articles/network/348684.html AWS S3 Bucket子域接管实现可信钓鱼服务攻击
https://m.imooc.com/article/326488 域安全|AD CS Relay—ESC8
https://blog.compass-security.com/2022/11/relaying-to-ad-certificate-services-over-rpc/ Relaying to AD Certificate Services over RPC
0x02 顶尖外网红队的基本能力
https://zhuanlan.zhihu.com/p/516836433 Shiro与Fastjson两种不同的反序列化注入内存马姿势
0x03 攻防对抗--蓝队
http://www.hackdig.com/06/hack-701940.htm DCSync 技术的攻击和检测
https://www.netwrix.com/privilege_escalation_using_mimikatz_dcsync.html DCSync Attack Using Mimikatz Detection
https://blog.csdn.net/qq_41860201/article/details/122876693 log4j2实战复现
https://www.wangan.com/p/7fygfy821ab69036 渗透技巧 | Bypass Powershell执行策略的N种方式
Set-ExecutionPolicy Bypass -Scope Process
https://xz.aliyun.com/t/10727 一款根据ASM污点流扫描 Jsp Webshell的工具(https://github.com/flowerwind/JspFinder )
https://he1m4n6a.github.io/2019/04/01/%E5%8F%8D%E5%85%A5%E4%BE%B5%E7%AD%96%E7%95%A5%E6%80%BB%E7%BB%93-%E5%9F%BA%E7%A1%80%E4%BF%A1%E6%81%AF%E6%90%9C%E9%9B%86/ 反入侵策略总结-基础信息搜集(HIDS建设)
动态监控进程
watch -n 1 -d 'ps -ef | grep passwd'
0x04 安全产品
https://www.dynarose.com/ 微隔离--蔷薇灵动
0x05 安全运营
https://docs.splunk.com/Documentation/Splunk/9.0.3/Forwarding/Forwarddatatothird-partysystemsd Forward data to third-party systems
0x06 其他
https://blog.csdn.net/weixin_53588804/article/details/123801132 若依-Ruo Yi(分离版学习笔记)
https://hack.zkaq.cn/battle/target?id=5a768e0ca6938ffd 封神台-掌控安全在线演练靶场
https://mp.weixin.qq.com/s/2Egwbsf1RdPv52jf_g605g CVE-2023-24055 Keepass密码管理工具漏洞复现
https://cloud.tencent.com/document/product/213/65719 迁移到指定云服务器教程
https://portal.immuniweb.com/client/login/ 情报网站
https://blog.csdn.net/amhoho/article/details/107955271 华为云服务器快速迁移方案(最多十几分钟)
https://blog.csdn.net/aladinggao/article/details/121674681 【M365运维】匹配用户UPN和Email地址
881
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
