https://the-deniss.github.io/posts/2022/12/08/hooking-system-calls-in-windows-11-22h2-like-avast-antivirus.html
https://sensepost.com/blog/2023/browsers-cache-smuggling/
ReCrystallize Server
Cve-2024-26331 , Cve-2024-28269
https://sensepost.com/blog/2024/from-discovery-to-disclosure-recrystallize-server-vulnerabilities/
https://sensepost.com/blog/2024/mail-in-the-middle-a-tool-to-automate-spear-phishing-campaigns/
Mail in the Middle – A tool to automate spear phishing campaigns
https://blog.calif.io/p/microsoft-exchange-2010-arbitrary
我们遇到了Exchange 2016和Exchange 2010并行部署的环境。我们在Exchange Web服务(EWS)中发现了一个XML注入漏洞,该漏洞允许我们冒充任意用户并访问所有邮箱数据。该攻击仅适用于以Exchange 2016为前端,以Exchange 2010为后端的特定设置
CVE-2024-22267, CVE-2024-22268, CVE-2024-22269, CVE-2024-22270
https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24280
https://adepts.of0x.cc/proftpd-cve-2020-9273-exploit/
https://github.com/ptef/CVE-2020-9273
ProFTPd
https://adepts.of0x.cc/dlopen-from-memory-php/
使用后门插件/插件/扩展作为持久性方法是我最喜欢的技术之一,可以在破坏 Web 服务器后保持大门畅通(事实上,我在去年多次写过这个主题:XAMPP 堆栈中的后门(第一部分):PHP XAMP 堆栈中的扩展、后门(第二部分):MySQL 中的 UDF、XAMP 堆栈中的后门(第三部分):Apache 模块和改进 PHP 扩展作为持久性方法。
https://ry0dan.github.io/malware%20development/Malware-Development-Crafting-Digital-Chaos-04/
https://mp.weixin.qq.com/s/vF0xkB-j_HjI0pcQoh94KQ
浅聊CVE-2024-22120:Zabbix低权限SQL注入至RCE+权限绕过
https://codeanlabs.com/blog/research/cve-2024-4367-arbitrary-js-execution-in-pdf-js/
CVE-2024-4367
https://amalmurali.me/posts/git-rce/
Exploiting CVE-2024-32002: RCE via git clone
https://www.akamai.com/blog/security-research/spoofing-dns-by-abusing-dhcp
Honeywell ControlEdge Virtual Unit Operations Center (UOC)
https://claroty.com/team82/research/exploiting-honeywell-controledge-virtualuoc
CVE-2023-5389 (CVSS v3 评分:9.1) 和CVE-2023-5390 (5.3)
https://github.com/absholi7ly/Bypass-authentication-GitHub-Enterprise-Server
CVE-2023-43208
https://www.horizon3.ai/attack-research/attack-blogs/writeup-for-cve-2023-43208-nextgen-mirth-connect-pre-auth-rce/
https://github.com/0xda568/IconJector
Unorthodox and stealthy way to inject a DLL into the explorer using icons
https://cloud.google.com/blog/topics/threat-intelligence/china-nexus-espionage-orb-networks/
https://cloud.google.com/blog/topics/threat-intelligence/bitbucket-pipeline-leaking-secrets
文章讨论了在使用 Atlassian 的代码存储库工具 Bitbucket 时,CI/CD 管道泄露机密的情况。