每周蓝军技术推送（2022.12.17-12.23）

https://tttang.com/archive/1865/

https://mp.weixin.qq.com/s/Y8MP_QEFPi4uO7PfLwzHdg

https://www.kaidojarvemets.com/audit-active-directory-certificate-services-using-microsoft-sentinel/

https://github.com/Idov31/Venom

https://cymulate.com/blog/blindside-a-new-technique-for-edr-evasion-with-hardware-breakpoints

https://github.com/gh0x0st/wanderer

https://github.com/namazso/linux_injector

https://ghoulsec.medium.com/reddev-5-rundll32-com-hijack-executor-in-c-40b632fc7e37

https://rtx.meta.security/post-exploitation/2022/12/19/In-Memory-Execution-in-macOS.html

https://www.rapid7.com/blog/post/2022/12/21/cve-2022-41080-cve-2022-41082-rapid7-observed-exploitation-of-owassrf-in-exchange-for-rce/

https://www.willsroot.io/2022/12/entrybleed.html

https://exploiter.dev/blog/2022/CVE-2022-2602.html

https://blog.hacktivesecurity.com/index.php/2022/12/21/cve-2022-2602-dirtycred-file-exploitation-applied-on-an-io_uring-uaf/

https://www.microsoft.com/en-us/security/blog/2022/12/19/gatekeepers-achilles-heel-unearthing-a-macos-vulnerability/

https://medium.com/@numencyberlabs/using-leaking-sentinel-value-to-bypass-the-latest-chrome-v8-hardenprotect-c4ed40e3d34f

https://www.archcloudlabs.com/projects/cve-2022-23093/

https://posts.bluraven.io/detecting-azure-ad-account-takeover-attacks-b2652bb65a4c

https://mp.weixin.qq.com/s/Jwwd5ailKNhwR57ACXB1kQ

https://blog.lightspin.io/aws-ecr-public-vulnerability

https://github.com/certsocietegenerale/IRM

https://github.com/mgeeky/msidump