攻防技战术动态一周更新 - 20250113

漏洞相关

1、Information Stealer Masquerades as LDAPNightmare (CVE-2024-49113) PoC Exploit

https://www.trendmicro.com/en_us/research/25/a/information-stealer-masquerades-as-ldapnightmare-poc-exploit.html

红队技术

1、通过代码研究空字节和无文件方式注册表隐藏技术

2、Ghost in the PPL

https://itm4n.github.io/ghost-in-the-ppl-part-1/

https://itm4n.github.io/ghost-in-the-ppl-part-2/

https://itm4n.github.io/ghost-in-the-ppl-part-3/

3、x64 Return Address Spoofing

https://hulkops.gitbook.io/blog/red-team/x64-return-address-spoofing

4、x64 Call Stack Spoofing

https://hulkops.gitbook.io/blog/red-team/x64-call-stack-spoofing

5、Tetris in a PDF

https://th0mas.nl/2025/01/12/tetris-in-a-pdf/

6、从PAGE_GUARD HOOK 到内存扫描规避

https://xz.aliyun.com/t/17046?time__1311=mqGxnD9DcDuDB0Dlr%2BG7Dy0UDOWaIrIwhpD

7、Being a good CLR host – Modernizing offensive .NET tradecraft

https://securityintelligence.com/x-force/being-a-good-clr-host-modernizing-offensive-net-tradecraft/

8、When the Hunter Becomes the Hunted: Using Minifilters to Disable EDRs

https://infosecwriteups.com/when-the-hunter-becomes-the-hunted-using-minifilters-to-disable-edrs-922b17c08282

9、The (Anti-)EDR Compendium

https://blog.deeb.ch/posts/how-edr-works/

10、How To Craft Your Own Windows x86/64 Shellcode with Visual Studio

https://xacone.github.io/custom_shellcode.html

蓝队技术

1、Detect suspicious processes running on hidden desktops

https://techcommunity.microsoft.com/blog/microsoftdefenderatpblog/detect-suspicious-processes-running-on-hidden-desktops/4072322

工具类

1、RustPotato

https://github.com/safedv/RustPotato

2、Sunder

https://github.com/ColeHouston/Sunder

Windows rootkit designed to work with BYOVD exploits

3、Rusty-PE-Packer

https://github.com/Azr43lKn1ght/Rusty-PE-Packer

4、Nyx-BlindEdr

https://github.com/k3lpi3b4nsh33/BlindEdr

A Blind EDR Project for Educational Purposes

5、EarlyCascade

https://github.com/0xNinjaCyclone/EarlyCascade/

A PoC for Early Cascade process injection technique.

6、Embed a file in HTML and have it autodownload using JavaScript

https://github.com/redteamronin/EmbedInHTML

7、blindsight

https://github.com/0xdea/blindsight

Red teaming tool to dump LSASS memory, bypassing basic countermeasures.

8、PendingFileRenameOperations + Junctions EDR Disable

https://github.com/rad9800/FileRenameJunctionsEDRDisable

9、Draugr

https://github.com/NtDallas/Draugr

BOF with Synthetic Stackframe

10、ESXi Testing Toolkit

https://github.com/AlbinoGazelle/esxi-testing-toolkit

11、Maestro

https://github.com/Mayyhem/Maestro

Abusing Intune for Lateral Movement over C2

其他类

1、