梦
昨晚10点睡到早上十点,做了一个超长的梦,被tm一个贩毒集团的一直追杀,梦里差点被吓死。
Github
起床惯例,刷GitHub
提权,Linux
https://github.com/tr3ee/CVE-2022-23222
此漏洞影响Linux Kernel 5.8 - 5.16,并在5.10.92 / 5.15.15 / 5.16.1中修复。
https://github.com/RicterZ/CVE-2021-3560-Authentication-Agent
polkit 0.113引入
取证,微信解密
https://github.com/x1hy9/WeChatUserDB
https://www.52pojie.cn/thread-1084703-1-1.html
https://github.com/Mr0x01/WXDBDecrypt.NET
IPFS
https://ipfs.io/
去中心化文件系统,可匿名发布信息和文件
漏洞库
https://github.com/Threekiii/Vulnerability-Wiki
Windows c2
https://github.com/MythicAgents/Apollo
Microsoft Office Word 远程执行代码
https://github.com/lockedbyte/CVE-2021-40444
python实现的反向shell
https://github.com/t0thkr1s/revshellgen
感觉没啥用,推荐
https://github.com/WangYihang/Platypus
交互式shell
/usr/bin/script -qc /bin/bash
go web框架
https://github.com/flamego/flamego
域名预测
https://github.com/LandGrey/domainNamePredictor
红队知识仓库 *
https://github.com/Threekiii/Awesome-Redteam
https://github.com/pen4uin/awesome-pentest-note
http://wiki.tidesec.com/
https://github.com/guchangan1/All-Defense-Tool
免杀
https://github.com/Threekiii/Awesome-Redteam/blob/master/tips/内网渗透-免杀.md
https://github.com/TideSec/BypassAntiVirus
tips
https://github.com/Threekiii/Awesome-Redteam/blob/master/cheatsheets/攻防渗透常用命令速查.md
exp
https://github.com/Threekiii/Awesome-Exploit
c2服务器流量隐匿
https://github.com/wikiZ/RedGuard
tip
powershell history
%userprofile%\AppData\Roaming\Microsoft\Windows\PowerShell\PSReadline\ConsoleHost_history.txt
wifi password
for /f "skip=9 tokens=1,2 delims=:" %i in ('netsh wlan show profiles') do @echo %j | findstr -i -v echo | netsh wlan show profiles %j key=clear
Ctf tools
https://github.com/UniiemStudio/CTFever
exp
https://github.com/zangcc/Aazhen-v3.1
https://github.com/Weik1/Artillery
https://github.com/awake1t/Awesome-hacking-tools
暂时就这样吧