2022.6.10
梦 昨晚10点睡到早上十点,做了一个超长的梦,被tm一个贩毒集团的一直追杀,梦里差点被吓死。 Github 起床惯例,刷GitHub 提权,Linux https://github.com/tr3ee/CVE-2022-23222 此漏洞影响Linux Kernel 5.8 - 5.16,并在5.10.92 / 5.15.15 / 5.16.1中修复。 https://github.com/RicterZ/CVE-2021-3560-Authentication-Agent polkit 0.113引入 取证,微信解密 https://github.com/x1hy9/WeChatUserDB https://www.52pojie.cn/thread-1084703-1-1.html https://github.com/Mr0x01/WXDBDecrypt.NET IPFS https://ipfs.io/ 去中心化文件系统,可匿名发布信息和文件 漏洞库 https://github.com/Threekiii/Vulnerability-Wiki Windows c2 https://github.com/MythicAgents/Apollo Microsoft Office Word 远程执行代码 https://github.com/lockedbyte/CVE-2021-40444 python实现的反向shell https://github.com/t0thkr1s/revshellgen 感觉没啥用,推荐 https://github.com/WangYihang/Platypus 交互式shell /usr/bin/script -qc /bin/bash go web框架 https://github.com/flamego/flamego 域名预测 https://github.com/LandGrey/domainNamePredictor 红队知识仓库 * https://github.com/Threekiii/Awesome-Redteam https://github.com/pen4uin/awesome-pentest-note http://wiki.tidesec.com/ https://github.com/guchangan1/All-Defense-Tool 免杀 https://github.com/Threekiii/Awesome-Redteam/blob/master/tips/内网渗透-免杀.md https://github.com/TideSec/BypassAntiVirus tips https://github.com/Threekiii/Awesome-Redteam/blob/master/cheatsheets/攻防渗透常用命令速查.md exp https://github.com/Threekiii/Awesome-Exploit c2服务器流量隐匿 https://github.com/wikiZ/RedGuard tip powershell history %userprofile%\AppData\Roaming\Microsoft\Windows\PowerShell\PSReadline\ConsoleHost_history.txt wifi password for /f "skip=9 tokens=1,2 delims=:" %i in ('netsh wlan show profiles') do @echo %j | findstr -i -v echo | netsh wlan show profiles %j key=clear Ctf tools...