Git Product home page Git Product logo

blogs-1's Introduction

SecNote

安全笔记。构建我个人的网络安全知识框架。不断扩充中...

菜鸡在路上...

0x00 躲避检测

1 隐藏

[1] 渗透测试中的身份隐藏

2 绕过

3 免杀

[1] 基本二进制免杀

0x01 信息收集

1 人

[1] 自然人信息社工

2 企业

[1] 企业资产信息收集

0x02 入口突破

1 web服务

2 钓鱼邮件

3 字典

[1] 社工字典生成器RainCode

[2] 口令模型分析

0x03 权限提升

1 Linux提权

1.1 配置不当提权

[1] suid提权

[2] sudo提权

[3] shell脚本定时任务提权

[4] shell脚本调用权限继承提权

[5] sudo脚本篡改提权

[6] sudo脚本参数提权

[7] 环境变量劫持提权

[8] 软链接提权

1.2 漏洞提权

2 Windows提权

0x04 内网与后渗透

1 信息与数据搜集

[1] getshell后的基本信息收集

[2] 敏感数据搜集

[3] Windows常用命令行操作

2 通道构建

3 扫描探测

4 权限提升

5 横向移动

6 数据回传

7 接管域控

8 系统破坏

0x05 持久控制

1 Linux

1.1 挖矿

[1] 门罗挖矿技术研究

1.2 后门

[1] Linux $PATH劫持命令后门

[2] Linux 后门账户添加

[3] Linux SSHWrapper(过时)

[4] Linux (x)inetd后门(过时)

[5] Linux $PROMPT_COMMAND后门(过时)

[6] Linux 计划任务后门族(新)

[7] Linux SSH软链接后门(新)

[8] Linux 别名后门(新)

[9] Linux OpenSSH后门(新)

[10] Linux PAM后门(参考)

[11] Linux systemd后门

[12] Linux-fake命令偷密码(新)

[12] Linux-内存执行ELF技术总结(新)

1.3 勒索

1.4 隐蔽通信

[1] ICMP隐蔽shell-p1ngp0ng

[2] DNS隐蔽shell-DNShell

[3] NTP隐蔽shell-NTPShell

0x06 取证溯源

[1] Linux 入侵痕迹取证-1

[2] Linux 入侵痕迹取证-2

[3] Linux 入侵痕迹取证-3

[4] Windows 入侵痕迹取证

[5] 攻击溯源下的信息收集

0x07 审查对抗

1 反审查

[1] 匿名与反审查技术

[2] 隐写术

2 司法审查

blogs-1's People

Contributors

aplyc1a avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.