OSCP的Linux特权升级
[+]在Linux系统上提升特权的多种方法。
[+]深入说明了这些方法的原因和工作方式。
[+]可帮助识别Linux系统上潜在的特权升级漏洞的工具。
[+]一个免费的易受攻击的Debian Linux VM,可以在其上进行特权升级。
https://zerodaylab.s3-us-west-2.amazonaws.com/Linux+Privilege+Escalation+for+OSCP+%40zer0daylab.zip
[+]在Linux系统上提升特权的多种方法。
[+]深入说明了这些方法的原因和工作方式。
[+]可帮助识别Linux系统上潜在的特权升级漏洞的工具。
[+]一个免费的易受攻击的Debian Linux VM,可以在其上进行特权升级。
https://zerodaylab.s3-us-west-2.amazonaws.com/Linux+Privilege+Escalation+for+OSCP+%40zer0daylab.zip
对人进行调查,开源情报的一个重点。goFindWho是一个搜索平台,导航菜单按姓名、用户名、电子邮件地址和电话号码等类型进行分组查询,也就是使用的开源情报针对人员追踪的标准框架,包括跨平台追踪。当然,结果依旧取决于您的目标人的公开程度有多高,但这个框架是科学的:https://gofindwho.com/
Gofindwho
gofindwho.com - gofindwho Resources and Information.
gofindwho.com is your first and best source for all of the information you’re looking for. From general topics to more of what you would expect to find here, gofindwho.com has it all. We hope you find what you are searching for!
Airstrike Attack -加入域的Windows工作站上的FDE绕过和EoP(CVE-2021-28316) https://shenaniganslabs.io/2021/04/13/Airstrike.html
Shenanigans Labs
Airstrike Attack - FDE bypass and EoP on domain joined Windows workstations (CVE-2021-28316)
By default, domain joined Windows workstations allow access to the network selection UI from the lock screen.
An attacker with physical access to a locked device with WiFi capabilities (such as a laptop or a workstation) can abuse this functionality to force…
An attacker with physical access to a locked device with WiFi capabilities (such as a laptop or a workstation) can abuse this functionality to force…