Light

aplyc1a / blogs Goto Github PK

View Code? Open in Web Editor NEW

508.0 8.0 97.0 366 KB

PentestNotes

blogs's Introduction

SecNote

安全笔记。构建我个人的网络安全知识框架。不断扩充中...

菜鸡在路上...

0x00 躲避检测

1 隐藏

[1] 渗透测试中的身份隐藏

2 绕过

3 免杀

[1] 基本二进制免杀

0x01 信息收集

1 人

[1] 自然人信息社工

2 企业

[1] 企业资产信息收集

0x02 入口突破

1 web服务

2 钓鱼邮件

3 字典

[1] 社工字典生成器RainCode

[2] 口令模型分析

0x03 权限提升

1 Linux提权

1.1 配置不当提权

[3] shell脚本定时任务提权

[4] shell脚本调用权限继承提权

[5] sudo脚本篡改提权

[6] sudo脚本参数提权

[7] 环境变量劫持提权

[8] 软链接提权

1.2 漏洞提权

2 Windows提权

0x04 内网与后渗透

1 信息与数据搜集

[1] getshell后的基本信息收集

[2] 敏感数据搜集

[3] Windows常用命令行操作

2 通道构建

3 扫描探测

4 权限提升

5 横向移动

6 数据回传

7 接管域控

8 系统破坏

0x05 持久控制

1 Linux

1.1 挖矿

[1] 门罗挖矿技术研究

1.2 后门

[1] Linux $PATH劫持命令后门

[2] Linux 后门账户添加

[3] Linux SSHWrapper(过时)

[4] Linux (x)inetd后门(过时)

[5] Linux $PROMPT_COMMAND后门(过时)

[6] Linux 计划任务后门族（新）

[7] Linux SSH软链接后门（新）

[8] Linux 别名后门（新）

[9] Linux OpenSSH后门（新）

[10] Linux PAM后门（参考）

[11] Linux systemd后门

[12] Linux-fake命令偷密码（新）

[12] Linux-内存执行ELF技术总结（新）

1.3 勒索

1.4 隐蔽通信

[1] ICMP隐蔽shell-p1ngp0ng

[2] DNS隐蔽shell-DNShell

[3] NTP隐蔽shell-NTPShell

0x06 取证溯源

[1] Linux 入侵痕迹取证-1

[2] Linux 入侵痕迹取证-2

[3] Linux 入侵痕迹取证-3

[4] Windows 入侵痕迹取证

[5] 攻击溯源下的信息收集

0x07 审查对抗

1 反审查

[1] 匿名与反审查技术

2 司法审查

blogs's People

Contributors

Stargazers

Watchers

Forkers

fatexiyi junmars jeffchan69 lo552441 shuai19980 deadfishrx jelinet 0xbird lchjczw yuefei2015 dxy1397 muboy aidensmith09 iwshgo sswhite-404 1638185626 magischnanako svchost9913 graymongooseus gsw9393 ziiiro falledstars lingwu111 piaoxue85 eamon-cai harrychang1985 tomfansdwdf m00nt0 avgirl yearnming hanshou101 spica-p caihy05 flowerjunjie studydt jaynanzi msf-ntdll nu0l true0899 sakuradied tz0385 dagrons peterdocter ws6672 stemmm zx391324751 knightguard baitao24 qxmao237 ouyangzhichao wry-bill xiaolaomen dexter-wxy qinguoliang leizhang-hunter loph3xertoi steponeerror 3586135 zerofwen wa1ki0g evan-dhx yu47 k4ubb sec-joe werwolfz anyoneyo codedonkey55 laimiaomiap idreamsoft yuanchangjie panda1g1 dark1x geek-bigniu rebiocoder chenxizhe albertofwb songyao199681 knightcn1983 ofalwl slcnx wangkaidd harryliisme slosnow9879 acodervic ponychan s3cj0y smallzhong puier 1337g zhenpeng180 xdcs100 xia0le shijingyu lishangpeng ro0tmylove rainmanzheng

Recommend Projects

React

A declarative, efficient, and flexible JavaScript library for building user interfaces.
Vue.js

🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript

TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
TensorFlow

An Open Source Machine Learning Framework for Everyone
Django

The Web framework for perfectionists with deadlines.
Laravel

A PHP framework for web artisans
D3

Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

javascript

JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
web

Some thing interesting about web. New door for the world.
server

A server is a program made to process requests and deliver data to clients.
Machine learning

Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Visualization

Some thing interesting about visualization, use data art
Game

Some thing interesting about game, make everyone happy.

Recommend Org

Facebook

We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft

Open source projects and samples from Microsoft.
Google

Google ❤️ Open Source for everyone.
Alibaba

Alibaba Open Source for everyone
D3

Data-Driven Documents codes.
Tencent

China tencent open source team.