内网渗透Spicy Shadow攻击https://x.com/alh4zr3d/status/1767211616670499154Ligolo-mp:并发隧道代理工具https://github.com/ttpreport/ligolo-mpshellfeck:受BrainF*ck启发的shell混淆工具https://github.com/CyberSecurityN00b/shellfeck围绕Microsoft SCCM错误配置的攻防矩阵和知识库https://github.com/subat0mik/Misconfiguration-Manager/终端对抗s4killer:借助BYOVD的进程终止器https://github.com/enkomio/s4killerBanshee:Windows X64内核Rootkithttps://github.com/eversinc33/BansheeWindows线程池利用深入剖析https://urien.gitbook.io/diago-lima/a-deep-dive-into-exploiting-windows-thread-poolsParasite-Invoke:.NET寄生签名程序集隐藏P/Invoke执行https://github.com/MzHmO/Parasite-Invoke.NET可执行文件结构深入分析https://intezer.com/blog/incident-response/intro-to-malware-net-executable-file/rtypes:Windows类型逆向辅助插件,包含undocument类型头文件定义https://github.com/tinysec/rtypes滥用ETW实现进攻性通
………………………………
