diff --git a/README.md b/README.md index d9517b2..5c60edf 100644 --- a/README.md +++ b/README.md @@ -2015,6 +2015,20 @@ - [OSCP-Human-Guide:一位播主的OSCP指南](https://github.com/six2dez/OSCP-Human-Guide) - [SQLInjectionWiki:一个专注于聚合和记录各种 SQL 注入方法的 wiki](https://github.com/NetSPI/SQLInjectionWiki) - [蓝凌OA历史漏洞](./books/蓝凌OA历史漏洞.pdf)|[备份](https://archive.ph/HTfNW) +- [对Ruoyi若依系统渗透测试总结](./books/对Ruoyi若依系统渗透测试总结.pdf) +- [玄武盾的几种绕过姿势](./books/玄武盾的几种绕过姿势.pdf) +- [SnakeYaml反序列化](./books/SnakeYaml反序列化.pdf) +- [CVE-2022-35741 Apache CloudStack SAML XXE注入](./books/CVE-2022-35741%20Apache%20CloudStack%20SAML%20XXE注入.pdf) +- [MSF多层内网渗透全过程](./books/MSF多层内网渗透全过程.pdf) +- [ThinkPHP V6.0.12LTS 反序列化漏洞的保姆级教程(含exp编写过程)](./books/ThinkPHP%20V6.0.12LTS%20反序列化漏洞的保姆级教程(含exp编写过程).pdf) +- [CVE-2022-35405 Zoho Password Manager Pro XML-RPC RCE](./books/CVE-2022-35405%20Zoho%20Password%20Manager%20Pro%20XML-RPC%20RCE.pdf) +- [DzzOffice2.02前台RCE分析](./books/某Office2.02前台RCE分析.pdf) +- [不删除_key_的CC6反序列化](./books/不删除_key_的CC6反序列化.pdf) +- [域渗透之委派攻击全集](./books/域渗透之委派攻击全集.pdf) +- [某次红蓝对抗之Solr-RCE实战绕过](./books/某次红蓝对抗之Solr-RCE实战绕过.pdf) +- [CVE-2022-0540_ Jira身份验证绕过分析](./books/CVE-2022-0540_%20Jira身份验证绕过分析.pdf) +- [WebSocket 内存马,一种新型内存马技术](./books/WebSocket%20内存马,一种新型内存马技术.pdf) +- [Mysql蜜罐反制Cobalt Strike](./books/Mysql蜜罐反制Cobalt Strike.pdf) ## 说明 diff --git a/books/CVE-2022-0540_ Jira身份验证绕过分析.pdf b/books/CVE-2022-0540_ Jira身份验证绕过分析.pdf new file mode 100644 index 0000000..e52670e Binary files /dev/null and b/books/CVE-2022-0540_ Jira身份验证绕过分析.pdf differ diff --git a/books/CVE-2022-35405 Zoho Password Manager Pro XML-RPC RCE.pdf b/books/CVE-2022-35405 Zoho Password Manager Pro XML-RPC RCE.pdf new file mode 100644 index 0000000..be49059 Binary files /dev/null and b/books/CVE-2022-35405 Zoho Password Manager Pro XML-RPC RCE.pdf differ diff --git a/books/CVE-2022-35741 Apache CloudStack SAML XXE注入.pdf b/books/CVE-2022-35741 Apache CloudStack SAML XXE注入.pdf new file mode 100644 index 0000000..6dade2e Binary files /dev/null and b/books/CVE-2022-35741 Apache CloudStack SAML XXE注入.pdf differ diff --git a/books/MSF多层内网渗透全过程.pdf b/books/MSF多层内网渗透全过程.pdf new file mode 100644 index 0000000..bb8b796 Binary files /dev/null and b/books/MSF多层内网渗透全过程.pdf differ diff --git a/books/Mysql蜜罐反制Cobalt Strike.pdf b/books/Mysql蜜罐反制Cobalt Strike.pdf new file mode 100644 index 0000000..f66fca0 Binary files /dev/null and b/books/Mysql蜜罐反制Cobalt Strike.pdf differ diff --git a/books/SnakeYaml反序列化.pdf b/books/SnakeYaml反序列化.pdf new file mode 100644 index 0000000..5e7d756 Binary files /dev/null and b/books/SnakeYaml反序列化.pdf differ diff --git a/books/ThinkPHP V6.0.12LTS 反序列化漏洞的保姆级教程(含exp编写过程).pdf b/books/ThinkPHP V6.0.12LTS 反序列化漏洞的保姆级教程(含exp编写过程).pdf new file mode 100644 index 0000000..aa0809c Binary files /dev/null and b/books/ThinkPHP V6.0.12LTS 反序列化漏洞的保姆级教程(含exp编写过程).pdf differ diff --git a/books/WebSocket 内存马,一种新型内存马技术.pdf b/books/WebSocket 内存马,一种新型内存马技术.pdf new file mode 100644 index 0000000..e3e8ed0 Binary files /dev/null and b/books/WebSocket 内存马,一种新型内存马技术.pdf differ diff --git a/books/不删除_key_的CC6反序列化.pdf b/books/不删除_key_的CC6反序列化.pdf new file mode 100644 index 0000000..929ad92 Binary files /dev/null and b/books/不删除_key_的CC6反序列化.pdf differ diff --git a/books/域渗透之委派攻击全集.pdf b/books/域渗透之委派攻击全集.pdf new file mode 100644 index 0000000..2bbf611 Binary files /dev/null and b/books/域渗透之委派攻击全集.pdf differ diff --git a/books/对Ruoyi若依系统渗透测试总结.pdf b/books/对Ruoyi若依系统渗透测试总结.pdf new file mode 100644 index 0000000..56d3707 Binary files /dev/null and b/books/对Ruoyi若依系统渗透测试总结.pdf differ diff --git a/books/某Office2.02前台RCE分析.pdf b/books/某Office2.02前台RCE分析.pdf new file mode 100644 index 0000000..0743804 Binary files /dev/null and b/books/某Office2.02前台RCE分析.pdf differ diff --git a/books/某次红蓝对抗之Solr-RCE实战绕过.pdf b/books/某次红蓝对抗之Solr-RCE实战绕过.pdf new file mode 100644 index 0000000..a02cf68 Binary files /dev/null and b/books/某次红蓝对抗之Solr-RCE实战绕过.pdf differ diff --git a/books/玄武盾的几种绕过姿势.pdf b/books/玄武盾的几种绕过姿势.pdf new file mode 100644 index 0000000..0835c12 Binary files /dev/null and b/books/玄武盾的几种绕过姿势.pdf differ