admin/Penetration_Testing_POC
1
0
Fork 0
mirror of https://github.com/Mr-xn/Penetration_Testing_POC.git synced 2025-08-13 03:17:26 +00:00
Code Issues Packages Projects Releases Wiki Activity

add Freeze:使用多种技术绕过 EDR类产品加载 shellcode&Invoke-PrintDemon:利用打印机漏洞通过 PowerShell 脚本将任意文件编码成base64后解码写入任意目录,比如system 目录&VcenterKiller:一款针对Vcenter的综合利用工具

Browse Source
This commit is contained in:
Mrxn 2022-10-05 20:06:30 +08:00
parent 6f3308c371
commit 89b0ca87ae
1 changed files with 3 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
README.md
View File

@ -1639,6 +1639,9 @@
- [log4j_detect类似于所谓的rasp的通过java native agent检测log4j的漏洞利用检测工具](https://github.com/huoji120/log4j_detect)
- [srdi-rsRusty Shellcode 反射 DLL 注入](https://github.com/memN0ps/srdi-rs)
- [KnownDllUnhook将当前加载的模块的 .txt 部分从 \KnownDlls\ 替换来绕过 edr](https://github.com/ORCx41/KnownDllUnhook)
- [Invoke-PrintDemon利用打印机漏洞通过 PowerShell 脚本将任意文件编码成base64后解码写入任意目录,比如system 目录](https://github.com/wh0Nsq/Invoke-PrintDemon)
- [VcenterKiller一款针对Vcenter的综合利用工具包含目前最主流的CVE-2021-21972、CVE-2021-21985以及CVE-2021-22005提供一键上传webshell命令执行或者上传公钥使用SSH连接](https://github.com/Schira4396/VcenterKiller)
- [Freeze使用多种技术绕过 EDR类产品加载 shellcode](https://github.com/optiv/Freeze)
## <span id="head8"> 文章/书籍/教程相关</span>