鹏组安全 | 2022年精华文章汇总

admin 2023年1月3日11:48:46评论65 views字数 11082阅读36分56秒阅读模式
2022年的文章中,你喜欢哪篇?你又错过了哪些搬家攻略和生活小技巧?

把历史精华文章分类总结了下,给朋友们画画重点,如果有看到自己落下的文章,今天就一次性补上。

鹏组安全

2022年年度精华文章

漏洞复现类

常见渗透靶场整理以及安装方法

https://mp.weixin.qq.com/s?__biz=Mzg5NDU3NDA3OQ==&mid=2247486130&idx=1&sn=dedccbd90507158ade34f292f0a33899&chksm=c01cc622f76b4f34bb2d7ee926f0440f2979e462183d88aa1a613b7314c8b8e7ca9700effc1c&token=1023699121&lang=zh_CN#rd

web渗透测试靶场集成&知识构成

https://mp.weixin.qq.com/s?__biz=Mzg5NDU3NDA3OQ==&mid=2247486621&idx=1&sn=f113e248013360002512ad270dcaa743&chksm=c01cc00df76b491b15ae24d8c28d9ea7cde9eb87093e8fb85b4942e1a0d857d44f05c592cf69&token=1023699121&lang=zh_CN#rd
第一次申请CVE的全过程
https://mp.weixin.qq.com/s?__biz=Mzg5NDU3NDA3OQ==&mid=2247487264&idx=1&sn=6195aa9bd9a0e287948114266f22eb2e&chksm=c01cc3b0f76b4aa68a6e837c4bbeb782fab38e03def6685a918938015f5623e75fbccb40295c&token=1023699121&lang=zh_CN#rd

皓峰防火墙存在多个漏洞&复现

https://mp.weixin.qq.com/s?__biz=Mzg5NDU3NDA3OQ==&mid=2247486916&idx=1&sn=984c77b45bd8cd9d4c18e6d4e48f7a77&chksm=c01cc154f76b4842794057c17d6d4d2b53d511086f7a1b2179f18b013ecb10d0130b11e21b30&token=1023699121&lang=zh_CN#rd

struts2-061&062漏洞

https://mp.weixin.qq.com/s?__biz=Mzg5NDU3NDA3OQ==&mid=2247486687&idx=1&sn=ab7b1e40f3519a658fa6c36aceeae6b3&chksm=c01cc04ff76b495916019e87d5bd72c84029fc866bd0b4ac70b2a22209bbd6b7809717ce7d55&token=1023699121&lang=zh_CN#rd

Windows 后台打印程序(Print Spooler)特权提升漏洞

https://mp.weixin.qq.com/s?__biz=Mzg5NDU3NDA3OQ==&mid=2247486558&idx=1&sn=ee0c6deb01212892fa347d0176049797&chksm=c01cc0cef76b49d8332f824ef5d9e63256faefa6afaa5dbf39b11314f21edbf2bd79f647700a&token=1023699121&lang=zh_CN#rd
向日葵远控软件存在远程代码执行漏洞
https://mp.weixin.qq.com/s?__biz=Mzg5NDU3NDA3OQ==&mid=2247486195&idx=1&sn=409242dddceb5e1b09c849dba22b6aae&chksm=c01cc663f76b4f75b1f145c443028240c6a4fb7c6c99d698fe312a6dbfd9b3a0e274a80a52e1&token=1023699121&lang=zh_CN#rd
CVE-2021-4034 pkexec 本地提权复现
https://mp.weixin.qq.com/s?__biz=Mzg5NDU3NDA3OQ==&mid=2247486022&idx=1&sn=dc8d115073d3dfdf995594fb72cec0cd&chksm=c01cc6d6f76b4fc072709ae5db75d924fa782c03e8357d2d21d11e0db66b1787e58460a03136&token=1023699121&lang=zh_CN#rd

F5 BIG-IP-RCE (CVE-2022-1388)

https://mp.weixin.qq.com/s?__biz=Mzg5NDU3NDA3OQ==&mid=2247486786&idx=1&sn=1c6422a5c67a30f671b47603829a06f4&chksm=c01cc1d2f76b48c4d60fbf843195c86056e209e3ccedbe670c8926e04e740e39868a6f56db6a&token=1023699121&lang=zh_CN#rd
Apache APISIX 存在改写 X-REAL-IP header (CVE-2022-24112)
https://mp.weixin.qq.com/s?__biz=Mzg5NDU3NDA3OQ==&mid=2247486402&idx=1&sn=6e2c82f8142ec04d0f6638c3254045d0&chksm=c01cc752f76b4e447dc8937a109673b00607083598c73785c2070cc4e047e358a9ae5fc858b1&token=1023699121&lang=zh_CN#rd
浅谈ssrf及weblogic ssrf复现
https://mp.weixin.qq.com/s?__biz=Mzg5NDU3NDA3OQ==&mid=2247485902&idx=1&sn=d411160da4d87acc92b27ee90b427ad8&chksm=c01cc55ef76b4c482394b6ea491ba3fab704dd258bc9069964e93772ea00f24d71509f27242e&token=1023699121&lang=zh_CN#rd
spring_cloud_RCE
https://mp.weixin.qq.com/s?__biz=Mzg5NDU3NDA3OQ==&mid=2247486478&idx=1&sn=f9aa8049359bbab78d210bc07221bc03&chksm=c01cc09ef76b4988f5428597a0c924ef1804dde70547069a8481c279df081ef165d3a48d547f&token=1023699121&lang=zh_CN#rd
DVR登录绕过漏洞&&phpstudy后门rce
https://mp.weixin.qq.com/s?__biz=Mzg5NDU3NDA3OQ==&mid=2247486418&idx=1&sn=b81788d7331f4ddfcb245c5519319baa&chksm=c01cc742f76b4e54ea99952d2607c09c5489ce48e429d3911d3440b6ab2733b7dcdbf0f4a959&token=1023699121&lang=zh_CN#rd
常见Web源码泄露总结
https://mp.weixin.qq.com/s?__biz=Mzg5NDU3NDA3OQ==&mid=2247486531&idx=1&sn=f868165f5a9ea954294490dfed8edd4c&chksm=c01cc0d3f76b49c5f7ca69ead3e72f4a04a79bd7d4d6166db5a4dc990fa1d9e86d33e0058e46&token=1023699121&lang=zh_CN#rd
SQLserver攻击手册(一)
https://mp.weixin.qq.com/s?__biz=Mzg5NDU3NDA3OQ==&mid=2247485853&idx=1&sn=28c32c1c7ad4c5266d423e7548542326&chksm=c01cc50df76b4c1ba1b875cdf7b8b82ad79f5d54bb972cb782b2066dccdb086894646d8c245b&token=1023699121&lang=zh_CN#rd

实战类

linux实战清理挖矿病毒
https://mp.weixin.qq.com/s?__biz=Mzg5NDU3NDA3OQ==&mid=2247488142&idx=1&sn=56f02c196bf71d8c8d4e82068611ef18&chksm=c01cde1ef76b570836789ee0fc5fcae8db4ec7cb7e7cff338b1acaf6ccfad318d3c4095127cf&token=1023699121&lang=zh_CN#rd

ATT&CK实战系列-从web打点到内网游荡

https://mp.weixin.qq.com/s?__biz=Mzg5NDU3NDA3OQ==&mid=2247487909&idx=1&sn=219b510a0a35e3f51128ee1b862ddb86&chksm=c01cdd35f76b54232a0c12f769da6582f5bd84b653ac29996103a3e27e9b6565f707af2c9f2a&token=1023699121&lang=zh_CN#rd
记一次对某外挂辅助网站的getshell
https://mp.weixin.qq.com/s?__biz=Mzg5NDU3NDA3OQ==&mid=2247486892&idx=1&sn=4f7405eb7a8a2ff4a2c67ec2ef7742af&chksm=c01cc13cf76b482af7ff96492b99f3e87d72dc32c5b35e87958c0428094978859233eba7f0f7&token=1023699121&lang=zh_CN#rd
近源攻击之BadUSB
https://mp.weixin.qq.com/s?__biz=Mzg5NDU3NDA3OQ==&mid=2247486727&idx=1&sn=1a478e961b08ece2e61b7f8e52b590d2&chksm=c01cc197f76b4881520bf51be1f7071ec55fbf85d5d09ccffcc954647456cdc82a1836f9fd13&token=1023699121&lang=zh_CN#rd
sql注入-Bypass安全狗
https://mp.weixin.qq.com/s?__biz=Mzg5NDU3NDA3OQ==&mid=2247488083&idx=1&sn=b9a86499781c8386cf4d0df78833837a&chksm=c01cdec3f76b57d5c8594283148b669ba50d7c5b0b44f5b4d074f2fce1cfcef2d1fa3fbdbf8d&token=1023699121&lang=zh_CN#rd
记一次授权的渗透测试
https://mp.weixin.qq.com/s?__biz=Mzg5NDU3NDA3OQ==&mid=2247487467&idx=1&sn=66df556f4c751110286fb5f9768e7e89&chksm=c01cc37bf76b4a6d7d1581a21f19d2734a06efca04e740adff553c559370d51c5708b782a1bc&token=1023699121&lang=zh_CN#rd
记一次渗透测试(绕过某塔)
https://mp.weixin.qq.com/s?__biz=Mzg5NDU3NDA3OQ==&mid=2247486366&idx=1&sn=011d34f26f0c4e65bf65879ec85e4082&chksm=c01cc70ef76b4e18196aa24a84fe1e5ec65140523025b4a2fb2fae3423c8c416ce9909731544&token=1023699121&lang=zh_CN#rd

工具脚本类

web指纹识别脚本
https://mp.weixin.qq.com/s?__biz=Mzg5NDU3NDA3OQ==&mid=2247488121&idx=1&sn=42f5c275f6dd4a21945f25bd6615b648&chksm=c01cdee9f76b57ffacdc230b74762ec291a1247e7c9e411e1268baae79852594d2e82d5fa0ef&token=1023699121&lang=zh_CN#rd
windows应急响应脚本
https://mp.weixin.qq.com/s?__biz=Mzg5NDU3NDA3OQ==&mid=2247487511&idx=1&sn=865ad76eadeaa78cf5b419c8127d777b&chksm=c01cdc87f76b5591d6dd725126f8d817a6f41a3d95fc65f88ac36b96893dd45b7fc255883c43&token=1023699121&lang=zh_CN#rd
MD5碰撞及解密工具
https://mp.weixin.qq.com/s?__biz=Mzg5NDU3NDA3OQ==&mid=2247487421&idx=1&sn=11da03b724caec9f52cfb32c89a689e2&chksm=c01cc32df76b4a3bd7bdd316e5e4e32ca08bac1622c631bf0a2bf8d07d7266a4ae7ca183f9ec&token=1023699121&lang=zh_CN#rd
内网穿透工具—FRP
https://mp.weixin.qq.com/s?__biz=Mzg5NDU3NDA3OQ==&mid=2247486201&idx=1&sn=769166ab1241c0ec2a327b0b2b2b82f9&chksm=c01cc669f76b4f7f74045edc368baa9c0f6e20d85229e183d07ca55fb2f499abf2f3b5125e47&token=1023699121&lang=zh_CN#rd

Erfrp-frp二开-免杀与隐藏

https://mp.weixin.qq.com/s?__biz=Mzg5NDU3NDA3OQ==&mid=2247488158&idx=1&sn=154b548d88d49635c3bfc8d3d83f9820&chksm=c01cde0ef76b57185243758793fdc511825a3fc7266b16a32b3aa2acf506b286a6dc5d9e8dbd&token=1023699121&lang=zh_CN#rd

零零信安(0.zone)搜索引擎搜索脚本

https://mp.weixin.qq.com/s?__biz=Mzg5NDU3NDA3OQ==&mid=2247487978&idx=1&sn=c3d33608cfbac9cebe4e5af2f7362e18&chksm=c01cdd7af76b546c97afa79ad63d9094252f869b864856c1ee86435c8d0adfa38bb709bbb381&token=1023699121&lang=zh_CN#rd
MySQL蜜罐获取攻击者微信号、手机号、IP、用户名
https://mp.weixin.qq.com/s?__biz=Mzg5NDU3NDA3OQ==&mid=2247486647&idx=1&sn=1bff4578d5a5be7f2b61256ed936bf87&chksm=c01cc027f76b4931bea1c2da2de5c2efc81198b2a592c11c69cf12bf46a4ec77ff4de2aac74a&token=1023699121&lang=zh_CN#rd
Burp suite插件-findSQL(查找存在注入的点)
https://mp.weixin.qq.com/s?__biz=Mzg5NDU3NDA3OQ==&mid=2247487962&idx=1&sn=617bb143a762745912278b9005bec55b&chksm=c01cdd4af76b545c0903852400f1901c0e2871baa4081d201da4a690a81844c8cb370e849774&token=1023699121&lang=zh_CN#rd

python打造url采集器

https://mp.weixin.qq.com/s?__biz=Mzg5NDU3NDA3OQ==&mid=2247486815&idx=1&sn=e535410910b4d8e61ad6be83d6a36ed2&chksm=c01cc1cff76b48d9b7f00fc66d8cc8e2b813c21c4f682795e4e7e1589612ca38b1f80b2d7ec7&token=1023699121&lang=zh_CN#rd
python连接PHP木马^加密传输数据
https://mp.weixin.qq.com/s?__biz=Mzg5NDU3NDA3OQ==&mid=2247487129&idx=1&sn=3249359e04af23bf66fd22cb36ff9d34&chksm=c01cc209f76b4b1fe049f6ada1a64fca19bd12e91208902b5b9c948d92748eec76a4e519e73d&token=1023699121&lang=zh_CN#rd
sqli-labs less5,8,9详解(py脚本)
https://mp.weixin.qq.com/s?__biz=Mzg5NDU3NDA3OQ==&mid=2247486591&idx=1&sn=d54192091c550e87d4660cb28988b33f&chksm=c01cc0eff76b49f9842a46798cfedd17cd8aa39e162de7ae79af345905a45f558876517d2e3c&token=1023699121&lang=zh_CN#rd
python爬取漂亮小姐姐图片
https://mp.weixin.qq.com/s?__biz=Mzg5NDU3NDA3OQ==&mid=2247486700&idx=1&sn=79f7999c1b089cfe073caa334423d05c&chksm=c01cc07cf76b496a1f3fbf0992830d3a651687fd8b60576c9fcf9bb68dc5224032d7061e04c4&token=1023699121&lang=zh_CN#rd
Cobalt strike 环境搭建与基本功能
https://mp.weixin.qq.com/s?__biz=Mzg5NDU3NDA3OQ==&mid=2247487641&idx=1&sn=23f66c812abaecb0c9674dd9486ae446&chksm=c01cdc09f76b551f452f1bd9d6c4eb5b0c2aa6f0bb16fba2d72e51c09c82ca70336cd5860ce7&token=1023699121&lang=zh_CN#rd
cobaltstrike 常用功能使用
https://mp.weixin.qq.com/s?__biz=Mzg5NDU3NDA3OQ==&mid=2247486009&idx=1&sn=c752913c686668b6586e902f5a2ec3df&chksm=c01cc6a9f76b4fbf1a89b2b3a1317ce92b95a263b3c16396b12d80f8be6880629874e4492763&token=1023699121&lang=zh_CN#rd

应急响应

应急响应介绍

https://mp.weixin.qq.com/s?__biz=Mzg5NDU3NDA3OQ==&mid=2247484721&idx=1&sn=28abde88c86460c33d252bbda3b389dd&chksm=c01cc9a1f76b40b715cc898bc82f65a0863953aa2cccc5b17efacba1069dab10ae25061f38a8&scene=178&cur_album_id=2134388050687246338#rd
应急响应-入侵排查篇(windows)
https://mp.weixin.qq.com/s?__biz=Mzg5NDU3NDA3OQ==&mid=2247484796&idx=1&sn=33dcd3c8d8b9c02dcfc3bc3a6b5c518e&chksm=c01cc9ecf76b40fa38cd681ce974de267b8dd27ad00734b6ea9bb8249b93c979bb919bdd4ccc&scene=178&cur_album_id=2134388050687246338#rd

应急响应-入侵排查篇(linux)

https://mp.weixin.qq.com/s?__biz=Mzg5NDU3NDA3OQ==&mid=2247484897&idx=1&sn=f7ef0f099968eec30f337c12185cb80b&chksm=c01cc971f76b4067e22291964da233c279c298586c84b9801782d249e4b7dd23a97dbc2c4b42&scene=178&cur_album_id=2134388050687246338#rd
应急响应—Linux日志分析
https://mp.weixin.qq.com/s?__biz=Mzg5NDU3NDA3OQ==&mid=2247486179&idx=1&sn=539fc7e7fdeda646392c75163e28b2ab&chksm=c01cc673f76b4f650306d307e3f4da15620ea8354750204e04624013ab248cc0db86c0231b0b&scene=178&cur_album_id=2134388050687246338#rd
windows应急响应脚本
https://mp.weixin.qq.com/s?__biz=Mzg5NDU3NDA3OQ==&mid=2247487511&idx=1&sn=865ad76eadeaa78cf5b419c8127d777b&chksm=c01cdc87f76b5591d6dd725126f8d817a6f41a3d95fc65f88ac36b96893dd45b7fc255883c43&scene=178&cur_album_id=2134388050687246338#rd
linux实战清理挖矿病毒
https://mp.weixin.qq.com/s?__biz=Mzg5NDU3NDA3OQ==&mid=2247488142&idx=1&sn=56f02c196bf71d8c8d4e82068611ef18&chksm=c01cde1ef76b570836789ee0fc5fcae8db4ec7cb7e7cff338b1acaf6ccfad318d3c4095127cf&scene=178&cur_album_id=2134388050687246338#rd

代码审计类

SeaCms 代码审计getshell
https://mp.weixin.qq.com/s?__biz=Mzg5NDU3NDA3OQ==&mid=2247488008&idx=1&sn=ac5be67686f78945875cc9ac1c6b787f&chksm=c01cde98f76b578e7afc818e5cae9e5707f611ee17f13f24031f59c02fac927a13969ef5cbc0&token=1023699121&lang=zh_CN#rd
eyoucms 1.0前台getshell分析
https://mp.weixin.qq.com/s?__biz=Mzg5NDU3NDA3OQ==&mid=2247487181&idx=1&sn=6374a971db3a0e31917665cfa7c4cf35&chksm=c01cc25df76b4b4bc01b58f10df84c32f22957a60d2d8a235069838577f3c630d42b7abca31a&token=1023699121&lang=zh_CN#rd

知识星球

元旦优惠卷|展示

欢 迎 加 入 星 球 !

代码审计+免杀+渗透学习资源+各种资料文档+各种工具+付费会员

进成员内部群

鹏组安全 | 2022年精华文章汇总


星球的最近主题和星球内部工具一些展示


鹏组安全 | 2022年精华文章汇总

鹏组安全 | 2022年精华文章汇总

鹏组安全 | 2022年精华文章汇总

鹏组安全 | 2022年精华文章汇总

回望过去 展望未来
有付出也有收获,
有喜悦也有遗憾,
获得、失去、释怀、成长、完结、待续,一年又一年!
努力经营当下,
直至未来明朗!

原文始发于微信公众号(鹏组安全):鹏组安全 | 2022年精华文章汇总

  • 左青龙
  • 微信扫一扫
  • weinxin
  • 右白虎
  • 微信扫一扫
  • weinxin
admin
  • 本文由 发表于 2023年1月3日11:48:46
  • 转载请保留本文链接(CN-SEC中文网:感谢原作者辛苦付出):
                   鹏组安全 | 2022年精华文章汇总https://cn-sec.com/archives/1495510.html

发表评论

匿名网友 填写信息