每周蓝军技术推送（2022.4.16-4.22）

https://portswigger.net/research/new-xss-vectors

https://mp.weixin.qq.com/s/i2Vaqh2wndDleM85T-OyzQ

https://mp.weixin.qq.com/s/BSILzm9n8LF0fLyUrEtUhA

https://github.com/d3ckx1/OLa

https://vanmieghem.io/blueprint-for-evading-edr-in-2022/

https://ethicalchaos.dev/2022/04/17/in-process-patchless-amsi-bypass/

https://tttang.com/archive/1546/

https://m417z.com/Implementing-Global-Injection-and-Hooking-in-Windows/

https://captmeelo.com/redteam/maldev/2022/04/21/kernelcallbacktable-injection.htmlA5%E5%88%86%E6%9E%90/

https://www.mdsec.co.uk/2022/04/resolving-system-service-numbers-using-the-exception-directory/

https://assume-breach.medium.com/home-grown-red-team-testing-common-av-evasion-with-pe-packers-on-windows-11-a2a9e873fe13

https://mp.weixin.qq.com/s/rCEoKdi-_qLWw86vZKrVWA

http://blog.topsec.com.cn/cve-2022-21882-win32k%E5%86%85%E6%A0%B8%E6%8F%90%E6%9D%83%E6%BC%8F%E6%B4%9E%E6%B7%B1%E5%85%A5%E5%88%86%E6%9E%90

http://neilmadden.blog/2022/04/19/psychic-signatures-in-java/

https://github.com/khalednassar/CVE-2022-21449-TLS-PoC

https://googleprojectzero.blogspot.com/2022/04/the-more-you-know-more-you-know-you.html

https://securecloud.blog/2022/04/21/microsoft-cloud-security-research-public-disclosure-gaining-unlimited-access-to-graph-auditlogs-endpoint-using-complex-filters-with-non-privileged-user-account/

https://blog.didierstevens.com/2022/04/04/iso-files-with-office-maldocs-protected-view-in-office-2019-and-2021/

https://www.cobaltstrike.com/blog/cobalt-strike-4-6-the-line-in-the-sand/

https://www.mandiant.com/media/15671