攻防技战术动态一周更新–20260622

admin 2026-06-30 07:22:58 网络安全文章 来源:ZONE.CI 全球网 0 阅读模式

文章总结: 本文为攻防技战术周报,聚焦红队前沿技术与工具。内容涵盖Linux密码提取、PAC签名失效导致的域降级攻击、DCOM横向移动、Syscalls绕过Defender、AMSI缺陷利用及Nim隐身等免杀手法;蓝队收录利用系统NET编译器构建RAT案例。工具推荐包括免杀Donut、云路由C2及ROP扫描器。建议安全人员按需研读以跟进最新武器化进展。 综合评分: 62 文章分类: 红队,渗透测试,免杀,内网渗透,安全工具


cover_image

攻防技战术动态一周更新 – 20260622

原创

红蓝对抗技术 红蓝对抗技术

红蓝对抗技战术

2026年6月27日 21:25 北京

在小说阅读器读本章

去阅读

漏洞相关

1、

红队技术

1、Fantastic clear-text passwords and where to collect them (Part 1 – Linux)

https://dfir.ch/posts/fantastic_passwords_linux/

2、PAC 签名无效引发的域信任降级攻击

https://blog.ghostwolflab.com/redteam/786/

3、DCOM Explained: How Attackers Turn a Windows Feature into a Lateral Movement Tool

https://detect.fyi/dcom-explained-how-attackers-turn-a-windows-feature-into-a-lateral-movement-tool-f3c07ce94866

4、Malware analysis: part 9. AI-assisted deo bfuscation: control flow flattening. Simple C example.

https://cocomelonc.github.io/malware/2026/06/21/malware-analysis-9.html

5、2026_06_x33fcon_Bring_Your_Own_Everything

https://github.com/Print3M/MyTalks/blob/main/2026_06_x33fcon_Bring_Your_Own_Everything_-_The_Final_Approach.pdf

6、Defender AV Real-Time Protection Impact on EDR Telemetry

https://academy.bluraven.io/blog/defender-av-real-time-protection-impact-on-edr-telemetry

7、x33fcon_The_Art_of_Evasion

https://github.com/S3cur3Th1sSh1t/Creds/blob/master/Presentations/x33fcon_The_Art_of_Evasion.pdf

8、Handle Permission Elevation via BYOVD

https://medium.com/@s12deff/handle-permission-elevation-via-byovd-df99e908e780

9、IDT Table Hijacking under VBS/HVCI/kCET in Windows 11

https://www.exploitpack.com/blogs/news/idt-table-hijacking-under-vbs-hvci-kcet-in-windows-11

10、heavener: This is what happens when you can’t afford EDR licenses

https://blog.otterpwn.com/projects/heavener

11、An Introduction to Modern Malware Development for Red Teams

https://anteiku.fun/papers/an-introduction-to-modern-malware-development-for-red-teams/00_an_introduction_to_malware_development_for_red_teams/

12、Bypass Windows Defender antivirus in 2026: Evasion Techniques Using Direct Syscalls and XOR encryption – Part 2

https://www.hackmosphere.fr/bypass-windows-defender-antivirus-2025-part-2/

13、Red Team Tactics: Utilizing Syscalls in C# – Writing The Code

https://jhalon.github.io/utilizing-syscalls-in-csharp-2/

14、One Bool. Six Shells. AMSI’s Design Problem.

https://bl4ckarch.github.io/posts/One-Bool.-Six-Shells.-AMSI’s-Design-Problem/

15、Nim 的 C-FFI 隐身衣

https://blog.ghostwolflab.com/redteam/808/

16、Kerberos Explained

https://thattotallyrealmyth.gitbook.io/kerberos-explained

蓝队技术

1、How attackers built a RAT on a Windows machine using its own .NET compiler

https://heimdalsecurity.com/blog/how-attackers-built-rat-windows-machine-net-compiler/

工具类

1、LoadReload

https://github.com/0xRoam/LoadReload

Shellcode Loader for Master Thesis, designed for Sliver-Shellcode (smaller than 25MB….).

2、Onelogon: Taking over Active Directory Accounts via Netlogon

https://github.com/rub-softsec/onelogon

3、crystal-kit-sliver

https://github.com/licitrasimone/CrystalSliver

Crystal Palace Evasion kit for Sliver

4、CredsHunter

https://github.com/NeCr00/Credential-Hunting

Credential Hunting – Windows and Linux Scripts

5、DuplexSpy

https://github.com/iss4cf0ng/DuplexSpyCS

An open-source, C#-based remote administration tool (RAT), enabling complete control of a remote Windows machine, designed for legitimate remote administration and security testing of Windows systems.

6、Alien

https://github.com/iss4cf0ng/Alien

A C#-based webshell management tool for penetration testing.

7、FileHost – Adaptix C2 Service Extender

https://github.com/MaorSabag/SiteManagementAx

File hosting and scripted web delivery service extender for AdaptixC2. Host files over HTTP/HTTPS, generate one-liner payloads across 17 delivery methods, and manage active sites – all from the Adaptix operator UI.

8、Donut-CustomHost

https://github.com/Zuigetzu/Donut-CustomHost

Advanced OPSEC fork of Donut. Features a Custom in-memory CLR Host, Tail-Jump ETW bypasses, and zero-patch AMSI evasion for stealthy shellcode generation.

9、JMP-AMSI (JIT Hooking PoC)

https://github.com/Zuigetzu/JMP-AMSI

PoC on JIT Flow Redirection and .NET Reflection for Analyzing In-Memory Telemetry Interfaces (AMSI/ETW)

10、KHAØS C2

https://github.com/28Zaaky/khaos-c2

KHAOS is a modern C2 framework that routes agent traffic through cloud services already trusted by enterprise networks.

11、rop_scanner

https://github.com/oxfemale/rop_scanner

Gadget scanner that finds ROP gadgets inside any Windows DLL

其他类

1、


免责声明:

本文所载程序、技术方法仅面向合法合规的安全研究与教学场景,旨在提升网络安全防护能力,具有明确的技术研究属性。

任何单位或个人未经授权,将本文内容用于攻击、破坏等非法用途的,由此引发的全部法律责任、民事赔偿及连带责任,均由行为人独立承担,本站不承担任何连带责任。

本站内容均为技术交流与知识分享目的发布,若存在版权侵权或其他异议,请通过邮件联系处理,具体联系方式可点击页面上方的联系我

本文转载自:红蓝对抗技战术 红蓝对抗技术 红蓝对抗技术《攻防技战术动态一周更新 – 20260622》

好像躲过了一次噶腰子 网络安全文章

好像躲过了一次噶腰子

文章总结: 文档记录作者在瑞士遭遇陌生人可疑求助经历,对方先后询问火车站位置和45公里外商店路线,并邀请上车带路。作者识别出前后矛盾、刻意套近乎等危险信号后拒绝
评论:0   参与:  0