Research and idea of avoiding killing by bypassing AMSI
What is AMSI
Antimalware Scan Interface(AMSI) is an anti malware scanning interface.
Microsoft described his purpose:
The Windows antimalware scanning interface (AMSI) is a common interface standard that allows your applications and services to integrate with any antimalware products that exist on your machine. AMSI provides enhanced malw ...
Added by steeveherris on Fri, 12 Nov 2021 00:41:37 +0200
[Tryhackme] KoTH Food CTF (front end verification bypass, picture steganography, SUID right lifting: vim.basic)
DisclaimersThe host penetrated by this article is legally authorized. The tools and methods used in this article are limited to learning and communication. Please do not use the tools and infiltration ideas used in this article for any illegal purpose. I will not bear any responsibility for all the consequences, nor be responsible for any misus ...
Added by sonofyoda on Wed, 10 Nov 2021 14:32:15 +0200
[note] how do you know what is downloaded from build script?
How does the product track vulnerabilities? When managing the supply chain, we will encounter many problems. We know that a factory's assembly line machine will install various sensors to monitor the production environment. What about the software assembly line? For example, did build script download unsafe lib? For example, has our download so ...
Added by jakem on Wed, 10 Nov 2021 02:16:12 +0200
[Tryhackme] Mustacchio (xxe attack, modify $PATH+SUID to raise the right)
DisclaimersThe host penetrated by this article is legally authorized. The tools and methods used in this article are limited to learning and communication. Please do not use the tools and infiltration ideas used in this article for any illegal purpose. I will not bear any responsibility for all the consequences, nor be responsible for any misus ...
Added by kevinc on Mon, 08 Nov 2021 10:23:35 +0200
Encryption security, time synchronization and automatic deployment
1, Create a private CA and apply for a certificate.
1.1 create CA related directories and files
[root@Centos8 ~]# mkdir /etc/pki/CA/{certs,crl,newcerts,private}
[root@Centos8 ~]# tree /etc/pki/CA/
/etc/pki/CA/
├── certs
├── crl
├── newcerts
└── private
The index.txt and serial files need to be used when issuing certificates. If they do not ...
Added by flight553 on Tue, 02 Nov 2021 22:12:04 +0200
WebShell command execution restrictions (solution)
This column is the author's network security learning notes, which are shared and used as notes at the same time
Previous link
Construction of Wamp / DVWA / sqli LabsUse of burpsuite tool to capture packets and Intruder brute force crackingUse of directory scanning, request retransmission, vulnerability scanning and other toolsWebsite infor ...
Added by Mountain Water on Mon, 20 Sep 2021 10:04:11 +0300