修改

xiaoy-sec · May 22, 2023 · 52156f8 · 52156f8
1 parent 0e3a978
commit 52156f8
Show file tree

Hide file tree

Showing 53 changed files with 257 additions and 122 deletions.
diff --git a/README.md b/README.md
@@ -6,6 +6,7 @@
 	查找内容请配合wiki食用或使用CTRL+F搜索
 
   ## 主目录
+- [个人卫生](https://github.com/xiaoy-sec/Pentest_Note/blob/master/wiki/个人卫生.md)
 - [收集信息](https://github.com/xiaoy-sec/Pentest_Note/blob/master/wiki/收集信息/README.md)
 - [初始访问](https://github.com/xiaoy-sec/Pentest_Note/blob/master/wiki/初始访问/README.md)
 - [防御规避](https://github.com/xiaoy-sec/Pentest_Note/blob/master/wiki/防御规避/README.md)
@@ -21,6 +22,7 @@
 
 ***
   ## 详细目录
+- [个人卫生](https://github.com/xiaoy-sec/Pentest_Note/blob/master/wiki/个人卫生.md)
 - [收集信息](https://github.com/xiaoy-sec/Pentest_Note/blob/master/wiki/收集信息/README.md)
   - [域名信息](https://github.com/xiaoy-sec/Pentest_Note/blob/master/wiki/收集信息/域名信息/README.md)
     - [CDN是否存在](https://github.com/xiaoy-sec/Pentest_Note/blob/master/wiki/收集信息/域名信息/CDN是否存在.md)
@@ -69,6 +71,15 @@
     - [命令执行](https://github.com/xiaoy-sec/Pentest_Note/blob/master/wiki/初始访问/Web服务突破/命令执行.md)
     - [CmdHijack](https://github.com/xiaoy-sec/Pentest_Note/blob/master/wiki/初始访问/Web服务突破/CmdHijack.md)
     - [Fuzz目录](https://github.com/xiaoy-sec/Pentest_Note/blob/master/wiki/初始访问/Web服务突破/Fuzz目录.md)
+    - [web程序漏洞](https://github.com/xiaoy-sec/Pentest_Note/blob/master/wiki/初始访问/Web服务突破/web程序漏洞.md)  
+    - [编辑器漏洞](https://github.com/xiaoy-sec/Pentest_Note/blob/master/wiki/初始访问/Web服务突破/编辑器漏洞.md)               
+    - [邮件地址payload](https://github.com/xiaoy-sec/Pentest_Note/blob/master/wiki/初始访问/Web服务突破/邮件地址payload.md)        
+    - [从LFI到RCE](https://github.com/xiaoy-sec/Pentest_Note/blob/master/wiki/初始访问/Web服务突破/从LFI到RCE.md)             
+    - [深x服](https://github.com/xiaoy-sec/Pentest_Note/blob/master/wiki/初始访问/Web服务突破/深x服.md)                         
+    - [天r信](https://github.com/xiaoy-sec/Pentest_Note/blob/master/wiki/初始访问/Web服务突破/tianr.md)                     
+    - [Web server日志分析命令](https://github.com/xiaoy-sec/Pentest_Note/blob/master/wiki/初始访问/Web服务突破/Web-server日志分析命令.md)
+    - [默认密码](https://github.com/xiaoy-sec/Pentest_Note/blob/master/wiki/初始访问/Web服务突破/默认密码.md)  
+    - [wso2](https://github.com/xiaoy-sec/Pentest_Note/blob/master/wiki/初始访问/Web服务突破/wso2.md) 
   - [未授权访问](https://github.com/xiaoy-sec/Pentest_Note/blob/master/wiki/初始访问/未授权访问/README.md)
     - [Redis](https://github.com/xiaoy-sec/Pentest_Note/blob/master/wiki/初始访问/未授权访问/Redis.md)
     - [activemq](https://github.com/xiaoy-sec/Pentest_Note/blob/master/wiki/初始访问/未授权访问/activemq.md)
@@ -94,6 +105,8 @@
     - [ImageMagick组件绕过](https://github.com/xiaoy-sec/Pentest_Note/blob/master/wiki/初始访问/一些Bypass/ImageMagick组件绕过.md)
     - [常规函数绕过](https://github.com/xiaoy-sec/Pentest_Note/blob/master/wiki/初始访问/一些Bypass/常规函数绕过.md)
     - [Open_basedir绕过](https://github.com/xiaoy-sec/Pentest_Note/blob/master/wiki/初始访问/一些Bypass/Open_basedir绕过.md)
+    - [绕过lsa protection](https://github.com/xiaoy-sec/Pentest_Note/blob/master/wiki/初始访问/一些Bypass/绕过lsa-protection.md)
+    - [Bypass mod_security](https://github.com/xiaoy-sec/Pentest_Note/blob/master/wiki/初始访问/一些Bypass/Bypass-mod_security.md)
   - [TomcatAjp之LFI&RCE](https://github.com/xiaoy-sec/Pentest_Note/blob/master/wiki/初始访问/TomcatAjp之LFI&RCE.md)
   - [MSSQL&Agent之Job上线](https://github.com/xiaoy-sec/Pentest_Note/blob/master/wiki/初始访问/MSSQL&Agent之Job上线.md)
   - [MySQL开启外联](https://github.com/xiaoy-sec/Pentest_Note/blob/master/wiki/初始访问/MySQL开启外联.md)
@@ -160,6 +173,14 @@
   - [carboncopy](https://github.com/xiaoy-sec/Pentest_Note/blob/master/wiki/防御规避/carboncopy.md)
   - [avet](https://github.com/xiaoy-sec/Pentest_Note/blob/master/wiki/防御规避/avet.md)
   - [c代码加载图片马](https://github.com/xiaoy-sec/Pentest_Note/blob/master/wiki/防御规避/c代码加载图片马.md)
+  - [Bypass AMSI](https://github.com/xiaoy-sec/Pentest_Note/blob/master/wiki/防御规避/Bypass-AMSI.md)
+  - [一些可尝试绕过白名单的执行](https://github.com/xiaoy-sec/Pentest_Note/blob/master/wiki/防御规避/一些可尝试绕过白名单的执行.md)
+  - [在Windows Server 2016和2019中绕过WindowsDefender](https://github.com/xiaoy-sec/Pentest_Note/blob/master/wiki/防御规避/在Windows-Server-2016和2019中绕过WindowsDefender.md)
+  - [cshot远程shellcode](https://github.com/xiaoy-sec/Pentest_Note/blob/master/wiki/防御规避/cshot远程shellcode.md)
+  - [内存中解码shellcode绕过av](https://github.com/xiaoy-sec/Pentest_Note/blob/master/wiki/防御规避/内存中解码shellcode绕过av.md)
+  - [Pezor免杀](https://github.com/xiaoy-sec/Pentest_Note/blob/master/wiki/防御规避/Pezor免杀.md)
+  - [绕过安全狗脚本](https://github.com/xiaoy-sec/Pentest_Note/blob/master/wiki/防御规避/绕过安全狗脚本.md)
+  - [360白名单](https://github.com/xiaoy-sec/Pentest_Note/blob/master/wiki/防御规避/360白名单.md)
 
 - [权限提升](https://github.com/xiaoy-sec/Pentest_Note/blob/master/wiki/权限提升/README.md)
   - [Windows提权](https://github.com/xiaoy-sec/Pentest_Note/blob/master/wiki/权限提升/Windows提权/README.md)
@@ -240,6 +261,7 @@
   - [Windows查找文件](https://github.com/xiaoy-sec/Pentest_Note/blob/master/wiki/文件操作/Windows查找文件.md)
   - [Linux查找文件](https://github.com/xiaoy-sec/Pentest_Note/blob/master/wiki/文件操作/Linux查找文件.md)
   - [解压](https://github.com/xiaoy-sec/Pentest_Note/blob/master/wiki/文件操作/解压.md)
+  - [远程解压文件](https://github.com/xiaoy-sec/Pentest_Note/blob/master/wiki/文件操作/远程解压文件.md)
   - [压缩](https://github.com/xiaoy-sec/Pentest_Note/blob/master/wiki/文件操作/压缩.md)
   - [查找可写目录](https://github.com/xiaoy-sec/Pentest_Note/blob/master/wiki/文件操作/查找可写目录.md)
   - [传输](https://github.com/xiaoy-sec/Pentest_Note/blob/master/wiki/文件操作/传输/README.md)
@@ -256,6 +278,7 @@
     - [SCP](https://github.com/xiaoy-sec/Pentest_Note/blob/master/wiki/文件操作/传输/scp.md)
     - [vbs](https://github.com/xiaoy-sec/Pentest_Note/blob/master/wiki/文件操作/传输/vbs.md)
     - [wget](https://github.com/xiaoy-sec/Pentest_Note/blob/master/wiki/文件操作/传输/wget.md)
+    - [WindowsDefender](https://github.com/xiaoy-sec/Pentest_Note/blob/master/wiki/文件操作/传输/WindowsDefender.md)
 
 - [内网和域](https://github.com/xiaoy-sec/Pentest_Note/blob/master/wiki/内网和域/README.md)
   - [信息搜集](https://github.com/xiaoy-sec/Pentest_Note/blob/master/wiki/内网和域/信息搜集/README.md)
@@ -436,6 +459,8 @@
     - [SSH](https://github.com/xiaoy-sec/Pentest_Note/blob/master/wiki/横向移动/代理/ssh.md)
     - [Gost](https://github.com/xiaoy-sec/Pentest_Note/blob/master/wiki/横向移动/代理/Gost.md)
     - [revsocks](https://github.com/xiaoy-sec/Pentest_Note/blob/master/wiki/横向移动/代理/revsocks.md)
+    - [GoToHTTP](https://github.com/xiaoy-sec/Pentest_Note/blob/master/wiki/横向移动/代理/GoToHTTP.md)
+    - [RustDesk](https://github.com/xiaoy-sec/Pentest_Note/blob/master/wiki/横向移动/代理/RustDesk.md)
     - [代理软件](https://github.com/xiaoy-sec/Pentest_Note/blob/master/wiki/横向移动/代理/代理软件.md)
   - [Ngrok内网穿透](https://github.com/xiaoy-sec/Pentest_Note/blob/master/wiki/横向移动/Ngrok内网穿透.md)
   - [MS08_067](https://github.com/xiaoy-sec/Pentest_Note/blob/master/wiki/横向移动/MS08_067.md)
@@ -566,6 +591,12 @@
     - [WMIC事件订阅](https://github.com/xiaoy-sec/Pentest_Note/blob/master/wiki/权限维持/Windows/WMIC事件订阅.md)
     - [RPC后门](https://github.com/xiaoy-sec/Pentest_Note/blob/master/wiki/权限维持/Windows/RPC后门.md)
     - [Shadow-Credentials](https://github.com/xiaoy-sec/Pentest_Note/blob/master/wiki/权限维持/Windows/Shadow-Credentials.md)
+    - [动态调用进程注入逻辑](https://github.com/xiaoy-sec/Pentest_Note/blob/master/wiki/权限维持/Windows/动态调用进程注入逻辑.md)
+    - [通过挂起EventLog服务线程禁用Windows事件日志](https://github.com/xiaoy-sec/Pentest_Note/blob/master/wiki/权限维持/Windows/通过挂起EventLog服务线程禁用Windows事件日志.md)
+    - [隐藏windows服务](https://github.com/xiaoy-sec/Pentest_Note/blob/master/wiki/权限维持/Windows/隐藏windows服务.md)
+    - [ImportDLLInjection-通过修改内存中的PE头来注入DLL的另一种方法](https://github.com/xiaoy-sec/Pentest_Note/blob/master/wiki/权限维持/Windows/ImportDLLInjection-通过修改内存中的PE头来注入DLL的另一种方法.md)
+    - [父进程破坏](https://github.com/xiaoy-sec/Pentest_Note/blob/master/wiki/权限维持/Windows/父进程破坏.md)
+    - [进程挖空(MitreT1055.012)](https://github.com/xiaoy-sec/Pentest_Note/blob/master/wiki/权限维持/Windows/进程挖空(MitreT1055.012).md)
   - [Linux](https://github.com/xiaoy-sec/Pentest_Note/blob/master/wiki/权限维持/Linux/README.md)
     - [Linux cron后门](https://github.com/xiaoy-sec/Pentest_Note/blob/master/wiki/权限维持/Linux/Linux-cron后门.md)
     - [文件处理](https://github.com/xiaoy-sec/Pentest_Note/blob/master/wiki/权限维持/Linux/文件处理.md)
@@ -610,6 +641,7 @@
   - [通过.json的信息泄露](https://github.com/xiaoy-sec/Pentest_Note/blob/master/wiki/赏金技巧/通过.json的信息泄露.md)
   - [一行命令](https://github.com/xiaoy-sec/Pentest_Note/blob/master/wiki/赏金技巧/一行命令/README.md)
     - [使用grep快速去除垃圾数据](https://github.com/xiaoy-sec/Pentest_Note/blob/master/wiki/赏金技巧/一行命令/使用grep快速去除垃圾数据.md)
+    - [查找漏洞](https://github.com/xiaoy-sec/Pentest_Note/blob/master/wiki/赏金技巧/一行命令/查找漏洞.md)
   - [子域名接管](https://github.com/xiaoy-sec/Pentest_Note/blob/master/wiki/赏金技巧/子域名接管.md)
   - [测试是否存在heartbleed漏洞](https://github.com/xiaoy-sec/Pentest_Note/blob/master/wiki/赏金技巧/测试是否存在heartbleed漏洞.md)
   - [sql注入检测](https://github.com/xiaoy-sec/Pentest_Note/blob/master/wiki/赏金技巧/sql注入检测.md)
@@ -678,33 +710,3 @@
   - [Aliyun](https://github.com/xiaoy-sec/Pentest_Note/blob/master/wiki/云安全/Aliyun/README.md)
     - [osskey](https://github.com/xiaoy-sec/Pentest_Note/blob/master/wiki/云安全/Aliyun/osskey.md)
   - [工具](https://github.com/xiaoy-sec/Pentest_Note/blob/master/wiki/云安全/工具.md)
-
-- [Redteam红队](https://github.com/xiaoy-sec/Pentest_Note/blob/master/wiki/Redteam红队/README.md)
-  - [免杀技巧](https://github.com/xiaoy-sec/Pentest_Note/blob/master/wiki/Redteam红队/免杀技巧/README.md)
-    - [Bypass AMSI](https://github.com/xiaoy-sec/Pentest_Note/blob/master/wiki/Redteam红队/免杀技巧/Bypass-AMSI.md)
-    - [一些可尝试绕过白名单的执行](https://github.com/xiaoy-sec/Pentest_Note/blob/master/wiki/Redteam红队/免杀技巧/一些可尝试绕过白名单的执行.md)
-    - [在Windows Server 2016和2019中绕过WindowsDefender](https://github.com/xiaoy-sec/Pentest_Note/blob/master/wiki/Redteam红队/免杀技巧/在Windows-Server-2016和2019中绕过WindowsDefender.md)
-    - [cshot远程shellcode](https://github.com/xiaoy-sec/Pentest_Note/blob/master/wiki/Redteam红队/免杀技巧/cshot远程shellcode.md)
-    - [内存中解码shellcode绕过av](https://github.com/xiaoy-sec/Pentest_Note/blob/master/wiki/Redteam红队/免杀技巧/内存中解码shellcode绕过av.md)
-    - [Pezor免杀](https://github.com/xiaoy-sec/Pentest_Note/blob/master/wiki/Redteam红队/免杀技巧/Pezor免杀.md)
-  - [Bypass技巧](https://github.com/xiaoy-sec/Pentest_Note/blob/master/wiki/Redteam红队/Bypass技巧/README.md)
-    - [绕过lsa protection](https://github.com/xiaoy-sec/Pentest_Note/blob/master/wiki/Redteam红队/Bypass技巧/绕过lsa-protection.md)
-    - [Bypass mod_security](https://github.com/xiaoy-sec/Pentest_Note/blob/master/wiki/Redteam红队/Bypass技巧/Bypass-mod_security.md)
-  - [系统类](https://github.com/xiaoy-sec/Pentest_Note/blob/master/wiki/Redteam红队/Bypass技巧/系统类/README.md)
-    - [动态调用进程注入逻辑](https://github.com/xiaoy-sec/Pentest_Note/blob/master/wiki/Redteam红队/系统类/动态调用进程注入逻辑.md)
-    - [通过挂起EventLog服务线程禁用Windows事件日志](https://github.com/xiaoy-sec/Pentest_Note/blob/master/wiki/Redteam红队/系统类/通过挂起EventLog服务线程禁用Windows事件日志.md)
-    - [隐藏windows服务](https://github.com/xiaoy-sec/Pentest_Note/blob/master/wiki/Redteam红队/系统类/隐藏windows服务.md)
-    - [ImportDLLInjection-通过修改内存中的PE头来注入DLL的另一种方法](https://github.com/xiaoy-sec/Pentest_Note/blob/master/wiki/Redteam红队/系统类/ImportDLLInjection-通过修改内存中的PE头来注入DLL的另一种方法.md)
-    - [父进程破坏](https://github.com/xiaoy-sec/Pentest_Note/blob/master/wiki/Redteam红队/系统类/父进程破坏.md)
-    - [进程挖空(MitreT1055.012)](https://github.com/xiaoy-sec/Pentest_Note/blob/master/wiki/Redteam红队/系统类/进程挖空(MitreT1055.012).md)
-    - [远程解压文件](https://github.com/xiaoy-sec/Pentest_Note/blob/master/wiki/Redteam红队/系统类/远程解压文件.md)
-    - [使用WindowsDefender下载文件](https://github.com/xiaoy-sec/Pentest_Note/blob/master/wiki/Redteam红队/系统类/使用WindowsDefender下载文件.md)
-  - [Web类](https://github.com/xiaoy-sec/Pentest_Note/blob/master/wiki/Redteam红队/Bypass技巧/Web类/README.md)
-    - [web程序漏洞](https://github.com/xiaoy-sec/Pentest_Note/blob/master/wiki/Redteam红队/Web类/web程序漏洞.md)  
-    - [编辑器漏洞](https://github.com/xiaoy-sec/Pentest_Note/blob/master/wiki/Redteam红队/Web类/编辑器漏洞.md)               
-    - [邮件地址payload](https://github.com/xiaoy-sec/Pentest_Note/blob/master/wiki/Redteam红队/Web类/邮件地址payload.md)        
-    - [从LFI到RCE](https://github.com/xiaoy-sec/Pentest_Note/blob/master/wiki/Redteam红队/Web类/从LFI到RCE.md)             
-    - [深x服](https://github.com/xiaoy-sec/Pentest_Note/blob/master/wiki/Redteam红队/Web类/深x服.md)                         
-    - [天r信](https://github.com/xiaoy-sec/Pentest_Note/blob/master/wiki/Redteam红队/Web类/tianr.md)                     
-    - [Web server日志分析命令](https://github.com/xiaoy-sec/Pentest_Note/blob/master/wiki/Redteam红队/Web类/Web-server日志分析命令.md)
-    - [默认密码](https://github.com/xiaoy-sec/Pentest_Note/blob/master/wiki/Redteam红队/Web类/默认密码.md)