9.10. 操作系统持久化

文章目录

  • 9.10. 操作系统持久化
    • 9.10.1. Windows
      • 9.10.1.1. 凭证获取
      • 9.10.1.2. 权限提升
      • 9.10.1.3. UAC Bypass
      • 9.10.1.4. C2
      • 9.10.1.5. 隐藏
      • 9.10.1.6. 综合工具
    • 9.10.2. Linux
      • 9.10.2.1. 权限提升
      • 9.10.2.2. rootkit
      • 9.10.2.3. 后门
    • 9.10.3. 综合
      • 9.10.3.1. 凭证获取
      • 9.10.3.2. 权限提升
      • 9.10.3.3. RAT
      • 9.10.3.4. C2
      • 9.10.3.5. Cobalt Strike
      • 9.10.3.6. 日志清除
      • 9.10.3.7. Botnet
      • 9.10.3.8. 免杀工具

9.10. 操作系统持久化

9.10.1. Windows

9.10.1.1. 凭证获取

  • mimikatz
  • RdpThief Extracting Clear Text Passwords from mstsc.exe using API Hooking
  • quarkspwdump Dump various types of Windows credentials without injecting in any process
  • SharpDump C# port of PowerSploit’s Out-Minidump.ps1 functionality

9.10.1.2. 权限提升

  • WindowsExploits
  • GTFOBins Curated list of Unix binaries that can be exploited to bypass system security restrictions
  • JAWS Just Another Windows (Enum) Script

9.10.1.3. UAC Bypass

  • WinPwnage UAC bypass, Elevate, Persistence and Execution methods
  • UACME Defeating Windows User Account Control
  • UAC Bypass In The Wild

9.10.1.4. C2

  • Koadic is a Windows post-exploitation rootkit

9.10.1.5. 隐藏

  • ProcessHider Post-exploitation tool for hiding processes from monitoring applications

9.10.1.6. 综合工具

  • Nishang Offensive PowerShell for red team, penetration testing and offensive security

9.10.2. Linux

9.10.2.1. 权限提升

  • linux exploit suggester
  • LinEnum Scripted Local Linux Enumeration & Privilege Escalation Checks
  • AutoLocalPrivilegeEscalation

9.10.2.2. rootkit

  • rootkit

9.10.2.3. 后门

  • prism is an user space stealth reverse shell backdoor

9.10.3. 综合

9.10.3.1. 凭证获取

  • sshLooterC program to steal passwords from ssh
  • keychaindump A proof-of-concept tool for reading OS X keychain passwords
  • LaZagne Credentials recovery project

9.10.3.2. 权限提升

  • BeRoot Privilege Escalation Project - Windows / Linux / Mac

9.10.3.3. RAT

  • QuasarRAT

9.10.3.4. C2

  • Empire
  • pupy
  • Covenant is a collaborative .NET C2 framework for red teamers

9.10.3.5. Cobalt Strike

  • Cobalt Strike
  • CrossC2 generate CobaltStrike’s cross-platform payload
  • Cobalt Strike Aggressor Scripts

9.10.3.6. 日志清除

  • Log killer Clear all logs in [linux/windows] servers

9.10.3.7. Botnet

  • byob Build Your Own Botnet

9.10.3.8. 免杀工具

  • AV Evasion Tool 掩日 - 免杀执行器生成工具
  • DKMC Dont kill my cat - Malicious payload evasion tool

你可能感兴趣的:(Web安全学习笔记,凭证获取,权限提升,UAC,Bypass,隐藏,后门)