【9期】Timeline精选之安全大杂烩

0x01 最新漏洞

[+] VMware vCenter 7.0.2.00100 unauth Arbitrary File Read + SSRF + Reflected XSS https://github.com/l0ggg/VMware_vCenter

0x02 攻防技术

[+] 通用web应用和cms字典 https://github.com/p0dalirius/webapp-wordlists [+] 红队攻防之从边界突破到漫游内网(无cs和msf) https://xz.aliyun.com/t/10584#toc-8 [+] 钓鱼小技巧-XLM https://www.anquanke.com/post/id/261493

0x03 热门工具

[+] Zscan是一个开源的内网端口扫描器、爆破工具和其他实用工具的集合体 https://github.com/zyylhn/zscan [+] 蓝队工具箱 https://github.com/Liqunkit/LiqunShield [+] 一款快速, 稳定, 高效, 轻量的内网穿透, 端口转发工具 支持多连接,级联代理,传输加密 https://github.com/editso/fuso [+] 开源、轻量、快速、跨平台 的红队内外网打点扫描器 https://github.com/redtoolskobe/scaninfo [+] 攻击RMI https://github.com/A-D-Team/attackRmi