JoasASantos/Red-Team-Exercises

# 红队演练 ### 我在 LinkedIn 上发布的关于红队演练的帖子汇总 我的 LinkedIn：https://www.linkedin.com/in/joas-antonio-dos-santos/ 课程：http://courses.redteamleaders.com/ 或 http://courses.redteamleaders.com/ ### LinkedIn 帖子 红队演练 #0 - Red Team Dev Machine 下载 https://www.linkedin.com/posts/joas-antonio-dos-santos_redteam-redteamdev-redteamexercises-activity-7264053830919614465--0xL?utm_source=share&utm_medium=member_desktop 红队演练 #1 - 如何改进我的 shellcode runner https://www.linkedin.com/posts/joas-antonio-dos-santos_hacking-redteam-cybersecurity-activity-7187108451313983489-X0uc?utm_source=share&utm_medium=member_desktop 红队演练 #2 - 你的 nginx 重定向器中不能缺少什么？ https://www.linkedin.com/posts/joas-antonio-dos-santos_hacking-redteam-cybersecurity-activity-7187864603651952640-vR8f?utm_source=share&utm_medium=member_desktop 红队演练 #3 - AMSI Bypass https://www.linkedin.com/posts/joas-antonio-dos-santos_redteam-cybersecurity-amsibypass-activity-7191807240637472769-XoHb?utm_source=share&utm_medium=member_desktop 红队演练 #4 - 域控制器被攻陷 PT.1 https://www.linkedin.com/posts/joas-antonio-dos-santos_hacking-redteam-cybersecurity-activity-7192621508408594432-62X1?utm_source=share&utm_medium=member_desktop 红队演练 #5 - 鱼叉式网络钓鱼活动 1 https://www.linkedin.com/posts/joas-antonio-dos-santos_hacking-redteam-cybersecurity-activity-7193434385600147457-7qzf?utm_source=share&utm_medium=member_desktop 红队演练 #6 - ETW 规避 https://www.linkedin.com/posts/joas-antonio-dos-santos_hacking-redteam-cybersecurity-activity-7196117085263904769-sjH6?utm_source=share&utm_medium=member_desktop 红队演练 #7 - PPL Bypass https://www.linkedin.com/posts/joas-antonio-dos-santos_redteam-cybersecurity-pplevasion-activity-7201681520439296001-pd-g?utm_source=share&utm_medium=member_desktop 红队演练 #8 - SmartScreen Bypass https://www.linkedin.com/posts/joas-antonio-dos-santos_hacking-redteam-cybersecurity-activity-7204821933102739456-xpld?utm_source=share&utm_medium=member_desktop 红队演练 #9 - 进程注入 https://www.linkedin.com/posts/joas-antonio-dos-santos_redteam-cybersecurity-informationsecurity-activity-7207721019216769025-nSUL?utm_source=share&utm_medium=member_desktop 红队演练 #10 - 鱼叉式网络钓鱼 PT.2 https://www.linkedin.com/posts/joas-antonio-dos-santos_hacking-redteam-cybersecurity-activity-7208825346891124736-Jzz4?utm_source=share&utm_medium=member_desktop 红队演练 #11 - 物理行动 PT.1 https://www.linkedin.com/posts/joas-antonio-dos-santos_redteamexercises-hacking-redteam-activity-7211889402178916353-yRsn?utm_source=share&utm_medium=member_desktop 红队演练 #12 - AntiVM/Sandbox 规避 https://www.linkedin.com/posts/joas-antonio-dos-santos_redteamexercises-redteam-cybersecurity-activity-7214304403904724992-9wKd?utm_source=share&utm_medium=member_desktop 红队演练 #13 - Windows API Hooking 和 DLL 注入 https://www.linkedin.com/posts/joas-antonio-dos-santos_redteam-redteamexercises-cybersecurity-activity-7216952225355464704-NSRp?utm_source=share&utm_medium=member_desktop 红队演练 #14 - 直接和间接 Syscall PT.1 https://www.linkedin.com/posts/joas-antonio-dos-santos_redteam-cybersecurity-syscall-activity-7218437410651594752-h9K5?utm_source=share&utm_medium=member_desktop 红队演练 #15 - 直接 Syscall Lsass 转储 https://www.linkedin.com/posts/joas-antonio-dos-santos_redteam-redteamexercises-informationsecurity-activity-7220958774251913216-aOYp?utm_source=share&utm_medium=member_desktop 红队演练 #16 - BYOVD 技术 PT.1 https://www.linkedin.com/posts/joas-antonio-dos-santos_redteam-redteamexercises-byovd-activity-7222089315663642625-yPSU?utm_source=share&utm_medium=member_desktop 红队演练 #17 - Active Directory 枚举 PT.1 https://www.linkedin.com/posts/joas-antonio-dos-santos_redteamexercises-redteam-cybersecurity-activity-7225871406910103552-5bjN?utm_source=share&utm_medium=member_desktop 红队演练 #18 - C2 重定向器 PT.1 https://www.linkedin.com/posts/joas-antonio-dos-santos_redteam-redteamexercises-cybersecurity-activity-7227644801649676288-uYB7?utm_source=share&utm_medium=member_desktop 红队演练 #19 - Windows API 的替代、自定义或未公开实现 PT.1 https://www.linkedin.com/posts/joas-antonio-dos-santos_redteamexercises-redteamoperations-defenseevasion-activity-7229563862759403520-h9_7?utm_source=share&utm_medium=member_desktop 红队演练 #20 - 使用 Hélvio Júnior (SCMPA e SCWAP Leader, OSCE3, OSCP, eCXD) 创建的 Hookchain 技术进行 EDR 规避 https://www.linkedin.com/posts/joas-antonio-dos-santos_redteamexercises-redteam-cybersecurity-activity-7230653751382994944-qZs9?utm_source=share&utm_medium=member_desktop 红队演练 #21 - Havoc C2 Profile https://www.linkedin.com/posts/joas-antonio-dos-santos_cyberecurity-redteamexercises-redteam-activity-7236704509563985920-EpJ4?utm_source=share&utm_medium=member_desktop 红队演练 #22 - MutationGate 技术 EDR 规避（作者：Ziyi Shen） https://www.linkedin.com/posts/joas-antonio-dos-santos_redteam-redteamexercises-cybersecurity-activity-7239467211545886720-JdxV?utm_source=share&utm_medium=member_desktop 红队演练 #23 - Windows API Hashing https://www.linkedin.com/posts/joas-antonio-dos-santos_redteam-redteamexercises-cybersecurity-activity-7243227509549371392-curr?utm_source=share&utm_medium=member_desktop 红队演练 #24 - Powershell Unmanaged 或 无 Powershell 的 Powershell https://www.linkedin.com/posts/joas-antonio-dos-santos_redteam-redteamexercises-cybersecurity-activity-7245123542587981824-fwZT?utm_source=share&utm_medium=member_desktop 红队演练 #25 - UnhookingPatch（作者：Saad AHLA） https://www.linkedin.com/posts/joas-antonio-dos-santos_redteam-cybersecurity-redteamexercises-activity-7246214606099009536-eVrM?utm_source=share&utm_medium=member_desktop 红队演练 #26 - Syswhisper3 - (in)Direct Syscall 工具 https://www.linkedin.com/posts/joas-antonio-dos-santos_redteamexercises-redteam-syscalls-ugcPost-7247988959685873666-W0pQ?utm_source=share&utm_medium=member_desktop 红队演练 #27 - Syscall Hook 检测器 https://www.linkedin.com/posts/joas-antonio-dos-santos_redteamexercises-redteam-cybersecurity-activity-7249584951036133376-dc8t?utm_source=share&utm_medium=member_desktop 红队演练 #28 - Mimikatz 基础速查表 https://www.linkedin.com/posts/joas-antonio-dos-santos_redteam-redteamexercises-cybersecurity-activity-7253180441560530945-wTeF?utm_source=share&utm_medium=member_desktop 红队演练 #29 - HTML Smuggling 传递 https://www.linkedin.com/posts/joas-antonio-dos-santos_redteamexercises-redteam-cybersecurity-activity-7255911100032995328-q-W8?utm_source=share&utm_medium=member_desktop 红队演练 #30 - 用 C++ 创建简单的 Dropper PT.1 https://www.linkedin.com/posts/joas-antonio-dos-santos_redteam-redteamexercises-cybersecurity-activity-7258880173310132224-o_NG?utm_source=share&utm_medium=member_desktop 红队演练 #31 - Movfuscator（一种有趣的混淆方式，但如今可能不再有效） https://www.linkedin.com/posts/joas-antonio-dos-santos_redteamexercises-redteam-cybersecurity-activity-7262037200475721731-McHq?utm_source=share&utm_medium=member_desktop 红队演练 #32 - Donut Shellcode 生成器 PT.1 https://www.linkedin.com/posts/joas-antonio-dos-santos_redteam-redteamexercises-cybersecurity-activity-7264846631399776256-nV6Q?utm_source=share&utm_medium=member_desktop 红队演练 #33 - 带有 Kill Switch / Panic Switch 的 Shellcode Runner https://www.linkedin.com/posts/joas-antonio-dos-santos_redteamexercises-redteam-cybersecurity-activity-7268790211692670977-kFeT?utm_source=share&utm_medium=member_desktop 红队演练 #34 - 远程线程劫持 https://www.linkedin.com/posts/joas-antonio-dos-santos_redteamexercises-redteam-cybersecurity-activity-7271003348558860288-M8tu?utm_source=share&utm_medium=member_desktop 红队演练 #35 - Impacket AD 利用工具集 https://www.linkedin.com/posts/joas-antonio-dos-santos_redteam-redteamexercises-cybersecurity-activity-7278249542951616513-wcAo?utm_source=share&utm_medium=member_desktop 红队演练 #36 - Windows 持久化技术 PT.1 https://www.linkedin.com/posts/joas-antonio-dos-santos_redteam-redteamexercises-persistence-activity-7279705498055028736-vE6K?utm_source=share&utm_medium=member_desktop 红队演练 #37 - 使用 LNK 文件进行初始访问 https://www.linkedin.com/posts/joas-antonio-dos-santos_redteamexercises-redteam-cybersecurity-activity-7281414057784467457-rbzO?utm_source=share&utm_medium=member_desktop 红队演练 #38 - SliverC2 和使用 Rust 编写的 Shellcode Runner https://www.linkedin.com/posts/joas-antonio-dos-santos_redteamexercises-redteam-cybersecurity-activity-7283605426347126784-kFT_?utm_source=share&utm_mediummember_desktop 红队演练 #39 - 通过易受攻击驱动程序使用用户态程序获取 System 权限 https://www.linkedin.com/posts/joas-antonio-dos-santos_redteam-cybersecurity-redteamexercises-activity-7286550523871162368-8LhG?utm_source=share&utm_medium=member_desktop 红队演练 #40 - MacOS 中的 Dylib 注入 https://www.linkedin.com/posts/joas-antonio-dos-santos_redteamexercises-redteam-cybersecurity-activity-7288198763322511364-VT5d?utm_source=share&utm_medium=member_desktop 红队演练 #41 - 创建你的攻击性开发流水线 PT.1 MAAS（作者：Joff Thyer） https://www.linkedin.com/posts/joas-antonio-dos-santos_redteam-devops-cybersecurity-activity-7291583180384473088-PHCR?utm_source=share&utm_medium=member_desktop 红队演练 #42 - 构建你自己的 C2 PT.1 https://www.linkedin.com/posts/joas-antonio-dos-santos_redteam-redteamexercises-cybersecurity-activity-7293732841065005056-D7Yi?utm_source=share&utm_medium=member_desktop&rcm=ACoAACQUGCUBpvQerFv0ut2s0MSLX9IwuKJJrbU 红队演练 #43 - BOF 开发 PT.1 https://www.linkedin.com/posts/joas-antonio-dos-santos_redteam-redteamexercisees-commandandcontrol-activity-7296747669199216640-IZJO?utm_source=share&utm_medium=member_desktop&rcm=ACoAACQUGCUBpvQerFv0ut2s0MSLX9IwuKJJrbU 红队演练 #44 - 使用 VBA 宏进行初始访问 PT.1 https://www.linkedin.com/posts/joas-antonio-dos-santos_hacking-redteam-cybersecurity-activity-7297747587611201536-dc0p?utm_source=share&utm_medium=member_desktop&rcm=ACoAACQUGCUBpvQerFv0ut2s0MSLX9IwuKJJrbU 红队演练 #45 - 红队基础设施的监控技术 PT.1 https://www.linkedin.com/posts/joas-antonio-dos-santos_redteam-cybersecurity-redteamexercises-activity-7299449832790777858-WcWk?utm_source=share&utm_medium=member_desktop&rcm=ACoAACQUGCUBpvQerFv0ut2s0MSLX9IwuKJJrbU 红队演练 #46 - 使用 XOR 进行 Shellcode 加密 PT.1 https://www.linkedin.com/posts/joas-antonio-dos-santos_redteam-redteamexercises-shellcoderunner-activity-7301643766367416321-qXy3?utm_source=share&utm_medium=member_desktop&rcm=ACoAACQUGCUBpvQerFv0ut2s0MSLX9IwuKJJrbU 红队演练 #47 - 驱动程序漏洞研究示例 PT.1 https://www.linkedin.com/posts/joas-antonio-dos-santos_redteamexercises-redteam-cybersecurity-activity-7302757314783027200-7pVf?utm_source=share&utm_medium=member_desktop&rcm=ACoAACQUGCUBpvQerFv0ut2s0MSLX9IwuKJJrbU 红队演练 #48 - 权限提升 PT.1 - Token 篡改 https://www.linkedin.com/posts/joas-antonio-dos-santos_redteamexercises-redteam-cybersecurity-activity-7307015283930488832-Etv-?utm_source=share&utm_medium=member_desktop&rcm=ACoAACQUGCUBpvQerFv0ut2s0MSLX9IwuKJJrbU 红队演练 #49 - 绕过 DLP PT.1 https://www.linkedin.com/posts/joas-antonio-dos-santos_redteam-cybersecurity-redteamexercises-activity-7308108480517701634-xTYQ?utm_source=share&utm_medium=member_desktop&rcm=ACoAACQUGCUBpvQerFv0ut2s0MSLX9IwuKJJrbU 红队演练 #50 虚假 reCaptcha 钓鱼 https://www.linkedin.com/posts/joas-antonio-dos-santos_redteamexercises-hacking-cybersecurity-activity-7313318885938683904--qu4?utm_source=share&utm_medium=member_desktop&rcm=ACoAACQUGCUBpvQerFv0ut2s0MSLX9IwuKJJrbU 红队演练 #51 - 攻击性安全中的 MCP (Model Context Protocol) https://www.linkedin.com/posts/joas-antonio-dos-santos_redteamexercises-redteam-mcp-activity-7316907474106695681-cqjI?utm_source=share&utm_medium=member_desktop&rcm=ACoAACQUGCUBpvQerFv0ut2s0MSLX9IwuKJJrbU 红队演练 #52 - 滥用 Active Directory 证书服务 PT.1 https://www.linkedin.com/posts/joas-antonio-dos-santos_redteam-redteamexercises-cybersecurity-activity-7321354849508335617-dE4S?utm_source=share&utm_medium=member_desktop&rcm=ACoAACQUGCUBpvQerFv0ut2s0MSLX9IwuKJJrbU 红队演练 #53 - 使用 Imgpayload 将 Shellcode 隐藏在图像中 https://www.linkedin.com/posts/joas-antonio-dos-santos_redteam-redteamexercises-cybersecurity-activity-7338374705994727424-2N2W?utm_source=share&utm_medium=member_desktop&rcm=ACoAACQUGCUBpvQerFv0ut2s0MSLX9IwuKJJrbU 红队演练 #54 - 反调试技术 PT.1 https://www.linkedin.com/posts/joas-antonio-dos-santos_redteamexercises-redteam-cybersecurity-activity-7340792156208427008-GkBl?utm_source=share&utm_medium=member_desktop&rcm=ACoAACQUGCUBpvQerFv0ut2s0MSLX9IwuKJJrbU 红队演练 #55 - 使用 Modlishka 进行鱼叉式网络钓鱼 PT.3 https://www.linkedin.com/posts/joas-antonio-dos-santos_redteamexercises-redteam-cybersecurity-activity-7345914263690956800-gaAT?utm_source=share&utm_medium=member_desktop&rcm=ACoAACQUGCUBpvQerFv0ut2s0MSLX9IwuKJJrbU 红队演练 #56 - 鱼叉式网络钓鱼 OPSEC 技术 PT.1 https://www.linkedin.com/posts/joas-antonio-dos-santos_redteam-redteamexercises-cybersecurity-activity-7367782030161436673-FOMx?utm_source=share&utm_medium=member_desktop&rcm=ACoAACQUGCUBpvQerFv0ut2s0MSLX9IwuKJJrbU 红队演练 #57 - 二进制填充和超大体积压缩 https://www.linkedin.com/posts/joas-antonio-dos-santos_redteam-redteamexercises-hacking-activity-7380411230793936896-oaTQ?utm_source=share&utm_medium=member_desktop&rcm=ACoAACQUGCUBpvQerFv0ut2s0MSLX9IwuKJJrbU 红队演练 #58 - Chrome 密码转储 https://www.linkedin.com/posts/joas-antonio-dos-santos_redteam-cybersecurity-hacking-activity-7395999596381974528-lKyk?utm_source=share&utm_medium=member_desktop&rcm=ACoAACQUGCUBpvQerFv0ut2s0MSLX9IwuKJJrbU 红队演练 #59 - 运行时 IAT PT.1 https://www.linkedin.com/posts/joas-antonio-dos-santos_cybersecurity-hacking-redteamexercises-activity-7425656040685477888-1eFV?utm_source=share&utm_medium=member_desktop&rcm=ACoAACQUGCUBpvQerFv0ut2s0MSLX9IwuKJJrbU 红队演练 #60: TypeLib 劫持实现隐蔽的 Windows 持久化 https://www.linkedin.com/posts/joas-antonio-dos-santos_redteamexercises-hacking-pentest-activity-7431023656127946752-qD5h?utm_source=share&utm_medium=member_desktop&rcm=ACoAACQUGCUBpvQerFv0ut2s0MSLX9IwuKJJrbU 红队演练 #61 - 使用 UUID 字符串隐藏 Shellcode https://www.linkedin.com/posts/joas-antonio-dos-santos_redteam-redteamexercises-cybersecurity-activity-7432448994590654464-Auk5?utm_source=share&utm_medium=member_desktop&rcm=ACoAACQUGCUBpvQerFv0ut2s0MSLX9IwuKJJrbU 红队演练 #62 - 通过 IPv4 地址转换执行 Shellcode https://www.linkedin.com/posts/joas-antonio-dos-santos_redteam-redteamexercises-cybersecurity-activity-7433370972331638785-adS_?utm_source=share&utm_medium=member_desktop&rcm=ACoAACQUGCUBpvQerFv0ut2s0MSLX9IwuKJJrbU 红队演练 #63 - WASM Smuggling https://www.linkedin.com/posts/joas-antonio-dos-santos_redteam-redteamexercises-cybersecurity-activity-7440564947249516546-iUhf?utm_source=share&utm_medium=member_desktop&rcm=ACoAACQUGCUBpvQerFv0ut2s0MSLX9IwuKJJrbU 红队演练 #64 - Kernel Callback Table 注入 https://www.linkedin.com/posts/joas-antonio-dos-santos_red-team-exercises-64-kernel-callback-activity-7441913861944864770-l6hF?utm_source=share&utm_medium=member_desktop&rcm=ACoAACQUGCUBpvQerFv0ut2s0MSLX9IwuKJJrbU 红队演练 #65 - 通过手动 DLL 映射进行 EDR Unhooking https://www.linkedin.com/posts/joas-antonio-dos-santos_redteam-redteamexercises-cybersecurity-ugcPost-7454273610090737664-DVxP?utm_source=share&utm_medium=member_desktop&rcm=ACoAACQUGCUBpvQerFv0ut2s0MSLX9IwuKJJrbU 红队演练 #66 - 黄金证书攻击（AD CS 持久化） https://www.linkedin.com/posts/joas-antonio-dos-santos_redteam-redteamexercises-cybersecurity-share-7456361008526336000-8AAl?utm_source=share&utm_medium=member_desktop&rcm=ACoAACQUGCUBpvQerFv0ut2s0MSLX9IwuKJJrbU # 红队演练-OSINT 红队演练 OSINT - #1 使用 sitedorks 工具进行 Dorks 搜索 https://www.linkedin.com/posts/joas-antonio-dos-santos_cybersecurity-redteamexercises-osintexercises-activity-725373672285672961-SKDq?utm_source=share&utm_medium=member_desktop 红队演练 OSINT #2 - 凭据泄露：利用失陷数据情报探测目标 PT.1 https://www.linkedin.com/posts/joas-antonio-dos-santos_cybersecurity-osint-osintforredteam-activity-7257723022843781120-Otii?utm_source=share&utm_medium=member_desktop 红队演练 OSINT #3 - Whois 与域名解析 https://www.linkedin.com/posts/joas-antonio-dos-santos_osintexercises-redteam-cybersecurity-activity-7265813615121727491-PKos?utm_source=share&utm_medium=member_desktop 红队演练 OSINT #4 - 深网/暗网搜索 PT.1 https://www.linkedin.com/posts/joas-antonio-dos-santos_osint-redteam-cybersecurity-activity-7275701771451199488-uIxe?utm_source=share&utm_medium=member_desktop

标签：AI合规, AMSI Bypass, DC, DNS 反向解析, ETW, ETW Evasion, GitHub开源, Loader, meg, Nginx, OpenCanary, PPL Bypass, Shellcode, Terraform 安全, 信息安全, 初始访问, 协议分析, 可视化界面, 域控, 技术调研, 攻击模拟, 数据展示, 权限提升, 私有化部署, 端点可见性, 红队, 网络安全, 网络安全课程, 重定向器, 防御规避, 隐私保护, 驱动签名利用, 鱼叉式钓鱼, 黑客技术