每日攻防资讯简报[May.7th]

1.MicroBackdoor：适用于Windows目标的小型便捷C2工具

https://github.com/Cr4sh/MicroBackdoor

2.Priv2Admin：Windows提权工具

https://github.com/gtworek/Priv2Admin

3.KubeArmor：可感知容器的运行时安全实施系统，可在系统级别限制容器的行为（例如进程执行，文件访问，联网操作和资源利用）

https://github.com/accuknox/KubeArmor

4.Mystikal：macOS初始访问有效负载生成器

https://github.com/D00MFist/Mystikal

https://posts.specterops.io/introducing-mystikal-4fbd2f7ae520

5.puredns：子域爆破工具

https://github.com/d3mondev/puredns

6.DcRat：C#编写的简易远程工具

https://github.com/qwqdanchun/DcRat

7.DoubleStar：A personalized/enhanced re-creation of the Darkhotel "Double Star" APT exploit chain with a focus on Windows 8.1 and mixed with some of my own techniques

https://github.com/forrest-orr/DoubleStar

8.nginxpwner：寻找常见Nginx错误配置和漏洞的简单工具

https://github.com/stark0de/nginxpwner

9.pentest_lab：使用docker-compose进行本地渗透测试的实验室

https://github.com/oliverwiegers/pentest_lab

10.vaf：非常高级的Web Fuzzer

https://github.com/d4rckh/vaf

11.paragon：Red Team互动平台，旨在统一简单UI后的进攻工具

https://github.com/KCarretto/paragon

12.Storm-Breaker：使用Ngrok的工具社交工程，访问网络摄像头和麦克风以及Os密码收集器和位置查找器

https://github.com/ultrasecurity/Storm-Breaker

1.窃密软件Panda Stealer，通过垃圾邮件发送，窃取加密货币钱包

https://www.trendmicro.com/en_us/research/21/e/new-panda-stealer-targets-cryptocurrency-wallets-.html

2.TunnelSnake行动：在野发现的针对Windows的Rootkit Moriya，使攻击者可以秘密监视受害者的网络流量，并将命令发送给受感染的主机