参考链接
========================================

Windows
----------------------------------------
- `Windows内网渗透提权 <https://www.freebuf.com/articles/system/114731.html>`_
- `文件寄生 NTFS文件流实际应用 <https://gh0st.cn/archives/2017-03-29/1>`_
- `Windows中常见后门持久化方法总结  <https://xz.aliyun.com/t/6461>`_
- `LOLBAS <https://lolbas-project.github.io/#>`_
- `渗透技巧——Windows单条日志的删除 <https://3gstudent.github.io/3gstudent.github.io/%E6%B8%97%E9%80%8F%E6%8A%80%E5%B7%A7-Windows%E5%8D%95%E6%9D%A1%E6%97%A5%E5%BF%97%E7%9A%84%E5%88%A0%E9%99%A4/>`_
- `windows取证 文件执行记录的获取和清除  <https://xz.aliyun.com/t/7155>`_
- `Getting DNS Client Cached Entries with CIM/WMI <https://www.darkoperator.com/blog/2020/1/14/getting-dns-client-cached-entries-with-cimwmi>`_

域渗透
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
- `绕过域账户登录失败次数的限制 <https://nosec.org/home/detail/2510.html>`_
- `域渗透总结 <https://mp.weixin.qq.com/s?__biz=Mzg3NzE5OTA5NQ==&mid=2247483807&idx=1&sn=59be50aa5cc735f055db596269a857ce>`_
- `got domain admin on internal network <https://medium.com/@adam.toscher/top-five-ways-i-got-domain-admin-on-your-internal-network-before-lunch-2018-edition-82259ab73aaa>`_
- Mitigating Pass-the-Hash (PtH) Attacks and Other Credential Theft Techniques <http://download.microsoft.com/download/7/7/A/77ABC5BD-8320-41AF-863C-6ECFB10CB4B9/Mitigating%20Pass-the-Hash%20(PtH)%20Attacks%20and%20Other%20Credential%20Theft%20Techniques_English.pdf>`_

RedTeam
----------------------------------------
- `RedTeamManual <https://github.com/klionsec/RedTeamManual>`_

内网
----------------------------------------
- `内网安全检查 <https://xz.aliyun.com/t/2354>`_
- `我所知道的内网渗透 <https://www.anquanke.com/post/id/92646>`_
- `从零开始内网渗透学习 <https://github.com/l3m0n/pentest_study>`_
- `渗透技巧 从Github下载安装文件 <https://xz.aliyun.com/t/1649/>`_
- `An introduction to privileged file operation abuse on Windows <https://offsec.provadys.com/intro-to-file-operation-abuse-on-Windows.html>`_
- `脚本维权tips <https://xz.aliyun.com/t/4522>`_