【Judge.me】 Log4j RCE https://hackerone.com/reports/1427589
【Acronis 】通过日志文件泄露管理员密码 https://hackerone.com/reports/1121972
进程注入 https://www.netero1010-securitylab.com/eavsion/alternative-process-injection
HTTP参数污染 https://medium.com/geekculture/http-parameter-pollution-981af7894c6e
Active Directory 横向移动 https://research.splunk.com/stories/active_directory_lateral_movement/
通过窃取重复使用的安全访问令牌来逃避防御、提权。 https://www.ired.team/offensive-security/privilege-escalation/t1134-access-token-manipulation
HSMX INTERNET 网关利用 https://web.archive.org/web/20211123141312/http://etizazmohsin.com/hsmx.html
