#BlueTeam_Techniques
#BlueTeam
1. A Zeek package to detect CVE-2021-42292,
a Microsoft Excel local privilege escalation exploit
https://github.com/corelight/CVE-2021-42292
2. RPC Firewall
https://github.com/zeronetworks/rpcfirewall
@BlueRedTeam
#BlueTeam
1. A Zeek package to detect CVE-2021-42292,
a Microsoft Excel local privilege escalation exploit
https://github.com/corelight/CVE-2021-42292
2. RPC Firewall
https://github.com/zeronetworks/rpcfirewall
@BlueRedTeam
GitHub
GitHub - corelight/CVE-2021-42292: A Zeek package to detect CVE-2021-42292, a Microsoft Excel local privilege escalation exploit.
A Zeek package to detect CVE-2021-42292, a Microsoft Excel local privilege escalation exploit. - corelight/CVE-2021-42292
Adaptive DLL hijacking/Dynamic export forwarding
https://github.com/monoxgas/Koppeling
https://github.com/monoxgas/Koppeling
GitHub
GitHub - monoxgas/Koppeling: Adaptive DLL hijacking / dynamic export forwarding
Adaptive DLL hijacking / dynamic export forwarding - monoxgas/Koppeling
#RedTeam
#BlueTeam
Red Team vs Blue Team Project for my Cyber Security Bootcamp.
URL:https://github.com/Softterier/COMPETENCIAS
@BlueRedTeam
#BlueTeam
Red Team vs Blue Team Project for my Cyber Security Bootcamp.
URL:https://github.com/Softterier/COMPETENCIAS
@BlueRedTeam
#RedTeam
Assessment, Analysis, and Hardening of a vulnerable system. This report includes a Red Team Security Assessment, a Blue Team Log Analysis, and Hardening and Mitigation Strategies.
https://github.com/joshblack07/UR-Cyber-Security-Red_vs_Blue
@BlueRedTeam
Assessment, Analysis, and Hardening of a vulnerable system. This report includes a Red Team Security Assessment, a Blue Team Log Analysis, and Hardening and Mitigation Strategies.
https://github.com/joshblack07/UR-Cyber-Security-Red_vs_Blue
@BlueRedTeam
GitHub
GitHub - joshblack07/UR-Cyber-Security-Red_vs_Blue: Assessment, Analysis, and Hardening of a vulnerable system. This report includes…
Assessment, Analysis, and Hardening of a vulnerable system. This report includes a Red Team Security Assessment, a Blue Team Log Analysis, and Hardening and Mitigation Strategies. - joshblack07/UR-...
#exploit
CVE-2021-41765:
Unauthenticated SQLi to RCE Chain
https://www.horizon3.ai/multiple-vulnerabilities-in-resourcespace
@BlueRedTeam
CVE-2021-41765:
Unauthenticated SQLi to RCE Chain
https://www.horizon3.ai/multiple-vulnerabilities-in-resourcespace
@BlueRedTeam
Horizon3.ai
%%noscript%% %%page%% %%sep%% %%sitename%% | Blog
Advisory for CVE-2021-41765, a critical SQL injection vulnerability leading to remote code execution, by the Horizon3.ai red team.
#Offensive_security
The Kerberos Key List Attack:
The return of the Read Only Domain Controllers
https://www.secureauth.com/blog/the-kerberos-key-list-attack-the-return-of-the-read-only-domain-controllers
@BlueRedTeam
The Kerberos Key List Attack:
The return of the Read Only Domain Controllers
https://www.secureauth.com/blog/the-kerberos-key-list-attack-the-return-of-the-read-only-domain-controllers
@BlueRedTeam
SecureAuth
Resource Hub
Explore SecureAuth's resources to learn more about better workforce and customer identity and access management.
#RedTeam
UnhookMe is an universal Windows API resolver & unhooker addressing problem of invoking unmonitored system calls from within of your Red Teams malware
https://github.com/mgeeky/UnhookMe
@BlueRedTeam
UnhookMe is an universal Windows API resolver & unhooker addressing problem of invoking unmonitored system calls from within of your Red Teams malware
https://github.com/mgeeky/UnhookMe
@BlueRedTeam
GitHub
GitHub - mgeeky/UnhookMe: UnhookMe is an universal Windows API resolver & unhooker addressing problem of invoking unmonitored system…
UnhookMe is an universal Windows API resolver & unhooker addressing problem of invoking unmonitored system calls from within of your Red Teams malware - mgeeky/UnhookMe
#BlueTeam_Techniques
#BlueTeam
Security Policy Templates
https://www.sans.org/information-security-policy/?per-page=100
@BlueRedTeam
#BlueTeam
Security Policy Templates
https://www.sans.org/information-security-policy/?per-page=100
@BlueRedTeam
SANS Institute
Cybersecurity Policies and Standards | SANS Institute
In partnership, the Cybersecurity Risk Foundation (CRF) and SANS have created a library of free cybersecurity policy templates to help organizations quickly define, document, and deploy key cybersecurity policies.
#RedTeam
1. Becoming A Super Admin In Someone Elses Gsuite Organization And Taking It Over
https://secreltyhiddenwriteups.blogspot.com/2021/11/becoming-super-admin-in-someone-elses.html
2. Dumping LSASS has never been so stealthy...
https://github.com/helpsystems/nanodump
@BlueRedTeam
1. Becoming A Super Admin In Someone Elses Gsuite Organization And Taking It Over
https://secreltyhiddenwriteups.blogspot.com/2021/11/becoming-super-admin-in-someone-elses.html
2. Dumping LSASS has never been so stealthy...
https://github.com/helpsystems/nanodump
@BlueRedTeam
Blogspot
Becoming A Super Admin In Someone Elses Gsuite Organization And Taking It Over
Hello All! Long time since I have posted here :) As most of you know I am planning on writing up a lot of my research I have done through M...
#exploit
+ CVE-2021-37999:
Google Chrome NTP XSS via Google Search CSRF
https://bugs.chromium.org/p/chromium/issues/detail?id=1251541
+ CVE-2021-38666:
Remote Desktop Client RCE Vulnerability
https://github.com/DarkSprings/CVE-2021-38666-poc
@BlueRedTeam
+ CVE-2021-37999:
Google Chrome NTP XSS via Google Search CSRF
https://bugs.chromium.org/p/chromium/issues/detail?id=1251541
+ CVE-2021-38666:
Remote Desktop Client RCE Vulnerability
https://github.com/DarkSprings/CVE-2021-38666-poc
@BlueRedTeam
GitHub
GitHub - DarkSprings/CVE-2021-38666-poc
Contribute to DarkSprings/CVE-2021-38666-poc development by creating an account on GitHub.
#RedTeam
Red Team Tools used for Pros Versus Joes CTF Games. Here for Blue Teams to understand the pwnage.
https://github.com/iDigitalFlame/PvJ-CTF-RedTools
@BlueRedTeam
Red Team Tools used for Pros Versus Joes CTF Games. Here for Blue Teams to understand the pwnage.
https://github.com/iDigitalFlame/PvJ-CTF-RedTools
@BlueRedTeam
GitHub
GitHub - iDigitalFlame/PvJ-CTF-RedTools: Red Team Tools used for Pros Versus Joes CTF Games. Here for Blue Teams to understand…
Red Team Tools used for Pros Versus Joes CTF Games. Here for Blue Teams to understand the pwnage. - iDigitalFlame/PvJ-CTF-RedTools
Forwarded from IoT/ICS Security & Malware
Necro Python Botnet
Goes After Vulnerable VisualTools DVR
https://blogs.juniper.net/en-us/threat-research/necro-python-botnet-goes-after-vulnerable-visualtools-dvr
#Malware_analysis
@iotpenetrationtesting
Goes After Vulnerable VisualTools DVR
https://blogs.juniper.net/en-us/threat-research/necro-python-botnet-goes-after-vulnerable-visualtools-dvr
#Malware_analysis
@iotpenetrationtesting
Juniper Networks
Necro Python Botnet Goes After Vulnerable VisualTools DVR
In the last week of September 2021, Juniper Threat Labs detected a new activity from Necro Python (a.k.a N3Cr0m0rPh , Freakout, Python.IRCBot) that is actively exploiting some services, including a
#Threat_Research
A Peek into Top-Level Domains and Cybercrime
https://unit42.paloaltonetworks.com/top-level-domains-cybercrime
@BlueRedTeam
A Peek into Top-Level Domains and Cybercrime
https://unit42.paloaltonetworks.com/top-level-domains-cybercrime
@BlueRedTeam