#RedTeam
Assessment, Analysis, and Hardening of a vulnerable system. This report includes a Red Team Security Assessment, a Blue Team Log Analysis, and Hardening and Mitigation Strategies.
https://github.com/joshblack07/UR-Cyber-Security-Red_vs_Blue
@BlueRedTeam
Assessment, Analysis, and Hardening of a vulnerable system. This report includes a Red Team Security Assessment, a Blue Team Log Analysis, and Hardening and Mitigation Strategies.
https://github.com/joshblack07/UR-Cyber-Security-Red_vs_Blue
@BlueRedTeam
GitHub
GitHub - joshblack07/UR-Cyber-Security-Red_vs_Blue: Assessment, Analysis, and Hardening of a vulnerable system. This report includes…
Assessment, Analysis, and Hardening of a vulnerable system. This report includes a Red Team Security Assessment, a Blue Team Log Analysis, and Hardening and Mitigation Strategies. - joshblack07/UR-...
#exploit
CVE-2021-41765:
Unauthenticated SQLi to RCE Chain
https://www.horizon3.ai/multiple-vulnerabilities-in-resourcespace
@BlueRedTeam
CVE-2021-41765:
Unauthenticated SQLi to RCE Chain
https://www.horizon3.ai/multiple-vulnerabilities-in-resourcespace
@BlueRedTeam
Horizon3.ai
%%noscript%% %%page%% %%sep%% %%sitename%% | Blog
Advisory for CVE-2021-41765, a critical SQL injection vulnerability leading to remote code execution, by the Horizon3.ai red team.
#Offensive_security
The Kerberos Key List Attack:
The return of the Read Only Domain Controllers
https://www.secureauth.com/blog/the-kerberos-key-list-attack-the-return-of-the-read-only-domain-controllers
@BlueRedTeam
The Kerberos Key List Attack:
The return of the Read Only Domain Controllers
https://www.secureauth.com/blog/the-kerberos-key-list-attack-the-return-of-the-read-only-domain-controllers
@BlueRedTeam
SecureAuth
Resource Hub
Explore SecureAuth's resources to learn more about better workforce and customer identity and access management.
#RedTeam
UnhookMe is an universal Windows API resolver & unhooker addressing problem of invoking unmonitored system calls from within of your Red Teams malware
https://github.com/mgeeky/UnhookMe
@BlueRedTeam
UnhookMe is an universal Windows API resolver & unhooker addressing problem of invoking unmonitored system calls from within of your Red Teams malware
https://github.com/mgeeky/UnhookMe
@BlueRedTeam
GitHub
GitHub - mgeeky/UnhookMe: UnhookMe is an universal Windows API resolver & unhooker addressing problem of invoking unmonitored system…
UnhookMe is an universal Windows API resolver & unhooker addressing problem of invoking unmonitored system calls from within of your Red Teams malware - mgeeky/UnhookMe
#BlueTeam_Techniques
#BlueTeam
Security Policy Templates
https://www.sans.org/information-security-policy/?per-page=100
@BlueRedTeam
#BlueTeam
Security Policy Templates
https://www.sans.org/information-security-policy/?per-page=100
@BlueRedTeam
SANS Institute
Cybersecurity Policies and Standards | SANS Institute
In partnership, the Cybersecurity Risk Foundation (CRF) and SANS have created a library of free cybersecurity policy templates to help organizations quickly define, document, and deploy key cybersecurity policies.
#RedTeam
1. Becoming A Super Admin In Someone Elses Gsuite Organization And Taking It Over
https://secreltyhiddenwriteups.blogspot.com/2021/11/becoming-super-admin-in-someone-elses.html
2. Dumping LSASS has never been so stealthy...
https://github.com/helpsystems/nanodump
@BlueRedTeam
1. Becoming A Super Admin In Someone Elses Gsuite Organization And Taking It Over
https://secreltyhiddenwriteups.blogspot.com/2021/11/becoming-super-admin-in-someone-elses.html
2. Dumping LSASS has never been so stealthy...
https://github.com/helpsystems/nanodump
@BlueRedTeam
Blogspot
Becoming A Super Admin In Someone Elses Gsuite Organization And Taking It Over
Hello All! Long time since I have posted here :) As most of you know I am planning on writing up a lot of my research I have done through M...
#exploit
+ CVE-2021-37999:
Google Chrome NTP XSS via Google Search CSRF
https://bugs.chromium.org/p/chromium/issues/detail?id=1251541
+ CVE-2021-38666:
Remote Desktop Client RCE Vulnerability
https://github.com/DarkSprings/CVE-2021-38666-poc
@BlueRedTeam
+ CVE-2021-37999:
Google Chrome NTP XSS via Google Search CSRF
https://bugs.chromium.org/p/chromium/issues/detail?id=1251541
+ CVE-2021-38666:
Remote Desktop Client RCE Vulnerability
https://github.com/DarkSprings/CVE-2021-38666-poc
@BlueRedTeam
GitHub
GitHub - DarkSprings/CVE-2021-38666-poc
Contribute to DarkSprings/CVE-2021-38666-poc development by creating an account on GitHub.
#RedTeam
Red Team Tools used for Pros Versus Joes CTF Games. Here for Blue Teams to understand the pwnage.
https://github.com/iDigitalFlame/PvJ-CTF-RedTools
@BlueRedTeam
Red Team Tools used for Pros Versus Joes CTF Games. Here for Blue Teams to understand the pwnage.
https://github.com/iDigitalFlame/PvJ-CTF-RedTools
@BlueRedTeam
GitHub
GitHub - iDigitalFlame/PvJ-CTF-RedTools: Red Team Tools used for Pros Versus Joes CTF Games. Here for Blue Teams to understand…
Red Team Tools used for Pros Versus Joes CTF Games. Here for Blue Teams to understand the pwnage. - iDigitalFlame/PvJ-CTF-RedTools
Forwarded from IoT/ICS Security & Malware
Necro Python Botnet
Goes After Vulnerable VisualTools DVR
https://blogs.juniper.net/en-us/threat-research/necro-python-botnet-goes-after-vulnerable-visualtools-dvr
#Malware_analysis
@iotpenetrationtesting
Goes After Vulnerable VisualTools DVR
https://blogs.juniper.net/en-us/threat-research/necro-python-botnet-goes-after-vulnerable-visualtools-dvr
#Malware_analysis
@iotpenetrationtesting
Juniper Networks
Necro Python Botnet Goes After Vulnerable VisualTools DVR
In the last week of September 2021, Juniper Threat Labs detected a new activity from Necro Python (a.k.a N3Cr0m0rPh , Freakout, Python.IRCBot) that is actively exploiting some services, including a
#Threat_Research
A Peek into Top-Level Domains and Cybercrime
https://unit42.paloaltonetworks.com/top-level-domains-cybercrime
@BlueRedTeam
A Peek into Top-Level Domains and Cybercrime
https://unit42.paloaltonetworks.com/top-level-domains-cybercrime
@BlueRedTeam
#Red Team
Red Team Toolkit for CTF's and Learning for Windows Offense
https://github.com/megatop1/RedTeam
@BlueRedTeam
Red Team Toolkit for CTF's and Learning for Windows Offense
https://github.com/megatop1/RedTeam
@BlueRedTeam
GitHub
GitHub - megatop1/RedTeam: Red Team Toolkit for CTF's and Learning for Windows Offense
Red Team Toolkit for CTF's and Learning for Windows Offense - GitHub - megatop1/RedTeam: Red Team Toolkit for CTF's and Learning for Windows Offense
#exploit
CVE-2021-34484:
Windows User Profile Service 0day LPE
https://github.com/klinix5/ProfSvcLPE/blob/main/write-up.docx
]-> PoC:
https://github.com/klinix5/ProfSvcLPE/tree/main/DoubleJunctionEoP
@BlueRedTeam
CVE-2021-34484:
Windows User Profile Service 0day LPE
https://github.com/klinix5/ProfSvcLPE/blob/main/write-up.docx
]-> PoC:
https://github.com/klinix5/ProfSvcLPE/tree/main/DoubleJunctionEoP
@BlueRedTeam
#BlueTeam
Program for determining types of files for Windows,
Linux, MacOS
https://github.com/horsicq/Detect-It-Easy
@BlueRedTeam
Program for determining types of files for Windows,
Linux, MacOS
https://github.com/horsicq/Detect-It-Easy
@BlueRedTeam
GitHub
GitHub - horsicq/Detect-It-Easy: Program for determining types of files for Windows, Linux and MacOS.
Program for determining types of files for Windows, Linux and MacOS. - horsicq/Detect-It-Easy
#RedTeam
Red Team Toolkit for CTF's and Learning for Windows Offense
https://github.com/redcanaryco/invoke-atomicredteam
@BlueRedTeam
Red Team Toolkit for CTF's and Learning for Windows Offense
https://github.com/redcanaryco/invoke-atomicredteam
@BlueRedTeam
GitHub
GitHub - redcanaryco/invoke-atomicredteam: Invoke-AtomicRedTeam is a PowerShell module to execute tests as defined in the [atomics…
Invoke-AtomicRedTeam is a PowerShell module to execute tests as defined in the [atomics folder](https://github.com/redcanaryco/atomic-red-team/tree/master/atomics) of Red Canary's Atomic Re...
#Threat_Research
+ Android WebView and Its Vulnerabilities
https://blog.securelayer7.net/learn-about-android-webview-and-its-vulnerabilities
+ Groups Target Alibaba ECS Instances for Cryptojacking
https://www.trendmicro.com/en_us/research/21/k/groups-target-alibaba-ecs-instances-for-cryptojacking.html
@BlueRedTeam
+ Android WebView and Its Vulnerabilities
https://blog.securelayer7.net/learn-about-android-webview-and-its-vulnerabilities
+ Groups Target Alibaba ECS Instances for Cryptojacking
https://www.trendmicro.com/en_us/research/21/k/groups-target-alibaba-ecs-instances-for-cryptojacking.html
@BlueRedTeam
SecureLayer7 - Offensive Security, API Scanner & Attack Surface Management
Learn about Android WebView and its Vulnerabilities
What is Android WebView? Android WebView, an android system component, allows android apps to load or display content remotely. Note: It isn’t a full fletched browser: It is just a part of the...
#exploit
CVE-2021-43616:
NPM < 8.1.3 CI Command package-lock.json RCE
https://github.com/npm/cli/issues/2701
]-> https://github.com/icatalina/CVE-2021-43616
@BlueRedTeam
CVE-2021-43616:
NPM < 8.1.3 CI Command package-lock.json RCE
https://github.com/npm/cli/issues/2701
]-> https://github.com/icatalina/CVE-2021-43616
@BlueRedTeam
GitHub
[BUG] `npm ci` succeeds when `package-lock.json` doesn't match `package.json` · Issue #2701 · npm/cli
Current Behavior: npm ci does not fail when package.json doesn't match package-lock.json Expected Behavior: npm ci refuses to install when the lock file is invalid. Steps To Reproduce: Manually...