#exploit
CVE-2021-42325:
Froxlor Server Management Panel 0.10.28/0.10.29.x - RCE
https://www.exploit-db.com/exploits/50502
@BlueRedTeam
CVE-2021-42325:
Froxlor Server Management Panel 0.10.28/0.10.29.x - RCE
https://www.exploit-db.com/exploits/50502
@BlueRedTeam
Exploit Database
Froxlor 0.10.29.1 - SQL Injection (Authenticated)
Froxlor 0.10.29.1 - SQL Injection (Authenticated). CVE-2021-42325 . webapps exploit for PHP platform
#RedTeam
Red Teaming / Pentesting challenges for my Advent-Of-Code 2021.
https://github.com/fumamatar/Red-Team-Advent-of-Code
@BlueRedTeam
Red Teaming / Pentesting challenges for my Advent-Of-Code 2021.
https://github.com/fumamatar/Red-Team-Advent-of-Code
@BlueRedTeam
GitHub
GitHub - eversinc33/Red-Team-Advent-of-Code: Red Teaming / Pentesting challenges for my Advent-Of-Code 2021.
Red Teaming / Pentesting challenges for my Advent-Of-Code 2021. - eversinc33/Red-Team-Advent-of-Code
#BlueTeam
Detecting Anomalous TLS Certificates
with the Half-Space-Trees Algorithm
https://research.nccgroup.com/2021/12/02/encryption-does-not-equal-invisibility-detecting-anomalous-tls-certificates-with-the-half-space-trees-algorithm
@BlueRedTeam
Detecting Anomalous TLS Certificates
with the Half-Space-Trees Algorithm
https://research.nccgroup.com/2021/12/02/encryption-does-not-equal-invisibility-detecting-anomalous-tls-certificates-with-the-half-space-trees-algorithm
@BlueRedTeam
#RedTeam
Red Team's SIEM - tool for Red Teams used for tracking and alarming about Blue Team activities as well as better usability in long term operations.
https://github.com/Nerdarena2/Have-You-Been-An-Avenger-Fan-Or-An-X-Men-Fan-
@BlueRedTeam
Red Team's SIEM - tool for Red Teams used for tracking and alarming about Blue Team activities as well as better usability in long term operations.
https://github.com/Nerdarena2/Have-You-Been-An-Avenger-Fan-Or-An-X-Men-Fan-
@BlueRedTeam
CVE-2021
Python tool for exploiting CVE-2021-35616
https://github.com/Ofirhamam/OracleOTM
@BlueRedTeam
Python tool for exploiting CVE-2021-35616
https://github.com/Ofirhamam/OracleOTM
@BlueRedTeam
GitHub
GitHub - Ofirhamam/OracleOTM: Python tool for exploiting CVE-2021-35616
Python tool for exploiting CVE-2021-35616 . Contribute to Ofirhamam/OracleOTM development by creating an account on GitHub.
CVE-2021
CVE-2021-42008: Exploiting A 16-Year-Old Vulnerability In The Linux 6pack Driver
https://github.com/0xdevil/CVE-2021-42008
@BlueRedTeam
CVE-2021-42008: Exploiting A 16-Year-Old Vulnerability In The Linux 6pack Driver
https://github.com/0xdevil/CVE-2021-42008
@BlueRedTeam
GitHub
GitHub - 0xdevil/CVE-2021-42008: CVE-2021-42008: Exploiting A 16-Year-Old Vulnerability In The Linux 6pack Driver
CVE-2021-42008: Exploiting A 16-Year-Old Vulnerability In The Linux 6pack Driver - 0xdevil/CVE-2021-42008
#RedTeam
Exploits Scripts and other tools that are useful during Penetration-Testing or Red Team engagement
https://github.com/elloa-uea/projeto-pratico-3-rna-pp3-team-equilibrium
@BlueRedTeam
Exploits Scripts and other tools that are useful during Penetration-Testing or Red Team engagement
https://github.com/elloa-uea/projeto-pratico-3-rna-pp3-team-equilibrium
@BlueRedTeam
GitHub
GitHub - elloa-uea/projeto-pratico-3-rna-pp3-team-equilibrium: Análise e predição do tipo de cobertura vegetal (Roosevelt National…
Análise e predição do tipo de cobertura vegetal (Roosevelt National Forest) utilizando redes neurais multicamadas - GitHub - elloa-uea/projeto-pratico-3-rna-pp3-team-equilibrium: Análise e prediçã...
#exploit
CVE-2021-42008:
Linux Kernel Vulnerability in NetApp Products
https://syst3mfailure.io/sixpack-slab-out-of-bounds
2. A simple python PoC to exploit CVE-2021-26814 and gain RCE on Wazuh Manager (v.4.0.0-4.0.3) through the API service
https://github.com/WickdDavid/CVE-2021-26814
@BlueRedTeam
CVE-2021-42008:
Linux Kernel Vulnerability in NetApp Products
https://syst3mfailure.io/sixpack-slab-out-of-bounds
2. A simple python PoC to exploit CVE-2021-26814 and gain RCE on Wazuh Manager (v.4.0.0-4.0.3) through the API service
https://github.com/WickdDavid/CVE-2021-26814
@BlueRedTeam
[CVE-2021-42008] Exploiting A 16-Year-Old Vulnerability In The Linux 6pack Driver
CVE-2021-42008 is a Slab-Out-Of-Bounds Write vulnerability in the Linux 6pack driver caused by a missing size validation check in the decode_data function. A malicious input from a process with CAP_NET_ADMIN capability can lead to an overflow in the cooked_buf…
#BlueTeam
1. Protecting Windows protected processes
https://www.elastic.co/blog/protecting-windows-protected-processes
2. Detecting and blocking unknown KnownDlls
https://www.elastic.co/blog/detect-block-unknown-knowndlls-windows-acl-hardening-attacks-cache-poisoning-escalation
@BlueRedTeam
1. Protecting Windows protected processes
https://www.elastic.co/blog/protecting-windows-protected-processes
2. Detecting and blocking unknown KnownDlls
https://www.elastic.co/blog/detect-block-unknown-knowndlls-windows-acl-hardening-attacks-cache-poisoning-escalation
@BlueRedTeam
Elastic Blog
Protecting Windows protected processes
This blog is the first in a two-part series discussing a userland Windows exploit that enables attackers to perform highly privileged actions that typically require a kernel driver....
CVE-2021
Unauthenticated Sensitive Information Disclosure (CVE-2021–38314).
https://github.com/oxctdev/CVE-2021-38314
@BlueRedTeam
Unauthenticated Sensitive Information Disclosure (CVE-2021–38314).
https://github.com/oxctdev/CVE-2021-38314
@BlueRedTeam
GitHub
GitHub - orangmuda/CVE-2021-38314: Unauthenticated Sensitive Information Disclosure (CVE-2021–38314).
Unauthenticated Sensitive Information Disclosure (CVE-2021–38314). - orangmuda/CVE-2021-38314
CVE-2021
Microsoft Exchange ProxyLogon PoC (CVE-2021-26855)
https://github.com/thau0x01/poc_proxylogon
@BlueRedTeam
Microsoft Exchange ProxyLogon PoC (CVE-2021-26855)
https://github.com/thau0x01/poc_proxylogon
@BlueRedTeam
GitHub
GitHub - thau0x01/poc_proxylogon: Microsoft Exchange ProxyLogon PoC (CVE-2021-26855)
Microsoft Exchange ProxyLogon PoC (CVE-2021-26855) - thau0x01/poc_proxylogon
CVE-2021
N-DAY VULNERABILITY RESEARCH (FROM PATCH TO EXPLOIT ANALYSIS OF CVE-2021-41081)
https://github.com/sudaiv/CVE-2021-41081
@BlueRedTeam
N-DAY VULNERABILITY RESEARCH (FROM PATCH TO EXPLOIT ANALYSIS OF CVE-2021-41081)
https://github.com/sudaiv/CVE-2021-41081
@BlueRedTeam
GitHub
GitHub - sudaiv/CVE-2021-41081: N-DAY VULNERABILITY RESEARCH (FROM PATCH TO EXPLOIT ANALYSIS OF CVE-2021-41081)
N-DAY VULNERABILITY RESEARCH (FROM PATCH TO EXPLOIT ANALYSIS OF CVE-2021-41081) - GitHub - sudaiv/CVE-2021-41081: N-DAY VULNERABILITY RESEARCH (FROM PATCH TO EXPLOIT ANALYSIS OF CVE-2021-41081)
#RedTeam
Xegtor - Network Attack & Scanning Tool for Red Teaming and Ethical Hacking
https://github.com/nxenon/xegtor
@BlueRedTeam
Xegtor - Network Attack & Scanning Tool for Red Teaming and Ethical Hacking
https://github.com/nxenon/xegtor
@BlueRedTeam
GitHub
GitHub - nxenon/xegtor: Xegtor - Network Attack And Scanning Tool
Xegtor - Network Attack And Scanning Tool. Contribute to nxenon/xegtor development by creating an account on GitHub.
#exploit
CVE-2021-38314:
The Gutenberg Template Library & Redux Framework plugin <=4.2.11 for WordPress - Unauthenticated Sensitive Information Disclosure
https://github.com/oxctdev/CVE-2021-38314
@BlueRedTeam
CVE-2021-38314:
The Gutenberg Template Library & Redux Framework plugin <=4.2.11 for WordPress - Unauthenticated Sensitive Information Disclosure
https://github.com/oxctdev/CVE-2021-38314
@BlueRedTeam
GitHub
GitHub - orangmuda/CVE-2021-38314: Unauthenticated Sensitive Information Disclosure (CVE-2021–38314).
Unauthenticated Sensitive Information Disclosure (CVE-2021–38314). - orangmuda/CVE-2021-38314
CVE-2021
CVE-2021-1675 LPE PoC in Nim (PrintNightmare Local Privilege Escalation)
https://github.com/fumamatar/NimNightmare-
@BlueRedTeam
CVE-2021-1675 LPE PoC in Nim (PrintNightmare Local Privilege Escalation)
https://github.com/fumamatar/NimNightmare-
@BlueRedTeam
GitHub
GitHub - eversinc33/NimNightmare: CVE-2021-1675 LPE PoC in Nim (PrintNightmare Local Privilege Escalation)
CVE-2021-1675 LPE PoC in Nim (PrintNightmare Local Privilege Escalation) - GitHub - eversinc33/NimNightmare: CVE-2021-1675 LPE PoC in Nim (PrintNightmare Local Privilege Escalation)
👍1
CVE-2021
CVE-2021-1675 LPE PoC in Nim (PrintNightmare Local Privilege Escalation)
https://github.com/fumamatar/NimNightmare
@BlueRedTeam
CVE-2021-1675 LPE PoC in Nim (PrintNightmare Local Privilege Escalation)
https://github.com/fumamatar/NimNightmare
@BlueRedTeam
GitHub
GitHub - eversinc33/NimNightmare: CVE-2021-1675 LPE PoC in Nim (PrintNightmare Local Privilege Escalation)
CVE-2021-1675 LPE PoC in Nim (PrintNightmare Local Privilege Escalation) - eversinc33/NimNightmare
CVE-2021
A FreeSWITCH specific scanning and exploitation toolkit for CVE-2021-37624 and CVE-2021-41157.
https://github.com/0xInfection/PewSWITCH
@BlueRedTeam
A FreeSWITCH specific scanning and exploitation toolkit for CVE-2021-37624 and CVE-2021-41157.
https://github.com/0xInfection/PewSWITCH
@BlueRedTeam
GitHub
GitHub - 0xInfection/PewSWITCH: A FreeSWITCH specific scanning and exploitation toolkit for CVE-2021-37624 and CVE-2021-41157.
A FreeSWITCH specific scanning and exploitation toolkit for CVE-2021-37624 and CVE-2021-41157. - 0xInfection/PewSWITCH