#BlueTeam
Detecting Anomalous TLS Certificates
with the Half-Space-Trees Algorithm
https://research.nccgroup.com/2021/12/02/encryption-does-not-equal-invisibility-detecting-anomalous-tls-certificates-with-the-half-space-trees-algorithm
@BlueRedTeam
Detecting Anomalous TLS Certificates
with the Half-Space-Trees Algorithm
https://research.nccgroup.com/2021/12/02/encryption-does-not-equal-invisibility-detecting-anomalous-tls-certificates-with-the-half-space-trees-algorithm
@BlueRedTeam
#RedTeam
Red Team's SIEM - tool for Red Teams used for tracking and alarming about Blue Team activities as well as better usability in long term operations.
https://github.com/Nerdarena2/Have-You-Been-An-Avenger-Fan-Or-An-X-Men-Fan-
@BlueRedTeam
Red Team's SIEM - tool for Red Teams used for tracking and alarming about Blue Team activities as well as better usability in long term operations.
https://github.com/Nerdarena2/Have-You-Been-An-Avenger-Fan-Or-An-X-Men-Fan-
@BlueRedTeam
CVE-2021
Python tool for exploiting CVE-2021-35616
https://github.com/Ofirhamam/OracleOTM
@BlueRedTeam
Python tool for exploiting CVE-2021-35616
https://github.com/Ofirhamam/OracleOTM
@BlueRedTeam
GitHub
GitHub - Ofirhamam/OracleOTM: Python tool for exploiting CVE-2021-35616
Python tool for exploiting CVE-2021-35616 . Contribute to Ofirhamam/OracleOTM development by creating an account on GitHub.
CVE-2021
CVE-2021-42008: Exploiting A 16-Year-Old Vulnerability In The Linux 6pack Driver
https://github.com/0xdevil/CVE-2021-42008
@BlueRedTeam
CVE-2021-42008: Exploiting A 16-Year-Old Vulnerability In The Linux 6pack Driver
https://github.com/0xdevil/CVE-2021-42008
@BlueRedTeam
GitHub
GitHub - 0xdevil/CVE-2021-42008: CVE-2021-42008: Exploiting A 16-Year-Old Vulnerability In The Linux 6pack Driver
CVE-2021-42008: Exploiting A 16-Year-Old Vulnerability In The Linux 6pack Driver - 0xdevil/CVE-2021-42008
#RedTeam
Exploits Scripts and other tools that are useful during Penetration-Testing or Red Team engagement
https://github.com/elloa-uea/projeto-pratico-3-rna-pp3-team-equilibrium
@BlueRedTeam
Exploits Scripts and other tools that are useful during Penetration-Testing or Red Team engagement
https://github.com/elloa-uea/projeto-pratico-3-rna-pp3-team-equilibrium
@BlueRedTeam
GitHub
GitHub - elloa-uea/projeto-pratico-3-rna-pp3-team-equilibrium: Análise e predição do tipo de cobertura vegetal (Roosevelt National…
Análise e predição do tipo de cobertura vegetal (Roosevelt National Forest) utilizando redes neurais multicamadas - GitHub - elloa-uea/projeto-pratico-3-rna-pp3-team-equilibrium: Análise e prediçã...
#exploit
CVE-2021-42008:
Linux Kernel Vulnerability in NetApp Products
https://syst3mfailure.io/sixpack-slab-out-of-bounds
2. A simple python PoC to exploit CVE-2021-26814 and gain RCE on Wazuh Manager (v.4.0.0-4.0.3) through the API service
https://github.com/WickdDavid/CVE-2021-26814
@BlueRedTeam
CVE-2021-42008:
Linux Kernel Vulnerability in NetApp Products
https://syst3mfailure.io/sixpack-slab-out-of-bounds
2. A simple python PoC to exploit CVE-2021-26814 and gain RCE on Wazuh Manager (v.4.0.0-4.0.3) through the API service
https://github.com/WickdDavid/CVE-2021-26814
@BlueRedTeam
[CVE-2021-42008] Exploiting A 16-Year-Old Vulnerability In The Linux 6pack Driver
CVE-2021-42008 is a Slab-Out-Of-Bounds Write vulnerability in the Linux 6pack driver caused by a missing size validation check in the decode_data function. A malicious input from a process with CAP_NET_ADMIN capability can lead to an overflow in the cooked_buf…
#BlueTeam
1. Protecting Windows protected processes
https://www.elastic.co/blog/protecting-windows-protected-processes
2. Detecting and blocking unknown KnownDlls
https://www.elastic.co/blog/detect-block-unknown-knowndlls-windows-acl-hardening-attacks-cache-poisoning-escalation
@BlueRedTeam
1. Protecting Windows protected processes
https://www.elastic.co/blog/protecting-windows-protected-processes
2. Detecting and blocking unknown KnownDlls
https://www.elastic.co/blog/detect-block-unknown-knowndlls-windows-acl-hardening-attacks-cache-poisoning-escalation
@BlueRedTeam
Elastic Blog
Protecting Windows protected processes
This blog is the first in a two-part series discussing a userland Windows exploit that enables attackers to perform highly privileged actions that typically require a kernel driver....
CVE-2021
Unauthenticated Sensitive Information Disclosure (CVE-2021–38314).
https://github.com/oxctdev/CVE-2021-38314
@BlueRedTeam
Unauthenticated Sensitive Information Disclosure (CVE-2021–38314).
https://github.com/oxctdev/CVE-2021-38314
@BlueRedTeam
GitHub
GitHub - orangmuda/CVE-2021-38314: Unauthenticated Sensitive Information Disclosure (CVE-2021–38314).
Unauthenticated Sensitive Information Disclosure (CVE-2021–38314). - orangmuda/CVE-2021-38314
CVE-2021
Microsoft Exchange ProxyLogon PoC (CVE-2021-26855)
https://github.com/thau0x01/poc_proxylogon
@BlueRedTeam
Microsoft Exchange ProxyLogon PoC (CVE-2021-26855)
https://github.com/thau0x01/poc_proxylogon
@BlueRedTeam
GitHub
GitHub - thau0x01/poc_proxylogon: Microsoft Exchange ProxyLogon PoC (CVE-2021-26855)
Microsoft Exchange ProxyLogon PoC (CVE-2021-26855) - thau0x01/poc_proxylogon
CVE-2021
N-DAY VULNERABILITY RESEARCH (FROM PATCH TO EXPLOIT ANALYSIS OF CVE-2021-41081)
https://github.com/sudaiv/CVE-2021-41081
@BlueRedTeam
N-DAY VULNERABILITY RESEARCH (FROM PATCH TO EXPLOIT ANALYSIS OF CVE-2021-41081)
https://github.com/sudaiv/CVE-2021-41081
@BlueRedTeam
GitHub
GitHub - sudaiv/CVE-2021-41081: N-DAY VULNERABILITY RESEARCH (FROM PATCH TO EXPLOIT ANALYSIS OF CVE-2021-41081)
N-DAY VULNERABILITY RESEARCH (FROM PATCH TO EXPLOIT ANALYSIS OF CVE-2021-41081) - GitHub - sudaiv/CVE-2021-41081: N-DAY VULNERABILITY RESEARCH (FROM PATCH TO EXPLOIT ANALYSIS OF CVE-2021-41081)
#RedTeam
Xegtor - Network Attack & Scanning Tool for Red Teaming and Ethical Hacking
https://github.com/nxenon/xegtor
@BlueRedTeam
Xegtor - Network Attack & Scanning Tool for Red Teaming and Ethical Hacking
https://github.com/nxenon/xegtor
@BlueRedTeam
GitHub
GitHub - nxenon/xegtor: Xegtor - Network Attack And Scanning Tool
Xegtor - Network Attack And Scanning Tool. Contribute to nxenon/xegtor development by creating an account on GitHub.
#exploit
CVE-2021-38314:
The Gutenberg Template Library & Redux Framework plugin <=4.2.11 for WordPress - Unauthenticated Sensitive Information Disclosure
https://github.com/oxctdev/CVE-2021-38314
@BlueRedTeam
CVE-2021-38314:
The Gutenberg Template Library & Redux Framework plugin <=4.2.11 for WordPress - Unauthenticated Sensitive Information Disclosure
https://github.com/oxctdev/CVE-2021-38314
@BlueRedTeam
GitHub
GitHub - orangmuda/CVE-2021-38314: Unauthenticated Sensitive Information Disclosure (CVE-2021–38314).
Unauthenticated Sensitive Information Disclosure (CVE-2021–38314). - orangmuda/CVE-2021-38314
CVE-2021
CVE-2021-1675 LPE PoC in Nim (PrintNightmare Local Privilege Escalation)
https://github.com/fumamatar/NimNightmare-
@BlueRedTeam
CVE-2021-1675 LPE PoC in Nim (PrintNightmare Local Privilege Escalation)
https://github.com/fumamatar/NimNightmare-
@BlueRedTeam
GitHub
GitHub - eversinc33/NimNightmare: CVE-2021-1675 LPE PoC in Nim (PrintNightmare Local Privilege Escalation)
CVE-2021-1675 LPE PoC in Nim (PrintNightmare Local Privilege Escalation) - GitHub - eversinc33/NimNightmare: CVE-2021-1675 LPE PoC in Nim (PrintNightmare Local Privilege Escalation)
👍1
CVE-2021
CVE-2021-1675 LPE PoC in Nim (PrintNightmare Local Privilege Escalation)
https://github.com/fumamatar/NimNightmare
@BlueRedTeam
CVE-2021-1675 LPE PoC in Nim (PrintNightmare Local Privilege Escalation)
https://github.com/fumamatar/NimNightmare
@BlueRedTeam
GitHub
GitHub - eversinc33/NimNightmare: CVE-2021-1675 LPE PoC in Nim (PrintNightmare Local Privilege Escalation)
CVE-2021-1675 LPE PoC in Nim (PrintNightmare Local Privilege Escalation) - eversinc33/NimNightmare
CVE-2021
A FreeSWITCH specific scanning and exploitation toolkit for CVE-2021-37624 and CVE-2021-41157.
https://github.com/0xInfection/PewSWITCH
@BlueRedTeam
A FreeSWITCH specific scanning and exploitation toolkit for CVE-2021-37624 and CVE-2021-41157.
https://github.com/0xInfection/PewSWITCH
@BlueRedTeam
GitHub
GitHub - 0xInfection/PewSWITCH: A FreeSWITCH specific scanning and exploitation toolkit for CVE-2021-37624 and CVE-2021-41157.
A FreeSWITCH specific scanning and exploitation toolkit for CVE-2021-37624 and CVE-2021-41157. - 0xInfection/PewSWITCH
#RedTeam
Powershell noscript for watching various indicators of Red Team activity during a competition.
URL:https://github.com/khaansec/PowerShell
@BlueRedTeam
Powershell noscript for watching various indicators of Red Team activity during a competition.
URL:https://github.com/khaansec/PowerShell
@BlueRedTeam
GitHub
GitHub - khaansec/PowerShell: Powershell noscript for watching various indicators of Red Team activity during a competition.
Powershell noscript for watching various indicators of Red Team activity during a competition. - GitHub - khaansec/PowerShell: Powershell noscript for watching various indicators of Red Team activity d...
#RedTeam
1. Get shells with JET, the Jolokia Exploitation Toolkit
https://thinkloveshare.com/hacking/shells_with_jolokia_exploitation_toolkit
2. BITS for Script Kiddies
https://www.trustedsec.com/blog/bits-for-noscript-kiddies
@BlueRedTeam
1. Get shells with JET, the Jolokia Exploitation Toolkit
https://thinkloveshare.com/hacking/shells_with_jolokia_exploitation_toolkit
2. BITS for Script Kiddies
https://www.trustedsec.com/blog/bits-for-noscript-kiddies
@BlueRedTeam
Thinkloveshare
Get shells with JET, the Jolokia Exploitation Toolkit
I spent too much time hacking on Jolokia, so here's an exploitation toolkit, it provides file read, write, rmi injection, information disclosure, and much more. Enjoy!
#BlueTeam
N-day vulnerability research (from patch to exploit analysis of CVE-2021-41081) in ManageEngine Network Configuration Manager
https://sudaiv.net/post/vulnresearch
@BlueRedTeam
N-day vulnerability research (from patch to exploit analysis of CVE-2021-41081) in ManageEngine Network Configuration Manager
https://sudaiv.net/post/vulnresearch
@BlueRedTeam