#BlueTeam
1. Protecting Windows protected processes
https://www.elastic.co/blog/protecting-windows-protected-processes
2. Detecting and blocking unknown KnownDlls
https://www.elastic.co/blog/detect-block-unknown-knowndlls-windows-acl-hardening-attacks-cache-poisoning-escalation
@BlueRedTeam
1. Protecting Windows protected processes
https://www.elastic.co/blog/protecting-windows-protected-processes
2. Detecting and blocking unknown KnownDlls
https://www.elastic.co/blog/detect-block-unknown-knowndlls-windows-acl-hardening-attacks-cache-poisoning-escalation
@BlueRedTeam
Elastic Blog
Protecting Windows protected processes
This blog is the first in a two-part series discussing a userland Windows exploit that enables attackers to perform highly privileged actions that typically require a kernel driver....
CVE-2021
Unauthenticated Sensitive Information Disclosure (CVE-2021–38314).
https://github.com/oxctdev/CVE-2021-38314
@BlueRedTeam
Unauthenticated Sensitive Information Disclosure (CVE-2021–38314).
https://github.com/oxctdev/CVE-2021-38314
@BlueRedTeam
GitHub
GitHub - orangmuda/CVE-2021-38314: Unauthenticated Sensitive Information Disclosure (CVE-2021–38314).
Unauthenticated Sensitive Information Disclosure (CVE-2021–38314). - orangmuda/CVE-2021-38314
CVE-2021
Microsoft Exchange ProxyLogon PoC (CVE-2021-26855)
https://github.com/thau0x01/poc_proxylogon
@BlueRedTeam
Microsoft Exchange ProxyLogon PoC (CVE-2021-26855)
https://github.com/thau0x01/poc_proxylogon
@BlueRedTeam
GitHub
GitHub - thau0x01/poc_proxylogon: Microsoft Exchange ProxyLogon PoC (CVE-2021-26855)
Microsoft Exchange ProxyLogon PoC (CVE-2021-26855) - thau0x01/poc_proxylogon
CVE-2021
N-DAY VULNERABILITY RESEARCH (FROM PATCH TO EXPLOIT ANALYSIS OF CVE-2021-41081)
https://github.com/sudaiv/CVE-2021-41081
@BlueRedTeam
N-DAY VULNERABILITY RESEARCH (FROM PATCH TO EXPLOIT ANALYSIS OF CVE-2021-41081)
https://github.com/sudaiv/CVE-2021-41081
@BlueRedTeam
GitHub
GitHub - sudaiv/CVE-2021-41081: N-DAY VULNERABILITY RESEARCH (FROM PATCH TO EXPLOIT ANALYSIS OF CVE-2021-41081)
N-DAY VULNERABILITY RESEARCH (FROM PATCH TO EXPLOIT ANALYSIS OF CVE-2021-41081) - GitHub - sudaiv/CVE-2021-41081: N-DAY VULNERABILITY RESEARCH (FROM PATCH TO EXPLOIT ANALYSIS OF CVE-2021-41081)
#RedTeam
Xegtor - Network Attack & Scanning Tool for Red Teaming and Ethical Hacking
https://github.com/nxenon/xegtor
@BlueRedTeam
Xegtor - Network Attack & Scanning Tool for Red Teaming and Ethical Hacking
https://github.com/nxenon/xegtor
@BlueRedTeam
GitHub
GitHub - nxenon/xegtor: Xegtor - Network Attack And Scanning Tool
Xegtor - Network Attack And Scanning Tool. Contribute to nxenon/xegtor development by creating an account on GitHub.
#exploit
CVE-2021-38314:
The Gutenberg Template Library & Redux Framework plugin <=4.2.11 for WordPress - Unauthenticated Sensitive Information Disclosure
https://github.com/oxctdev/CVE-2021-38314
@BlueRedTeam
CVE-2021-38314:
The Gutenberg Template Library & Redux Framework plugin <=4.2.11 for WordPress - Unauthenticated Sensitive Information Disclosure
https://github.com/oxctdev/CVE-2021-38314
@BlueRedTeam
GitHub
GitHub - orangmuda/CVE-2021-38314: Unauthenticated Sensitive Information Disclosure (CVE-2021–38314).
Unauthenticated Sensitive Information Disclosure (CVE-2021–38314). - orangmuda/CVE-2021-38314
CVE-2021
CVE-2021-1675 LPE PoC in Nim (PrintNightmare Local Privilege Escalation)
https://github.com/fumamatar/NimNightmare-
@BlueRedTeam
CVE-2021-1675 LPE PoC in Nim (PrintNightmare Local Privilege Escalation)
https://github.com/fumamatar/NimNightmare-
@BlueRedTeam
GitHub
GitHub - eversinc33/NimNightmare: CVE-2021-1675 LPE PoC in Nim (PrintNightmare Local Privilege Escalation)
CVE-2021-1675 LPE PoC in Nim (PrintNightmare Local Privilege Escalation) - GitHub - eversinc33/NimNightmare: CVE-2021-1675 LPE PoC in Nim (PrintNightmare Local Privilege Escalation)
👍1
CVE-2021
CVE-2021-1675 LPE PoC in Nim (PrintNightmare Local Privilege Escalation)
https://github.com/fumamatar/NimNightmare
@BlueRedTeam
CVE-2021-1675 LPE PoC in Nim (PrintNightmare Local Privilege Escalation)
https://github.com/fumamatar/NimNightmare
@BlueRedTeam
GitHub
GitHub - eversinc33/NimNightmare: CVE-2021-1675 LPE PoC in Nim (PrintNightmare Local Privilege Escalation)
CVE-2021-1675 LPE PoC in Nim (PrintNightmare Local Privilege Escalation) - eversinc33/NimNightmare
CVE-2021
A FreeSWITCH specific scanning and exploitation toolkit for CVE-2021-37624 and CVE-2021-41157.
https://github.com/0xInfection/PewSWITCH
@BlueRedTeam
A FreeSWITCH specific scanning and exploitation toolkit for CVE-2021-37624 and CVE-2021-41157.
https://github.com/0xInfection/PewSWITCH
@BlueRedTeam
GitHub
GitHub - 0xInfection/PewSWITCH: A FreeSWITCH specific scanning and exploitation toolkit for CVE-2021-37624 and CVE-2021-41157.
A FreeSWITCH specific scanning and exploitation toolkit for CVE-2021-37624 and CVE-2021-41157. - 0xInfection/PewSWITCH
#RedTeam
Powershell noscript for watching various indicators of Red Team activity during a competition.
URL:https://github.com/khaansec/PowerShell
@BlueRedTeam
Powershell noscript for watching various indicators of Red Team activity during a competition.
URL:https://github.com/khaansec/PowerShell
@BlueRedTeam
GitHub
GitHub - khaansec/PowerShell: Powershell noscript for watching various indicators of Red Team activity during a competition.
Powershell noscript for watching various indicators of Red Team activity during a competition. - GitHub - khaansec/PowerShell: Powershell noscript for watching various indicators of Red Team activity d...
#RedTeam
1. Get shells with JET, the Jolokia Exploitation Toolkit
https://thinkloveshare.com/hacking/shells_with_jolokia_exploitation_toolkit
2. BITS for Script Kiddies
https://www.trustedsec.com/blog/bits-for-noscript-kiddies
@BlueRedTeam
1. Get shells with JET, the Jolokia Exploitation Toolkit
https://thinkloveshare.com/hacking/shells_with_jolokia_exploitation_toolkit
2. BITS for Script Kiddies
https://www.trustedsec.com/blog/bits-for-noscript-kiddies
@BlueRedTeam
Thinkloveshare
Get shells with JET, the Jolokia Exploitation Toolkit
I spent too much time hacking on Jolokia, so here's an exploitation toolkit, it provides file read, write, rmi injection, information disclosure, and much more. Enjoy!
#BlueTeam
N-day vulnerability research (from patch to exploit analysis of CVE-2021-41081) in ManageEngine Network Configuration Manager
https://sudaiv.net/post/vulnresearch
@BlueRedTeam
N-day vulnerability research (from patch to exploit analysis of CVE-2021-41081) in ManageEngine Network Configuration Manager
https://sudaiv.net/post/vulnresearch
@BlueRedTeam
#RedTeam
1. Bash noscript will help to hack remote hosts
https://github.com/FabioDefilippo/linuxallremote
2. JMX enumeration and attacking tool
https://github.com/qtc-de/beanshooter
@BlueRedTeam
1. Bash noscript will help to hack remote hosts
https://github.com/FabioDefilippo/linuxallremote
2. JMX enumeration and attacking tool
https://github.com/qtc-de/beanshooter
@BlueRedTeam
#BlueTeam
Reflective Code Loading in Linux - A New Defense Evasion Technique in MITRE ATT&CK v10
https://medium.com/confluera-engineering/reflective-code-loading-in-linux-a-new-defense-evasion-technique-in-mitre-att-ck-v10-da7da34ed301
]-> Detection and Response for Linux Reflective Code Loading Malware:
https://medium.com/confluera-engineering/detection-and-response-for-linux-reflective-code-loading-malware-this-is-how-21f9c7d8a014
@BlueRedTeam
Reflective Code Loading in Linux - A New Defense Evasion Technique in MITRE ATT&CK v10
https://medium.com/confluera-engineering/reflective-code-loading-in-linux-a-new-defense-evasion-technique-in-mitre-att-ck-v10-da7da34ed301
]-> Detection and Response for Linux Reflective Code Loading Malware:
https://medium.com/confluera-engineering/detection-and-response-for-linux-reflective-code-loading-malware-this-is-how-21f9c7d8a014
@BlueRedTeam
Medium
Reflective Code Loading in Linux — A New Defense Evasion Technique in MITRE ATT&CK v10
Summary
#RedTeam
1. Exploiting NFS server via SSRF
https://r0.haxors.org/posts?id=27
2. Into the art of Binary Exploitation 0x000004:
Return-to-libc attack
https://infosecwriteups.com/into-the-art-of-binary-exploitation-0x000004-reviving-of-satanic-rop-5ab604b52341
3. RCE via Exif Data
https://infosecwriteups.com/remote-code-execution-via-exif-data-12f7d3cee827
@BlueRedTeam
1. Exploiting NFS server via SSRF
https://r0.haxors.org/posts?id=27
2. Into the art of Binary Exploitation 0x000004:
Return-to-libc attack
https://infosecwriteups.com/into-the-art-of-binary-exploitation-0x000004-reviving-of-satanic-rop-5ab604b52341
3. RCE via Exif Data
https://infosecwriteups.com/remote-code-execution-via-exif-data-12f7d3cee827
@BlueRedTeam
Medium
Into the art of Binary Exploitation 0x000004[Reviving of Satanic-ROP]
Continuation of sorcery…!!
#exploit
1. CVE-2021-43784:
runc/libcontainer - insecure handling of bind mount sources
https://bugs.chromium.org/p/project-zero/issues/detail?id=2241
]-> https://github.com/opencontainers/runc/security/advisories/GHSA-v95c-p5hm-xq8f
2. CVE-2021-1048:
refcount increment on mid-destruction file
https://googleprojectzero.github.io/0days-in-the-wild/0day-RCAs/2021/CVE-2021-1048.html
@BlueRedTeam
1. CVE-2021-43784:
runc/libcontainer - insecure handling of bind mount sources
https://bugs.chromium.org/p/project-zero/issues/detail?id=2241
]-> https://github.com/opencontainers/runc/security/advisories/GHSA-v95c-p5hm-xq8f
2. CVE-2021-1048:
refcount increment on mid-destruction file
https://googleprojectzero.github.io/0days-in-the-wild/0day-RCAs/2021/CVE-2021-1048.html
@BlueRedTeam
GitHub
Overflow in netlink bytemsg length field allows attacker to override netlink-based container configuration
### Impact
In runc, [netlink](https://www.man7.org/linux/man-pages/man7/netlink.7.html) is used internally as a serialization system for specifying the relevant container configuration to the C ...
In runc, [netlink](https://www.man7.org/linux/man-pages/man7/netlink.7.html) is used internally as a serialization system for specifying the relevant container configuration to the C ...
#RedTeam
List of Awesome Red Teaming Resources
https://github.com/yeyintminthuhtut/Awesome-Red-Teaming
@BlueRedTeam
List of Awesome Red Teaming Resources
https://github.com/yeyintminthuhtut/Awesome-Red-Teaming
@BlueRedTeam
GitHub
GitHub - yeyintminthuhtut/Awesome-Red-Teaming: List of Awesome Red Teaming Resources
List of Awesome Red Teaming Resources. Contribute to yeyintminthuhtut/Awesome-Red-Teaming development by creating an account on GitHub.