#BlueTeam
Reflective Code Loading in Linux - A New Defense Evasion Technique in MITRE ATT&CK v10
https://medium.com/confluera-engineering/reflective-code-loading-in-linux-a-new-defense-evasion-technique-in-mitre-att-ck-v10-da7da34ed301
]-> Detection and Response for Linux Reflective Code Loading Malware:
https://medium.com/confluera-engineering/detection-and-response-for-linux-reflective-code-loading-malware-this-is-how-21f9c7d8a014
@BlueRedTeam
Reflective Code Loading in Linux - A New Defense Evasion Technique in MITRE ATT&CK v10
https://medium.com/confluera-engineering/reflective-code-loading-in-linux-a-new-defense-evasion-technique-in-mitre-att-ck-v10-da7da34ed301
]-> Detection and Response for Linux Reflective Code Loading Malware:
https://medium.com/confluera-engineering/detection-and-response-for-linux-reflective-code-loading-malware-this-is-how-21f9c7d8a014
@BlueRedTeam
Medium
Reflective Code Loading in Linux — A New Defense Evasion Technique in MITRE ATT&CK v10
Summary
#RedTeam
1. Exploiting NFS server via SSRF
https://r0.haxors.org/posts?id=27
2. Into the art of Binary Exploitation 0x000004:
Return-to-libc attack
https://infosecwriteups.com/into-the-art-of-binary-exploitation-0x000004-reviving-of-satanic-rop-5ab604b52341
3. RCE via Exif Data
https://infosecwriteups.com/remote-code-execution-via-exif-data-12f7d3cee827
@BlueRedTeam
1. Exploiting NFS server via SSRF
https://r0.haxors.org/posts?id=27
2. Into the art of Binary Exploitation 0x000004:
Return-to-libc attack
https://infosecwriteups.com/into-the-art-of-binary-exploitation-0x000004-reviving-of-satanic-rop-5ab604b52341
3. RCE via Exif Data
https://infosecwriteups.com/remote-code-execution-via-exif-data-12f7d3cee827
@BlueRedTeam
Medium
Into the art of Binary Exploitation 0x000004[Reviving of Satanic-ROP]
Continuation of sorcery…!!
#exploit
1. CVE-2021-43784:
runc/libcontainer - insecure handling of bind mount sources
https://bugs.chromium.org/p/project-zero/issues/detail?id=2241
]-> https://github.com/opencontainers/runc/security/advisories/GHSA-v95c-p5hm-xq8f
2. CVE-2021-1048:
refcount increment on mid-destruction file
https://googleprojectzero.github.io/0days-in-the-wild/0day-RCAs/2021/CVE-2021-1048.html
@BlueRedTeam
1. CVE-2021-43784:
runc/libcontainer - insecure handling of bind mount sources
https://bugs.chromium.org/p/project-zero/issues/detail?id=2241
]-> https://github.com/opencontainers/runc/security/advisories/GHSA-v95c-p5hm-xq8f
2. CVE-2021-1048:
refcount increment on mid-destruction file
https://googleprojectzero.github.io/0days-in-the-wild/0day-RCAs/2021/CVE-2021-1048.html
@BlueRedTeam
GitHub
Overflow in netlink bytemsg length field allows attacker to override netlink-based container configuration
### Impact
In runc, [netlink](https://www.man7.org/linux/man-pages/man7/netlink.7.html) is used internally as a serialization system for specifying the relevant container configuration to the C ...
In runc, [netlink](https://www.man7.org/linux/man-pages/man7/netlink.7.html) is used internally as a serialization system for specifying the relevant container configuration to the C ...
#RedTeam
List of Awesome Red Teaming Resources
https://github.com/yeyintminthuhtut/Awesome-Red-Teaming
@BlueRedTeam
List of Awesome Red Teaming Resources
https://github.com/yeyintminthuhtut/Awesome-Red-Teaming
@BlueRedTeam
GitHub
GitHub - yeyintminthuhtut/Awesome-Red-Teaming: List of Awesome Red Teaming Resources
List of Awesome Red Teaming Resources. Contribute to yeyintminthuhtut/Awesome-Red-Teaming development by creating an account on GitHub.
#RedTeam
Cybersecurity blog. Red Team, pentest, malware analysis and dev
https://github.com/jowi971/https-setupamppedwireless.com-
Cybersecurity blog. Red Team, pentest, malware analysis and dev
https://github.com/jowi971/https-setupamppedwireless.com-
GitHub
GitHub - jowi971/https-setupamppedwireless.com-: Skip to content Setup.ampedwireless.com Amped Wireless Setup | amped Wireless…
Skip to content Setup.ampedwireless.com Amped Wireless Setup | amped Wireless amped wireless setup setup ampedwireless com Why is setup.ampedwireless.com not working? There may be several aspects ...
👍2
#exploit
1. Pwn2Own Vancouver 2021: V8 JIT vulnerability on both the Chrome/Microsoft Edge renderers
https://www.zerodayinitiative.com/blog/2021/12/6/two-birds-with-one-stone-an-introduction-to-v8-and-jit-exploitation
PoC:
https://bugs.chromium.org/p/chromium/issues/attachmentText?aid=497472
2. Windows 10 RCE: The exploit is in the link
https://positive.security/blog/ms-officecmd-rce
@BlueRedTeam
1. Pwn2Own Vancouver 2021: V8 JIT vulnerability on both the Chrome/Microsoft Edge renderers
https://www.zerodayinitiative.com/blog/2021/12/6/two-birds-with-one-stone-an-introduction-to-v8-and-jit-exploitation
PoC:
https://bugs.chromium.org/p/chromium/issues/attachmentText?aid=497472
2. Windows 10 RCE: The exploit is in the link
https://positive.security/blog/ms-officecmd-rce
@BlueRedTeam
Zero Day Initiative
Zero Day Initiative — Two Birds with One Stone: An Introduction to V8 and JIT Exploitation
In this special blog series, ZDI Vulnerability Researcher Hossein Lotfi looks at the exploitation of V8 – Google’s open-source high-performance JavaScript and WebAssembly engine – through the lens of a bug used during Pwn2Own Vancouver 2021. The contest submission…
#RedTeam
1. Cobalt Strike BOF to list Windows Pipes & return their Owners/DACL Permissions
https://github.com/xforcered/xPipe
2. EDR bypass through Kernel callbacks removal
https://github.com/wavestone-cdt/EdrSandblast
@BlueRedTeam
1. Cobalt Strike BOF to list Windows Pipes & return their Owners/DACL Permissions
https://github.com/xforcered/xPipe
2. EDR bypass through Kernel callbacks removal
https://github.com/wavestone-cdt/EdrSandblast
@BlueRedTeam
GitHub
GitHub - xforcered/xPipe: Cobalt Strike BOF to list Windows Pipes & return their Owners & DACL Permissions
Cobalt Strike BOF to list Windows Pipes & return their Owners & DACL Permissions - xforcered/xPipe
#exploit
1. CVE-2021-43798:
Grafana 8.x Path Traversal (Pre-Auth)
https://github.com/taythebot/CVE-2021-43798
]-> https://github.com/j-jasson/CVE-2021-43798-grafana_fileread
2. VMware vCenter 7.0.2 unauth Arbitrary File Read
+ SSRF + Reflected XSS
https://github.com/l0ggg/VMware_vCenter
@BlueRedTeam
1. CVE-2021-43798:
Grafana 8.x Path Traversal (Pre-Auth)
https://github.com/taythebot/CVE-2021-43798
]-> https://github.com/j-jasson/CVE-2021-43798-grafana_fileread
2. VMware vCenter 7.0.2 unauth Arbitrary File Read
+ SSRF + Reflected XSS
https://github.com/l0ggg/VMware_vCenter
@BlueRedTeam
GitHub
GitHub - taythebot/CVE-2021-43798: CVE-2021-43798 - Grafana 8.x Path Traversal (Pre-Auth)
CVE-2021-43798 - Grafana 8.x Path Traversal (Pre-Auth) - taythebot/CVE-2021-43798
#RedTeam
Process Herpaderping
https://pentestlaboratories.com/2021/12/08/process-ghosting/
@BlueRedTeam
Process Herpaderping
https://pentestlaboratories.com/2021/12/08/process-ghosting/
@BlueRedTeam
#Honeypot
Minecraft Honeypot for Log4j exploit. CVE-2021-44228 Log4Shell LogJam
https://github.com/Adikso/minecraft-log4j-honeypot
@BlueRedTeam
Minecraft Honeypot for Log4j exploit. CVE-2021-44228 Log4Shell LogJam
https://github.com/Adikso/minecraft-log4j-honeypot
@BlueRedTeam
GitHub
GitHub - Adikso/minecraft-log4j-honeypot: Minecraft Honeypot for Log4j exploit. CVE-2021-44228 Log4Shell LogJam
Minecraft Honeypot for Log4j exploit. CVE-2021-44228 Log4Shell LogJam - Adikso/minecraft-log4j-honeypot
#CVE 2021
A Proof-Of-Concept for the recently found CVE-2021-44228 vulnerability.
https://github.com/kozmer/log4j-shell-poc
@BlueRedTeam
A Proof-Of-Concept for the recently found CVE-2021-44228 vulnerability.
https://github.com/kozmer/log4j-shell-poc
@BlueRedTeam
GitHub
GitHub - kozmer/log4j-shell-poc: A Proof-Of-Concept for the CVE-2021-44228 vulnerability.
A Proof-Of-Concept for the CVE-2021-44228 vulnerability. - GitHub - kozmer/log4j-shell-poc: A Proof-Of-Concept for the CVE-2021-44228 vulnerability.
#CVE 2021
#LDAP
A minimalistic LDAP server that is meant for test vulnerability to JNDI+LDAP injection attacks in Java, especially CVE-2021-44228.
https://github.com/rakutentech/jndi-ldap-test-server
@BlueRedTeam
#LDAP
A minimalistic LDAP server that is meant for test vulnerability to JNDI+LDAP injection attacks in Java, especially CVE-2021-44228.
https://github.com/rakutentech/jndi-ldap-test-server
@BlueRedTeam
GitHub
GitHub - rakutentech/jndi-ldap-test-server: A minimalistic LDAP server that is meant for test vulnerability to JNDI+LDAP injection…
A minimalistic LDAP server that is meant for test vulnerability to JNDI+LDAP injection attacks in Java, especially CVE-2021-44228. - rakutentech/jndi-ldap-test-server
#CVE 2021
Java Agent that disables Apache Log4J's JNDI Lookup. Quick-fix for CVE-2021-44228
https://github.com/alerithe/log4j-patcher
@BlueRedTeam
Java Agent that disables Apache Log4J's JNDI Lookup. Quick-fix for CVE-2021-44228
https://github.com/alerithe/log4j-patcher
@BlueRedTeam
GitHub
GitHub - winnpixie/log4noshell: Java agent that disables Apache Log4J's JNDI Lookup. Fixes CVE-2021-44228, aka "Log4Shell."
Java agent that disables Apache Log4J's JNDI Lookup. Fixes CVE-2021-44228, aka "Log4Shell." - GitHub - winnpixie/log4noshell: Java agent that disables Apache Log4J'...
#BlueTeam
1. log4j RCE Exploitation Detection
https://gist.github.com/Neo23x0/e4c8b03ff8cdf1fa63b7d15db6e3860b
]-> Python noscript to detect if an HTTP server
is potentially vulnerable to the log4j 0-day RCE
https://gist.github.com/byt3bl33d3r/46661bc206d323e6770907d259e009b6
2. SMBeagle - SMB fileshare auditing tool
https://github.com/punk-security/SMBeagle
@BlueRedTeam
1. log4j RCE Exploitation Detection
https://gist.github.com/Neo23x0/e4c8b03ff8cdf1fa63b7d15db6e3860b
]-> Python noscript to detect if an HTTP server
is potentially vulnerable to the log4j 0-day RCE
https://gist.github.com/byt3bl33d3r/46661bc206d323e6770907d259e009b6
2. SMBeagle - SMB fileshare auditing tool
https://github.com/punk-security/SMBeagle
@BlueRedTeam
Gist
Log4j RCE CVE-2021-44228 Exploitation Detection
Log4j RCE CVE-2021-44228 Exploitation Detection. GitHub Gist: instantly share code, notes, and snippets.
👍2
#CVE 2021
CVE-2021-44228 DFIR Notes
https://github.com/Azeemering/CVE-2021-44228-DFIR-Notes
@BlueRedTeam
CVE-2021-44228 DFIR Notes
https://github.com/Azeemering/CVE-2021-44228-DFIR-Notes
@BlueRedTeam
GitHub
GitHub - Azeemering/CVE-2021-44228-DFIR-Notes: CVE-2021-44228 DFIR Notes
CVE-2021-44228 DFIR Notes. Contribute to Azeemering/CVE-2021-44228-DFIR-Notes development by creating an account on GitHub.
#CVE-2021
#Log4shell
Scans files for .jars potentially vulnerable to Log4Shell (CVE-2021-44228) by inspecting the class paths inside the .jar.
https://github.com/1lann/log4shelldetect
@BlueRedTeam
#Log4shell
Scans files for .jars potentially vulnerable to Log4Shell (CVE-2021-44228) by inspecting the class paths inside the .jar.
https://github.com/1lann/log4shelldetect
@BlueRedTeam
GitHub
GitHub - 1lann/log4shelldetect: Rapidly scan filesystems for Java programs potentially vulnerable to Log4Shell (CVE-2021-44228)…
Rapidly scan filesystems for Java programs potentially vulnerable to Log4Shell (CVE-2021-44228) or "that Log4j JNDI exploit" by inspecting the class paths inside files - GitHub - ...
#CVE 2021
#LOG4J
Fixes CVE-2021-44228 in log4j by patching JndiLookup class
https://github.com/saharNooby/log4j-vulnerability-patcher-agent
@BlueRedTeam
#LOG4J
Fixes CVE-2021-44228 in log4j by patching JndiLookup class
https://github.com/saharNooby/log4j-vulnerability-patcher-agent
@BlueRedTeam
GitHub
GitHub - saharNooby/log4j-vulnerability-patcher-agent: Fixes CVE-2021-44228 in log4j by patching JndiLookup class
Fixes CVE-2021-44228 in log4j by patching JndiLookup class - saharNooby/log4j-vulnerability-patcher-agent
#RedTeam
#LOG4J
LOG4J批量检测工具 -- 红队工具 -- 护网必备 -- Redteam --
https://github.com/XiaoBai-12138/LOG4J-POC
@BlueRedTeam
#LOG4J
LOG4J批量检测工具 -- 红队工具 -- 护网必备 -- Redteam --
https://github.com/XiaoBai-12138/LOG4J-POC
@BlueRedTeam
GitHub
GitHub - XiaoBai-12138/LOG4J-POC: LOG4J漏洞批量检测工具 -- 红队工具 -- 护网必备 -- Redteam --
LOG4J漏洞批量检测工具 -- 红队工具 -- 护网必备 -- Redteam --. Contribute to XiaoBai-12138/LOG4J-POC development by creating an account on GitHub.
#CVE 2021
#Log4j
#exploit
🐱💻 ✂️ 🤬 CVE-2021-44228 - LOG4J Java exploit - A trick to bypass words blocking patches
https://github.com/Puliczek/CVE-2021-44228-PoC-log4j-bypass-words
@BlueRedTeam
#Log4j
#exploit
🐱💻 ✂️ 🤬 CVE-2021-44228 - LOG4J Java exploit - A trick to bypass words blocking patches
https://github.com/Puliczek/CVE-2021-44228-PoC-log4j-bypass-words
@BlueRedTeam
GitHub
GitHub - Puliczek/CVE-2021-44228-PoC-log4j-bypass-words: 🐱💻 ✂️ 🤬 CVE-2021-44228 - LOG4J Java exploit - WAF bypass tricks
🐱💻 ✂️ 🤬 CVE-2021-44228 - LOG4J Java exploit - WAF bypass tricks - Puliczek/CVE-2021-44228-PoC-log4j-bypass-words