#CVE-2021
Fun things against the abuse of the recent CVE-2021-44228 (Log4Shell) vulnerability using common web servers.
https://github.com/KainsRache/anti-jndi
@BlueRedTeam
Fun things against the abuse of the recent CVE-2021-44228 (Log4Shell) vulnerability using common web servers.
https://github.com/KainsRache/anti-jndi
@BlueRedTeam
GitHub
GitHub - KainsRache/anti-jndi: Fun things against the abuse of the recent CVE-2021-44228 (Log4Shell) vulnerability using common…
Fun things against the abuse of the recent CVE-2021-44228 (Log4Shell) vulnerability using common web servers. - GitHub - KainsRache/anti-jndi: Fun things against the abuse of the recent CVE-2021-44...
#CVE-2021
#Log4j
fail2ban filter that catches attacks againts log4j CVE-2021-44228
https://github.com/atnetws/fail2ban-log4j
@BlueRedTeam
#Log4j
fail2ban filter that catches attacks againts log4j CVE-2021-44228
https://github.com/atnetws/fail2ban-log4j
@BlueRedTeam
GitHub
GitHub - atnetws/fail2ban-log4j: fail2ban filter that catches attacks againts log4j CVE-2021-44228
fail2ban filter that catches attacks againts log4j CVE-2021-44228 - atnetws/fail2ban-log4j
#CVE-2021
#Log4j
This is a proof-of-concept exploit for Log4j RCE Unauthenticated (CVE-2021-44228).
https://github.com/pedrohavay/exploit-CVE-2021-44228
@BlueRedTeam
#Log4j
This is a proof-of-concept exploit for Log4j RCE Unauthenticated (CVE-2021-44228).
https://github.com/pedrohavay/exploit-CVE-2021-44228
@BlueRedTeam
GitHub
GitHub - pedrohavay/exploit-CVE-2021-44228: This is a proof-of-concept exploit for Log4j RCE Unauthenticated (CVE-2021-44228).
This is a proof-of-concept exploit for Log4j RCE Unauthenticated (CVE-2021-44228). - pedrohavay/exploit-CVE-2021-44228
#CVE-2021
Ingest GreyNoise.io malicious feed for CVE-2021-44228 and apply null routes
https://github.com/0xRyan/log4j-nullroute
@BlueRedTeam
Ingest GreyNoise.io malicious feed for CVE-2021-44228 and apply null routes
https://github.com/0xRyan/log4j-nullroute
@BlueRedTeam
GitHub
GitHub - 0xRyan/log4j-nullroute: Ingest GreyNoise.io malicious feed for CVE-2021-44228 and apply null routes
Ingest GreyNoise.io malicious feed for CVE-2021-44228 and apply null routes - GitHub - 0xRyan/log4j-nullroute: Ingest GreyNoise.io malicious feed for CVE-2021-44228 and apply null routes
LaserShark.pdf
1.5 MB
#Red_Team
"LaserShark: Establishing Fast, Bidirectional Communication into Air-Gapped Systems", 2021.
// A novel approach to infiltrate data to air-gapped systems without any additional hardware on-site. By aiming lasers at already built-in LEDs and recording their response, we are the first to enable a long-distance (25 m), covert communication channel. The approach can be used against any office device that operates LEDs at the CPU’s GPIO interface...
@BlueRedTeam
"LaserShark: Establishing Fast, Bidirectional Communication into Air-Gapped Systems", 2021.
// A novel approach to infiltrate data to air-gapped systems without any additional hardware on-site. By aiming lasers at already built-in LEDs and recording their response, we are the first to enable a long-distance (25 m), covert communication channel. The approach can be used against any office device that operates LEDs at the CPU’s GPIO interface...
@BlueRedTeam
#CVE-2021
a fast check, if your server could be vulnerable to CVE-2021-44228
https://github.com/rubo77/log4j_checker_beta
@BlueRedTeam
a fast check, if your server could be vulnerable to CVE-2021-44228
https://github.com/rubo77/log4j_checker_beta
@BlueRedTeam
GitHub
GitHub - rubo77/log4j_checker_beta: a fast check, if your server could be vulnerable to CVE-2021-44228
a fast check, if your server could be vulnerable to CVE-2021-44228 - rubo77/log4j_checker_beta
#CVE-2021
#Log4Shell
#Log4j
Java agent that disables Apache Log4J's JNDI Lookup. Fixes CVE-2021-44228, aka \"Log4Shell.\"
https://github.com/alerithe/log4noshell
@BlueRedTeam
#Log4Shell
#Log4j
Java agent that disables Apache Log4J's JNDI Lookup. Fixes CVE-2021-44228, aka \"Log4Shell.\"
https://github.com/alerithe/log4noshell
@BlueRedTeam
GitHub
GitHub - winnpixie/log4noshell: Java agent that disables Apache Log4J's JNDI Lookup. Fixes CVE-2021-44228, aka "Log4Shell."
Java agent that disables Apache Log4J's JNDI Lookup. Fixes CVE-2021-44228, aka "Log4Shell." - GitHub - winnpixie/log4noshell: Java agent that disables Apache Log4J'...
#CVE-2021
#Log4j
Scanner for Log4j RCE CVE-2021-44228
https://github.com/thecyberneh/Log4j-RCE-Exploiter
@BlueRedTeam
#Log4j
Scanner for Log4j RCE CVE-2021-44228
https://github.com/thecyberneh/Log4j-RCE-Exploiter
@BlueRedTeam
GitHub
GitHub - thecyberneh/Log4j-RCE-Exploiter: Scanner for Log4j RCE CVE-2021-44228
Scanner for Log4j RCE CVE-2021-44228. Contribute to thecyberneh/Log4j-RCE-Exploiter development by creating an account on GitHub.
#CVE-2021
#Log4j
Log4J CVE-2021-44228 : Mitigation for different environments
https://github.com/thedevappsecguy/Log4J-Mitigation-CVE-2021-44228
@BlueRedTeam
#Log4j
Log4J CVE-2021-44228 : Mitigation for different environments
https://github.com/thedevappsecguy/Log4J-Mitigation-CVE-2021-44228
@BlueRedTeam
GitHub
GitHub - thedevappsecguy/Log4J-Mitigation-CVE-2021-44228--CVE-2021-45046--CVE-2021-45105--CVE-2021-44832: Log4J CVE-2021-44228…
Log4J CVE-2021-44228 : Mitigation Cheat Sheet. Contribute to thedevappsecguy/Log4J-Mitigation-CVE-2021-44228--CVE-2021-45046--CVE-2021-45105--CVE-2021-44832 development by creating an account on Gi...
#CVE-2021
#Log4j
CVE-2021-44228 log4j mitigation using aws wafv2 with ansible
https://github.com/markuman/aws-log4j-mitigations
@BlueRedTeam
#Log4j
CVE-2021-44228 log4j mitigation using aws wafv2 with ansible
https://github.com/markuman/aws-log4j-mitigations
@BlueRedTeam
GitHub
GitHub - markuman/aws-log4j-mitigations: CVE-2021-44228 log4j mitigation using aws wafv2 with ansible
CVE-2021-44228 log4j mitigation using aws wafv2 with ansible - GitHub - markuman/aws-log4j-mitigations: CVE-2021-44228 log4j mitigation using aws wafv2 with ansible
#Log4j
#CVE-2021
Log4J CVE-2021-44228 : Mitigation Cheat Sheet
https://github.com!/thedevappsecguy/Log4J-CVE-2021-44228-Mitigation-Cheat-Sheet
@BlueRedTeam
#CVE-2021
Log4J CVE-2021-44228 : Mitigation Cheat Sheet
https://github.com!/thedevappsecguy/Log4J-CVE-2021-44228-Mitigation-Cheat-Sheet
@BlueRedTeam
GitHub
GitHub · Change is constant. GitHub keeps you ahead.
Join the world's most widely adopted, AI-powered developer platform where millions of developers, businesses, and the largest open source community build software that advances humanity.
#CVE-2021
#log4j
A fully automated, accurate, and extensive scanner for finding log4j RCE CVE-2021-44228
https://github.com/fullhunt/log4j-scan
@BlueRedTeam
#log4j
A fully automated, accurate, and extensive scanner for finding log4j RCE CVE-2021-44228
https://github.com/fullhunt/log4j-scan
@BlueRedTeam
GitHub
GitHub - fullhunt/log4j-scan: A fully automated, accurate, and extensive scanner for finding log4j RCE CVE-2021-44228
A fully automated, accurate, and extensive scanner for finding log4j RCE CVE-2021-44228 - GitHub - fullhunt/log4j-scan: A fully automated, accurate, and extensive scanner for finding log4j RCE CVE...
#Blue_Team
1. Exploit samAccountName spoofing with Kerberos
https://cloudbrothers.info/en/exploit-kerberos-samaccountname-spoofing
2. Log4Shell: Reconnaissance and post exploitation network detection - includes numerous Suricata_IDS
rules and IoCs
https://research.nccgroup.com/2021/12/12/log4shell-reconnaissance-and-post-exploitation-network-detection
@BlueRedTeam
1. Exploit samAccountName spoofing with Kerberos
https://cloudbrothers.info/en/exploit-kerberos-samaccountname-spoofing
2. Log4Shell: Reconnaissance and post exploitation network detection - includes numerous Suricata_IDS
rules and IoCs
https://research.nccgroup.com/2021/12/12/log4shell-reconnaissance-and-post-exploitation-network-detection
@BlueRedTeam
cloudbrothers.info
Exploit samAccountName spoofing with Kerberos
When Microsoft released the November 2021 patches, the following CVEs caught the eye of many security professionals because they allow impersonation of a domain controller in an Active Directory environment.
CVE-2021-42278 - KB5008102 Active Directory Security…
CVE-2021-42278 - KB5008102 Active Directory Security…
#CVE-2021
#Log4j
A lab for playing around with the Log4J CVE-2021-44228
https://github.com/tuyenee/Log4shell
@BlueRedTeam
#Log4j
A lab for playing around with the Log4J CVE-2021-44228
https://github.com/tuyenee/Log4shell
@BlueRedTeam
GitHub
GitHub - tuyenee/Log4shell: A lab for playing around with the Log4J CVE-2021-44228
A lab for playing around with the Log4J CVE-2021-44228 - GitHub - tuyenee/Log4shell: A lab for playing around with the Log4J CVE-2021-44228
#CVE-2021
Simple tool for scanning entire directories for attempts of CVE-2021-44228
https://github.com/kek-Sec/log4j-scanner-CVE-2021-44228
@BlueRedTeam
Simple tool for scanning entire directories for attempts of CVE-2021-44228
https://github.com/kek-Sec/log4j-scanner-CVE-2021-44228
@BlueRedTeam
GitHub
GitHub - kek-Sec/log4j-scanner-CVE-2021-44228: Simple tool for scanning entire directories for attempts of CVE-2021-44228
Simple tool for scanning entire directories for attempts of CVE-2021-44228 - GitHub - kek-Sec/log4j-scanner-CVE-2021-44228: Simple tool for scanning entire directories for attempts of CVE-2021-44228
#CVE-2021
Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user
https://github.com/Ridter/noPac
@BlueRedTeam
Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user
https://github.com/Ridter/noPac
@BlueRedTeam
GitHub
GitHub - Ridter/noPac: Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user
Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user - GitHub - Ridter/noPac: Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domai...
#CVE-2021
Research into the implications of CVE-2021-44228 in Spring based applications.
https://github.com/Camphul/log4shell-spring-framework-research
@BlueRedTeam
Research into the implications of CVE-2021-44228 in Spring based applications.
https://github.com/Camphul/log4shell-spring-framework-research
@BlueRedTeam
GitHub
GitHub - Camphul/log4shell-spring-framework-research: Research into the implications of CVE-2021-44228 in Spring based applications.
Research into the implications of CVE-2021-44228 in Spring based applications. - GitHub - Camphul/log4shell-spring-framework-research: Research into the implications of CVE-2021-44228 in Spring bas...
#CVE-2021
#Log4j
simple python scanner to check if your network is vulnerable to CVE-2021-44228
https://github.com/sinakeshmiri/log4jScan
@BlueRedTeam
#Log4j
simple python scanner to check if your network is vulnerable to CVE-2021-44228
https://github.com/sinakeshmiri/log4jScan
@BlueRedTeam
GitHub
GitHub - sinakeshmiri/log4jScan: simple python scanner to check if your network is vulnerable to CVE-2021-44228
simple python scanner to check if your network is vulnerable to CVE-2021-44228 - GitHub - sinakeshmiri/log4jScan: simple python scanner to check if your network is vulnerable to CVE-2021-44228
#CVE-2021
#Log4j
#Log4Shell
Burp extension to scan Log4Shell (CVE-2021-44228) vulnerability pre and post auth.
https://github.com/0xDexter0us/Log4J-Scanner
@BlueRedTeam
#Log4j
#Log4Shell
Burp extension to scan Log4Shell (CVE-2021-44228) vulnerability pre and post auth.
https://github.com/0xDexter0us/Log4J-Scanner
@BlueRedTeam
GitHub
GitHub - 0xDexter0us/Log4J-Scanner: Burp extension to scan Log4Shell (CVE-2021-44228) vulnerability pre and post auth.
Burp extension to scan Log4Shell (CVE-2021-44228) vulnerability pre and post auth. - 0xDexter0us/Log4J-Scanner
#CVE-2021
A PoC for CVE-2021-44827 - authenticated remote code execution in Tp-link Archer C20i
https://github.com/full-disclosure/CVE-2021-44827
@BlueRedTeam
A PoC for CVE-2021-44827 - authenticated remote code execution in Tp-link Archer C20i
https://github.com/full-disclosure/CVE-2021-44827
@BlueRedTeam
GitHub
GitHub - full-disclosure/CVE-2021-44827: A PoC for CVE-2021-44827 - authenticated remote code execution in Tp-link Archer C20i
A PoC for CVE-2021-44827 - authenticated remote code execution in Tp-link Archer C20i - GitHub - full-disclosure/CVE-2021-44827: A PoC for CVE-2021-44827 - authenticated remote code execution in Tp...