#exploit
#CVE-2021-43936:
RCE in WebHMI Firmware
https://github.com/LongWayHomie/CVE-2021-43936
@BlueRedTeam
#CVE-2021-43936:
RCE in WebHMI Firmware
https://github.com/LongWayHomie/CVE-2021-43936
@BlueRedTeam
GitHub
GitHub - LongWayHomie/CVE-2021-43936: CVE-2021-43936 is a critical vulnerability (CVSS3 10.0) leading to Remote Code Execution…
CVE-2021-43936 is a critical vulnerability (CVSS3 10.0) leading to Remote Code Execution (RCE) in WebHMI Firmware. - LongWayHomie/CVE-2021-43936
#Red_Team
1. Log4j2 RCE Passive Scanner plugin for BurpSuite
https://github.com/whwlsfb/Log4j2Scan
2. Enumeration
https://aidenpearce369.github.io/offsec/redteam-enumeration
@BlueRedTeam
1. Log4j2 RCE Passive Scanner plugin for BurpSuite
https://github.com/whwlsfb/Log4j2Scan
2. Enumeration
https://aidenpearce369.github.io/offsec/redteam-enumeration
@BlueRedTeam
GitHub
GitHub - whwlsfb/Log4j2Scan: Log4j2 RCE Passive Scanner plugin for BurpSuite
Log4j2 RCE Passive Scanner plugin for BurpSuite. Contribute to whwlsfb/Log4j2Scan development by creating an account on GitHub.
Windows_Services_System.pdf
700.2 KB
#Blue_Team
"Windows Services - All roads lead to SYSTEM", 2021.
// This article discusses the implications of misconfigurations of Windows Services. In fully patched Windows environments, a badly implemented service is among the most common attack vectors...
@BlueRedTeam
"Windows Services - All roads lead to SYSTEM", 2021.
// This article discusses the implications of misconfigurations of Windows Services. In fully patched Windows environments, a badly implemented service is among the most common attack vectors...
@BlueRedTeam
#CVE-2021
#log4j
Endpoint to test CVE-2021-44228 – Log4j 2
https://github.com/andrii-kovalenko-celonis/log4j-vulnerability-demo
@BlueRedTeam
#log4j
Endpoint to test CVE-2021-44228 – Log4j 2
https://github.com/andrii-kovalenko-celonis/log4j-vulnerability-demo
@BlueRedTeam
GitHub
GitHub - andrii-kovalenko-celonis/log4j-vulnerability-demo: Endpoint to test CVE-2021-44228 – Log4j 2
Endpoint to test CVE-2021-44228 – Log4j 2. Contribute to andrii-kovalenko-celonis/log4j-vulnerability-demo development by creating an account on GitHub.
Red Blue Team pinned «Hello friends, from now on, the hashtags Red Team and Blue Team will be like this: #Red_Team and #Blue_Team, and you can follow the previous hashtags by searching #RedTeam and #BlueTeam. @BlueRedTeam»
#CVE-2021
#log4j2
Little recap of the log4j2 remote code execution (CVE-2021-44228)
https://github.com/jan-muhammad-zaidi/Log4j-CVE-2021-44228
@BlueRedTeam
#log4j2
Little recap of the log4j2 remote code execution (CVE-2021-44228)
https://github.com/jan-muhammad-zaidi/Log4j-CVE-2021-44228
@BlueRedTeam
GitHub
GitHub - jan-muhammad-zaidi/Log4j-CVE-2021-44228: On Thursday (December 9th), a 0-day exploit in the popular Java logging library…
On Thursday (December 9th), a 0-day exploit in the popular Java logging library log4j (version 2) was discovered that results in Remote Code Execution (RCE) by logging a certain string. Given how ...
#CVE-2021
#Log4j2
Little recap of the log4j2 remote code execution (CVE-2021-44228)
https://github.com/cbuschka/log4j2-rce-recap
@BlueRedTeam
#Log4j2
Little recap of the log4j2 remote code execution (CVE-2021-44228)
https://github.com/cbuschka/log4j2-rce-recap
@BlueRedTeam
GitHub
GitHub - cbuschka/log4j2-rce-recap: Little recap of the log4j2 remote code execution (CVE-2021-44228)
Little recap of the log4j2 remote code execution (CVE-2021-44228) - GitHub - cbuschka/log4j2-rce-recap: Little recap of the log4j2 remote code execution (CVE-2021-44228)
#Red_Team
In this Project I played both roles Red as a Pentester and Blue as an Analyst.
https://github.com/Fischer-Maris/Red-team-Blue-team-Project
@BlueRedTeam
In this Project I played both roles Red as a Pentester and Blue as an Analyst.
https://github.com/Fischer-Maris/Red-team-Blue-team-Project
@BlueRedTeam
GitHub
GitHub - Fischer-Maris/Red-team-Blue-team-Project: In this Project, I played both roles Red as a Pentester and Blue as an Analyst.…
In this Project, I played both roles Red as a Pentester and Blue as an Analyst. After I was done with both the Red and Blue team testing and analyzing I created a presentation of my findings. - Fis...
#CVE-2021
#Log4j
#Log4Shell
A testing noscript that checks for vulnerable Log4j Log4Shell (CVE-2021-44228) systems using injection of the payload in common HTTP headers and as a part of a HTTP GET request.
https://github.com/NorthwaveSecurity/log4jcheck
@BlueRedTeam
#Log4j
#Log4Shell
A testing noscript that checks for vulnerable Log4j Log4Shell (CVE-2021-44228) systems using injection of the payload in common HTTP headers and as a part of a HTTP GET request.
https://github.com/NorthwaveSecurity/log4jcheck
@BlueRedTeam
GitHub
GitHub - NorthwaveSecurity/log4jcheck: A noscript that checks for vulnerable Log4j (CVE-2021-44228) systems using injection of the…
A noscript that checks for vulnerable Log4j (CVE-2021-44228) systems using injection of the payload in common HTTP headers. - NorthwaveSecurity/log4jcheck
#CVE-2021
#Log4j2
#Log4Shell
Find vulnerable Log4j2 versions on disk and also inside Java Archive Files (Log4Shell CVE-2021-44228)
https://github.com/fox-it/log4j-finder
@BlueRedTeam
#Log4j2
#Log4Shell
Find vulnerable Log4j2 versions on disk and also inside Java Archive Files (Log4Shell CVE-2021-44228)
https://github.com/fox-it/log4j-finder
@BlueRedTeam
GitHub
GitHub - fox-it/log4j-finder: Find vulnerable Log4j2 versions on disk and also inside Java Archive Files (Log4Shell CVE-2021-44228…
Find vulnerable Log4j2 versions on disk and also inside Java Archive Files (Log4Shell CVE-2021-44228, CVE-2021-45046, CVE-2021-45105) - fox-it/log4j-finder
#CVE-2021
#Log4Shell
#Log4j
Bash and PowerShell noscripts to scan a local filesystem for Log4j components vulnerable to CVE-2021-44228 / Log4Shell.
https://github.com/Occamsec/log4j-checker
@BlueRedTeam
#Log4Shell
#Log4j
Bash and PowerShell noscripts to scan a local filesystem for Log4j components vulnerable to CVE-2021-44228 / Log4Shell.
https://github.com/Occamsec/log4j-checker
@BlueRedTeam
GitHub
GitHub - Occamsec/log4j-checker: Bash and PowerShell noscripts to scan a local filesystem for Log4j .jar files which could be vulnerable…
Bash and PowerShell noscripts to scan a local filesystem for Log4j .jar files which could be vulnerable to CVE-2021-44228 aka Log4Shell. - GitHub - Occamsec/log4j-checker: Bash and PowerShell noscripts...
#CVE-2021
#Log4j
log4j version 1 with a patch for CVE-2021-44228 vulnerability
https://github.com/p3dr16k/log4j-1.2.15-mod
@BlueRedTeam
#Log4j
log4j version 1 with a patch for CVE-2021-44228 vulnerability
https://github.com/p3dr16k/log4j-1.2.15-mod
@BlueRedTeam
GitHub
GitHub - p3dr16k/log4j-1.2.15-mod: log4j version 1 with a patch for CVE-2021-44228 vulnerability
log4j version 1 with a patch for CVE-2021-44228 vulnerability - GitHub - p3dr16k/log4j-1.2.15-mod: log4j version 1 with a patch for CVE-2021-44228 vulnerability
#CVE-2021
#Log4Shell
Details : CVE-2021-44228
https://github.com/34zY/JNDI-Exploit-1.2-log4shell-
@BlueRedTeam
#Log4Shell
Details : CVE-2021-44228
https://github.com/34zY/JNDI-Exploit-1.2-log4shell-
@BlueRedTeam
#CVE-2021
GitHub CodeQL Action to scan for CVE-2021–44228
https://github.com/benarculus/detecting-cve-2021-44228
@BlueRedTeam
GitHub CodeQL Action to scan for CVE-2021–44228
https://github.com/benarculus/detecting-cve-2021-44228
@BlueRedTeam
#CVE-2021
#Log4Shell
The vulnerability, which can allow an attacker to execute arbitrary code by sending crafted log messages, has been identified as CVE-2021-44228 and given the name Log4Shell.
https://github.com/ReynerGonzalez/Security-Log4J-Tester
@BlueRedTeam
#Log4Shell
The vulnerability, which can allow an attacker to execute arbitrary code by sending crafted log messages, has been identified as CVE-2021-44228 and given the name Log4Shell.
https://github.com/ReynerGonzalez/Security-Log4J-Tester
@BlueRedTeam
GitHub
GitHub - ReynerGonzalez/Security-Log4J-Tester: The vulnerability, which can allow an attacker to execute arbitrary code by sending…
The vulnerability, which can allow an attacker to execute arbitrary code by sending crafted log messages, has been identified as CVE-2021-44228 and given the name Log4Shell. - GitHub - ReynerGonzal...
#CVE-2021
CVE-2021-44228
https://github.com/ShaneKingBlog/org.shaneking.demo.cve.y2021.s44228
@BlueRedTeam
CVE-2021-44228
https://github.com/ShaneKingBlog/org.shaneking.demo.cve.y2021.s44228
@BlueRedTeam
GitHub
GitHub - ShaneKingBlog/org.shaneking.demo.cve.y2021.s44228: CVE-2021-44228
CVE-2021-44228. Contribute to ShaneKingBlog/org.shaneking.demo.cve.y2021.s44228 development by creating an account on GitHub.
#CVE-2021
#Log4j
Repo containing all info, noscripts, etc. related to CVE-2021-44228
https://github.com/wortell/log4j
@BlueRedTeam
#Log4j
Repo containing all info, noscripts, etc. related to CVE-2021-44228
https://github.com/wortell/log4j
@BlueRedTeam
GitHub
GitHub - wortell/log4j: Repo containing all info, noscripts, etc. related to CVE-2021-44228
Repo containing all info, noscripts, etc. related to CVE-2021-44228 - wortell/log4j
#Log4j
#CVE-2021
Internal network honeypot for detecting if an attacker or insider threat scans your network for log4j CVE-2021-44228
https://github.com/BinaryDefense/log4j-honeypot-flask
@BlueRedTeam
#CVE-2021
Internal network honeypot for detecting if an attacker or insider threat scans your network for log4j CVE-2021-44228
https://github.com/BinaryDefense/log4j-honeypot-flask
@BlueRedTeam
GitHub
GitHub - BinaryDefense/log4j-honeypot-flask: Internal network honeypot for detecting if an attacker or insider threat scans your…
Internal network honeypot for detecting if an attacker or insider threat scans your network for log4j CVE-2021-44228 - BinaryDefense/log4j-honeypot-flask
#CVE-2021
#log4j
#Log4Shell
Scanner to send specially crafted requests and catch callbacks of systems that are impacted by Log4J Log4Shell vulnerability (CVE-2021-44228)
https://github.com/hupe1980/scan4log4shell
@BlueRedTeam
#log4j
#Log4Shell
Scanner to send specially crafted requests and catch callbacks of systems that are impacted by Log4J Log4Shell vulnerability (CVE-2021-44228)
https://github.com/hupe1980/scan4log4shell
@BlueRedTeam
GitHub
GitHub - hupe1980/scan4log4shell: Scanner to send specially crafted requests and catch callbacks of systems that are impacted by…
Scanner to send specially crafted requests and catch callbacks of systems that are impacted by log4j log4shell vulnerability and to detect vulnerable log4j versions on your local file-system - hupe...