#Red_Team
1. Escalate from a low-integrity Administrator account to NT AUTHORITY\SYSTEM without an LPE exploit by combining a COM UAC bypass and Token Impersonation
https://github.com/FULLSHADE/Auto-Elevate
2. AutoSUID is the project, the main idea of which is to automate harvesting the SUID executable files and to find
a way for further escalating the privileges
https://github.com/IvanGlinkin/AutoSUID
@BlueRedTeam
1. Escalate from a low-integrity Administrator account to NT AUTHORITY\SYSTEM without an LPE exploit by combining a COM UAC bypass and Token Impersonation
https://github.com/FULLSHADE/Auto-Elevate
2. AutoSUID is the project, the main idea of which is to automate harvesting the SUID executable files and to find
a way for further escalating the privileges
https://github.com/IvanGlinkin/AutoSUID
@BlueRedTeam
GitHub
GitHub - FULLSHADE/Auto-Elevate: Escalate from a low-integrity Administrator account to NT AUTHORITY\SYSTEM without an LPE exploit…
Escalate from a low-integrity Administrator account to NT AUTHORITY\SYSTEM without an LPE exploit by combining a COM UAC bypass and Token Impersonation - FULLSHADE/Auto-Elevate
#Blue_Team
1. LOLBins Are No Laughing Matter:
How Attackers Operate Quietly
https://www.uptycs.com/blog/lolbins-are-no-laughing-matter
2. Protection against CVE-2021-45046, the additional Log4j RCE vulnerability
https://blog.cloudflare.com/protection-against-cve-2021-45046-the-additional-log4j-rce-vulnerability
@BlueRedTeam
1. LOLBins Are No Laughing Matter:
How Attackers Operate Quietly
https://www.uptycs.com/blog/lolbins-are-no-laughing-matter
2. Protection against CVE-2021-45046, the additional Log4j RCE vulnerability
https://blog.cloudflare.com/protection-against-cve-2021-45046-the-additional-log4j-rce-vulnerability
@BlueRedTeam
Uptycs
LOLBins Are No Laughing Matter: How Attackers Operate Quietly
Recent threat research on living off the land binaries and how it affects cloud security.
#CVE-2021
#Log4Shell
Test exploit of CVE-2021-44228
https://github.com/wajda/log4shell-test-exploit
@BlueRedTeam
#Log4Shell
Test exploit of CVE-2021-44228
https://github.com/wajda/log4shell-test-exploit
@BlueRedTeam
GitHub
GitHub - wajda/log4shell-test-exploit: Test exploit of CVE-2021-44228
Test exploit of CVE-2021-44228. Contribute to wajda/log4shell-test-exploit development by creating an account on GitHub.
#CVE-2021
CVE-2021-43798 Grafana 任意文件读取漏洞 POC+参数
https://github.com/ScorpionsMAX/CVE-2021-43798-Grafana-POC
@BlueRedTeam
CVE-2021-43798 Grafana 任意文件读取漏洞 POC+参数
https://github.com/ScorpionsMAX/CVE-2021-43798-Grafana-POC
@BlueRedTeam
GitHub
GitHub - ScorpionsMAX/CVE-2021-43798-Grafana-POC: CVE-2021-43798 Grafana 任意文件读取漏洞 POC+参数
CVE-2021-43798 Grafana 任意文件读取漏洞 POC+参数. Contribute to ScorpionsMAX/CVE-2021-43798-Grafana-POC development by creating an account on GitHub.
#CVE-2021
#Log4Shell
A lab demonstration of the log4shell vulnerability: CVE-2021-44228
https://github.com/obscuritylabs/log4shell-poc-lab
@BlueRedTeam
#Log4Shell
A lab demonstration of the log4shell vulnerability: CVE-2021-44228
https://github.com/obscuritylabs/log4shell-poc-lab
@BlueRedTeam
GitHub
GitHub - obscuritylabs/log4shell-poc-lab: A lab demonstration of the log4shell vulnerability: CVE-2021-44228
A lab demonstration of the log4shell vulnerability: CVE-2021-44228 - GitHub - obscuritylabs/log4shell-poc-lab: A lab demonstration of the log4shell vulnerability: CVE-2021-44228
#CVE-2021
#Log4j
PoC RCE Log4j CVE-2021-4428 para pruebas
https://github.com/Grupo-Kapa-7/CVE-2021-44228-Log4j-PoC-RCE
@BlueRedTeam
#Log4j
PoC RCE Log4j CVE-2021-4428 para pruebas
https://github.com/Grupo-Kapa-7/CVE-2021-44228-Log4j-PoC-RCE
@BlueRedTeam
GitHub
GitHub - Grupo-Kapa-7/CVE-2021-44228-Log4j-PoC-RCE: PoC RCE Log4j CVE-2021-4428 para pruebas
PoC RCE Log4j CVE-2021-4428 para pruebas. Contribute to Grupo-Kapa-7/CVE-2021-44228-Log4j-PoC-RCE development by creating an account on GitHub.
#CVE-2021
#Log4Shell
An automated, reliable scanner for the Log4Shell (CVE-2021-44228) vulnerability.
https://github.com/redhuntlabs/Log4JHunt
@BlueRedTeam
#Log4Shell
An automated, reliable scanner for the Log4Shell (CVE-2021-44228) vulnerability.
https://github.com/redhuntlabs/Log4JHunt
@BlueRedTeam
GitHub
GitHub - redhuntlabs/Log4JHunt: An automated, reliable scanner for the Log4Shell (CVE-2021-44228) vulnerability.
An automated, reliable scanner for the Log4Shell (CVE-2021-44228) vulnerability. - redhuntlabs/Log4JHunt
#CVE-2021
#Log4j
CVE-2021-44228 vulnerability in Apache Log4j library
https://github.com/Heliferepo/log4j
@BlueRedTeam
#Log4j
CVE-2021-44228 vulnerability in Apache Log4j library
https://github.com/Heliferepo/log4j
@BlueRedTeam
#CVE-2021
#Log4j2
Log4j2 Vulnerability (CVE-2021-44228)
https://github.com/RenYuH/log4j-lookups-vulnerability
@BlueRedTeam
#Log4j2
Log4j2 Vulnerability (CVE-2021-44228)
https://github.com/RenYuH/log4j-lookups-vulnerability
@BlueRedTeam
GitHub
GitHub - RenYuH/log4j-lookups-vulnerability: Log4j2 Vulnerability (CVE-2021-44228)
Log4j2 Vulnerability (CVE-2021-44228). Contribute to RenYuH/log4j-lookups-vulnerability development by creating an account on GitHub.
#CVE-2021
#log4j
Scanner for the Log4j vulnerability dubbed Log4Shell (CVE-2021-44228)
https://github.com/scheibling/py-log4shellscanner
@BlueRedTeam
#log4j
Scanner for the Log4j vulnerability dubbed Log4Shell (CVE-2021-44228)
https://github.com/scheibling/py-log4shellscanner
@BlueRedTeam
GitHub
GitHub - scheibling/py-log4shellscanner: Scanner for the Log4j vulnerability dubbed Log4Shell (CVE-2021-44228)
Scanner for the Log4j vulnerability dubbed Log4Shell (CVE-2021-44228) - GitHub - scheibling/py-log4shellscanner: Scanner for the Log4j vulnerability dubbed Log4Shell (CVE-2021-44228)
#CVE-2021
#Log4Shell
Java application vulnerable to the CVE-2021-44228 (a.k.a log4shell) vulnerability
https://github.com/GroupePSA/log4shell-honeypot
@BlueRedTeam
#Log4Shell
Java application vulnerable to the CVE-2021-44228 (a.k.a log4shell) vulnerability
https://github.com/GroupePSA/log4shell-honeypot
@BlueRedTeam
#CVE-2021
#Log4j
The noscript \"Py3-detect-log4j-12.2021.py\" developed in Python 3 is responsible for detecting whether a list of URLs are vulnerable to CVE-2021-44228.
https://github.com/nx6110a5100/Py3-detect-log4j-12.2021
@BlueRedTeam
#Log4j
The noscript \"Py3-detect-log4j-12.2021.py\" developed in Python 3 is responsible for detecting whether a list of URLs are vulnerable to CVE-2021-44228.
https://github.com/nx6110a5100/Py3-detect-log4j-12.2021
@BlueRedTeam
#Blue_Team
Collection of PowerShell functinos and noscripts a Blue Teamer might use
https://github.com/tobor88/PowerShell-Blue-Team
@BlueRedTeam
Collection of PowerShell functinos and noscripts a Blue Teamer might use
https://github.com/tobor88/PowerShell-Blue-Team
@BlueRedTeam
GitHub
GitHub - tobor88/PowerShell-Blue-Team: Collection of PowerShell functinos and noscripts a Blue Teamer might use
Collection of PowerShell functinos and noscripts a Blue Teamer might use - tobor88/PowerShell-Blue-Team
#CVE-2021
#Log4Shell
Log4Shell (CVE-2021-44228) denoscription, exploitation and remediation
https://github.com/zane00/CVE-2021-44228
@BlueRedTeam
#Log4Shell
Log4Shell (CVE-2021-44228) denoscription, exploitation and remediation
https://github.com/zane00/CVE-2021-44228
@BlueRedTeam
GitHub
GitHub - zaneef/CVE-2021-44228: Log4Shell (CVE-2021-44228): Descrizione, Exploitation e Mitigazione
Log4Shell (CVE-2021-44228): Descrizione, Exploitation e Mitigazione - GitHub - zaneef/CVE-2021-44228: Log4Shell (CVE-2021-44228): Descrizione, Exploitation e Mitigazione
#CVE-2021
#Log4j
Provide patched version of Log4J against CVE-2021-44228 and CVE-2021-45046 as well as a noscript to manually patch it yourself
https://github.com/Aschen/log4j-patched
@BlueRedTeam
#Log4j
Provide patched version of Log4J against CVE-2021-44228 and CVE-2021-45046 as well as a noscript to manually patch it yourself
https://github.com/Aschen/log4j-patched
@BlueRedTeam
GitHub
GitHub - Aschen/log4j-patched: Provide patched version of Log4J against CVE-2021-44228 and CVE-2021-45046 as well as a noscript to…
Provide patched version of Log4J against CVE-2021-44228 and CVE-2021-45046 as well as a noscript to manually patch it yourself - Aschen/log4j-patched
#Red_Team
A Python package is used to execute Atomic Red Team tests (Atomics) across multiple operating system environments.
https://github.com/swimlane/atomic-operator
@BlueRedTeam
A Python package is used to execute Atomic Red Team tests (Atomics) across multiple operating system environments.
https://github.com/swimlane/atomic-operator
@BlueRedTeam
GitHub
GitHub - swimlane/atomic-operator: A Python package is used to execute Atomic Red Team tests (Atomics) across multiple operating…
A Python package is used to execute Atomic Red Team tests (Atomics) across multiple operating system environments. - swimlane/atomic-operator
#CVE-2021
#Log4j
Docker images and k8s YAMLs for Log4j Vulnerability POC (Log4j (CVE-2021-44228 RCE Vulnerability)
https://github.com/ankur-katiyar/log4j-docker
@BlueRedTeam
#Log4j
Docker images and k8s YAMLs for Log4j Vulnerability POC (Log4j (CVE-2021-44228 RCE Vulnerability)
https://github.com/ankur-katiyar/log4j-docker
@BlueRedTeam
GitHub
GitHub - ankur-katiyar/log4j-docker: Docker images and k8s YAMLs for Log4j Vulnerability POC (Log4j (CVE-2021-44228 RCE Vulnerability)
Docker images and k8s YAMLs for Log4j Vulnerability POC (Log4j (CVE-2021-44228 RCE Vulnerability) - GitHub - ankur-katiyar/log4j-docker: Docker images and k8s YAMLs for Log4j Vulnerability POC (Log...
#CVE-2021
#log4j
This project will help to test the Log4j CVE-2021-44228 vulnerability.
https://github.com/immunityinc/Log4j-JNDIServer
@BlueRedTeam
#log4j
This project will help to test the Log4j CVE-2021-44228 vulnerability.
https://github.com/immunityinc/Log4j-JNDIServer
@BlueRedTeam
GitHub
GitHub - immunityinc/Log4j-JNDIServer: This project will help to test the Log4j CVE-2021-44228 vulnerability.
This project will help to test the Log4j CVE-2021-44228 vulnerability. - GitHub - immunityinc/Log4j-JNDIServer: This project will help to test the Log4j CVE-2021-44228 vulnerability.
#CVE-2021
#Log4Shell
Simple Spring Boot application vulnerable to CVE-2021-44228 (a.k.a log4shell)
https://github.com/guerzon/log4shell
@BlueRedTeam
#Log4Shell
Simple Spring Boot application vulnerable to CVE-2021-44228 (a.k.a log4shell)
https://github.com/guerzon/log4shell
@BlueRedTeam
#CVE-2021
#Log4j
A simple noscript to remove Log4J JndiLookup.class from jars in a given directory, to temporarily protect from CVE-2021-45046 and CVE-2021-44228.
https://github.com/lukepasek/log4jjndilookupremove
@BlueRedTeam
#Log4j
A simple noscript to remove Log4J JndiLookup.class from jars in a given directory, to temporarily protect from CVE-2021-45046 and CVE-2021-44228.
https://github.com/lukepasek/log4jjndilookupremove
@BlueRedTeam
GitHub
GitHub - lukepasek/log4jjndilookupremove: A simple noscript to remove Log4J JndiLookup.class from jars in a given directory, to temporarily…
A simple noscript to remove Log4J JndiLookup.class from jars in a given directory, to temporarily protect from CVE-2021-45046 and CVE-2021-44228. - GitHub - lukepasek/log4jjndilookupremove: A simple ...