#CVE-2021
#Log4j
A vulnerable device scanner for CVE-2021-44228 (Log4j)
https://github.com/sblmnl/Scan4j
@BlueRedTeam
#Log4j
A vulnerable device scanner for CVE-2021-44228 (Log4j)
https://github.com/sblmnl/Scan4j
@BlueRedTeam
#CVE-2021
#Log4j
can find, analyse and patch Log4J files because of CVE-2021-44228, CVE-2021-45046
https://github.com/DANSI/PowerShell-Log4J-Scanner
@BlueRedTeam
#Log4j
can find, analyse and patch Log4J files because of CVE-2021-44228, CVE-2021-45046
https://github.com/DANSI/PowerShell-Log4J-Scanner
@BlueRedTeam
GitHub
GitHub - DANSI/PowerShell-Log4J-Scanner: can find, analyse and patch Log4J files because of CVE-2021-44228, CVE-2021-45046
can find, analyse and patch Log4J files because of CVE-2021-44228, CVE-2021-45046 - DANSI/PowerShell-Log4J-Scanner
#CVE-2021
#Log4j
CVE-2021-4438 LOG4J - Remote excution
https://github.com/longnguyen-2k/log4j
@BlueRedTeam
#Log4j
CVE-2021-4438 LOG4J - Remote excution
https://github.com/longnguyen-2k/log4j
@BlueRedTeam
#Blue_Team
#Log4Shell
Nmap NSE noscripts to check against log4shell/LogJam vulnerabilities (CVE-2021-44228)
https://github.com/Diverto/nse-log4shell
@BlueRedTeam
#Log4Shell
Nmap NSE noscripts to check against log4shell/LogJam vulnerabilities (CVE-2021-44228)
https://github.com/Diverto/nse-log4shell
@BlueRedTeam
GitHub
GitHub - Diverto/nse-log4shell: Nmap NSE noscripts to check against log4shell or LogJam vulnerabilities (CVE-2021-44228)
Nmap NSE noscripts to check against log4shell or LogJam vulnerabilities (CVE-2021-44228) - Diverto/nse-log4shell
#Red_Team
1. Price Manipulation Bypass Using Integer Overflow Method
https://marxchryz.medium.com/price-manipulation-bypass-using-integer-overflow-method-36ff23ebe91d
2. Bypassing Box’s Time-based One-Time Password MFA
https://www.varonis.com/blog/box-mfa-bypass-totp
@BlueRedTeam
1. Price Manipulation Bypass Using Integer Overflow Method
https://marxchryz.medium.com/price-manipulation-bypass-using-integer-overflow-method-36ff23ebe91d
2. Bypassing Box’s Time-based One-Time Password MFA
https://www.varonis.com/blog/box-mfa-bypass-totp
@BlueRedTeam
Medium
Price Manipulation Bypass Using Integer Overflow Method
Hello everyone, I am Marx Chryz and I do bug bounty hunting for about a year now. It’s also been two and a half years since I started doing…
#CVE-2021
#Log4j
Simple Python 3 noscript to detect the \"Log4j\" Java library vulnerability (CVE-2021-44228) for a list of URLs with multithreading
https://github.com/kal1gh0st/MyLog4Shell
@BlueRedTeam
#Log4j
Simple Python 3 noscript to detect the \"Log4j\" Java library vulnerability (CVE-2021-44228) for a list of URLs with multithreading
https://github.com/kal1gh0st/MyLog4Shell
@BlueRedTeam
GitHub
GitHub - kal1gh0st/MyLog4Shell: Simple Python 3 noscript to detect the "Log4j" Java library vulnerability (CVE-2021-44228) for a…
Simple Python 3 noscript to detect the "Log4j" Java library vulnerability (CVE-2021-44228) for a list of URLs with multithreading - GitHub - kal1gh0st/MyLog4Shell: Simple Python 3 s...
#Log4j
#CVE-2021
Log4j_dos_CVE-2021-45105
https://github.com/cckuailong/Log4j_dos_CVE-2021-45105
@BlueRedTeam
#CVE-2021
Log4j_dos_CVE-2021-45105
https://github.com/cckuailong/Log4j_dos_CVE-2021-45105
@BlueRedTeam
GitHub
GitHub - cckuailong/Log4j_dos_CVE-2021-45105: Log4j_dos_CVE-2021-45105
Log4j_dos_CVE-2021-45105. Contribute to cckuailong/Log4j_dos_CVE-2021-45105 development by creating an account on GitHub.
#exploit
1. Android: apps have VM_MAYWRITE access to shared zygote JIT mapping
https://bugs.chromium.org/p/project-zero/issues/detail?id=2227
2. CVE-2021-45105:
Log4j2 DOS
https://github.com/cckuailong/Log4j_dos_CVE-2021-45105
@BlueRedTeam
1. Android: apps have VM_MAYWRITE access to shared zygote JIT mapping
https://bugs.chromium.org/p/project-zero/issues/detail?id=2227
2. CVE-2021-45105:
Log4j2 DOS
https://github.com/cckuailong/Log4j_dos_CVE-2021-45105
@BlueRedTeam
GitHub
GitHub - cckuailong/Log4j_dos_CVE-2021-45105: Log4j_dos_CVE-2021-45105
Log4j_dos_CVE-2021-45105. Contribute to cckuailong/Log4j_dos_CVE-2021-45105 development by creating an account on GitHub.
#Red_Team
1. Alternative Process Injection
https://www.netero1010-securitylab.com/eavsion/alternative-process-injection
2. HTTP Parameter Pollution
https://medium.com/geekculture/http-parameter-pollution-981af7894c6e
@BlueRedTeam
1. Alternative Process Injection
https://www.netero1010-securitylab.com/eavsion/alternative-process-injection
2. HTTP Parameter Pollution
https://medium.com/geekculture/http-parameter-pollution-981af7894c6e
@BlueRedTeam
Netero1010-Securitylab
Alternative Process Injection | Netero1010 Security Lab
21 December 2021
#Red_Team
In this project, I acted as both Red Team and Blue Team, alternately, and examined the Kibana log files that were created by my Red Team actions.
https://github.com/Symantha/Project_2-RedTeam-vs-BlueTeam
@BlueRedTeam
In this project, I acted as both Red Team and Blue Team, alternately, and examined the Kibana log files that were created by my Red Team actions.
https://github.com/Symantha/Project_2-RedTeam-vs-BlueTeam
@BlueRedTeam
GitHub
GitHub - Symantha/Project_2-RedTeam-vs-BlueTeam: In this project, I acted as both Red Team and Blue Team, alternately, and examined…
In this project, I acted as both Red Team and Blue Team, alternately, and examined the Kibana log files that were created by my Red Team actions. - GitHub - Symantha/Project_2-RedTeam-vs-BlueTeam: ...
#CVE-2021
#Log4Shell
Searches filesystem for CVE-2021-44228 and CVE-2021-45046 vulnerable instances, including embedded (jar/war/zip) packaged ones.
https://github.com/HynekPetrak/log4shell_finder
@BlueRedTeam
#Log4Shell
Searches filesystem for CVE-2021-44228 and CVE-2021-45046 vulnerable instances, including embedded (jar/war/zip) packaged ones.
https://github.com/HynekPetrak/log4shell_finder
@BlueRedTeam
GitHub
GitHub - HynekPetrak/log4shell-finder: Fastest filesystem scanner for log4shell (CVE-2021-44228, CVE-2021-45046) and other vulnerable…
Fastest filesystem scanner for log4shell (CVE-2021-44228, CVE-2021-45046) and other vulnerable (CVE-2017-5645, CVE-2019-17571, CVE-2022-23305, CVE-2022-23307 ... ) instances of log4j library. Excel...
#CVE-2021
#log4j
Vulerability analysis, patch management and exploitation tool CVE-2021-44228 / CVE-2021-45046 / CVE-2021-4104
https://github.com/TheInterception/Log4J-Simulation-Tool
@BlueRedTeam
#log4j
Vulerability analysis, patch management and exploitation tool CVE-2021-44228 / CVE-2021-45046 / CVE-2021-4104
https://github.com/TheInterception/Log4J-Simulation-Tool
@BlueRedTeam
GitHub
GitHub - TheInterception/Log4J-Simulation-Tool: Vulnerability analysis, patch management and exploitation tool forCVE-2021-44228…
Vulnerability analysis, patch management and exploitation tool forCVE-2021-44228 / CVE-2021-45046 / CVE-2021-4104 - TheInterception/Log4J-Simulation-Tool
#Red_Team
1. Primary Access Token Manipulation
https://www.ired.team/offensive-security/privilege-escalation/t1134-access-token-manipulation
2. Cover tracks during Linux Exploitation by leaving zero traces on system logs and filesystem timestamps
https://github.com/mufeedvh/moonwalk
@BlueRedTeam
1. Primary Access Token Manipulation
https://www.ired.team/offensive-security/privilege-escalation/t1134-access-token-manipulation
2. Cover tracks during Linux Exploitation by leaving zero traces on system logs and filesystem timestamps
https://github.com/mufeedvh/moonwalk
@BlueRedTeam
www.ired.team
Primary Access Token Manipulation | Red Team Notes
Defense Evasion, Privilege Escalation by stealing an re-using security access tokens.
#exploit
1. Microsoft Office Word MSHTML RCE
https://github.com/34zY/Microsoft-Office-Word-MSHTML-Remote-Code-Execution-Exploit
2. HSMX Internet Gateway Vulnerability Exploitation including RCE - a guest Wi-Fi system used in hundreds of hotels
https://web.archive.org/web/20211123141312/http://etizazmohsin.com/hsmx.html
@BlueRedTeam
1. Microsoft Office Word MSHTML RCE
https://github.com/34zY/Microsoft-Office-Word-MSHTML-Remote-Code-Execution-Exploit
2. HSMX Internet Gateway Vulnerability Exploitation including RCE - a guest Wi-Fi system used in hundreds of hotels
https://web.archive.org/web/20211123141312/http://etizazmohsin.com/hsmx.html
@BlueRedTeam
GitHub
GitHub - 34zY/Microsoft-Office-Word-MSHTML-Remote-Code-Execution-Exploit: CVE-2021-40444
CVE-2021-40444. Contribute to 34zY/Microsoft-Office-Word-MSHTML-Remote-Code-Execution-Exploit development by creating an account on GitHub.
#Red_Team
d4rk Ghost is a all in one hacking framework . Red Team Pentesting Framework it contains all things
https://github.com/d4rkconsole/d4rk_ghost
@BlueRedTeam
d4rk Ghost is a all in one hacking framework . Red Team Pentesting Framework it contains all things
https://github.com/d4rkconsole/d4rk_ghost
@BlueRedTeam
GitHub
GitHub - abhinavJha103/d4rk_ghost: It is all in One Pentesting tool . It Has modules , Information Gathering exploitation + vulnerability…
It is all in One Pentesting tool . It Has modules , Information Gathering exploitation + vulnerability scanning , proxy scraper and wordpress vulnerability scanning and more - GitHub - abhinavJ...
#tools
#Blue_Team
1. Catalyst is a SOAR system that helps to automate alert handling and incident response processes
https://github.com/SecurityBrewery/catalyst
2. Rogue Assembly Hunter is a utility for discovering 'interesting' .NET CLR modules in running processes
https://github.com/bohops/RogueAssemblyHunter
3. Detecting Anomalous Network Traffic Resulting from a Successful Log4j Attack
https://www.ironnet.com/blog/detecting-anomalous-network-traffic-resulting-from-a-successful-log4j-attack
@BlueRedTeam
#Blue_Team
1. Catalyst is a SOAR system that helps to automate alert handling and incident response processes
https://github.com/SecurityBrewery/catalyst
2. Rogue Assembly Hunter is a utility for discovering 'interesting' .NET CLR modules in running processes
https://github.com/bohops/RogueAssemblyHunter
3. Detecting Anomalous Network Traffic Resulting from a Successful Log4j Attack
https://www.ironnet.com/blog/detecting-anomalous-network-traffic-resulting-from-a-successful-log4j-attack
@BlueRedTeam
GitHub
GitHub - SecurityBrewery/catalyst: ⚡️ Catalyst is a self-hosted, open source incident response platform and ticket system that…
⚡️ Catalyst is a self-hosted, open source incident response platform and ticket system that helps to automate alert handling and incident response processes - SecurityBrewery/catalyst
#Red_Team
1. Inside a PBX - Discovering a Firmware Backdoor
https://blog.redteam-pentesting.de/2021/inside-a-pbx
2. RCE in Visual Studio Code's Remote WSL for Fun and Negative Profit
https://parsiya.net/blog/2021-12-20-rce-in-visual-studio-codes-remote-wsl-for-fun-and-negative-profit
3. Auerswald COMpact Multiple Backdoors
https://www.redteam-pentesting.de/en/advisories/rt-sa-2021-007/-auerswald-compact-multiple-backdoors
@BlueRedTeam
1. Inside a PBX - Discovering a Firmware Backdoor
https://blog.redteam-pentesting.de/2021/inside-a-pbx
2. RCE in Visual Studio Code's Remote WSL for Fun and Negative Profit
https://parsiya.net/blog/2021-12-20-rce-in-visual-studio-codes-remote-wsl-for-fun-and-negative-profit
3. Auerswald COMpact Multiple Backdoors
https://www.redteam-pentesting.de/en/advisories/rt-sa-2021-007/-auerswald-compact-multiple-backdoors
@BlueRedTeam
RedTeam Pentesting - Blog
Inside a PBX - Discovering a Firmware Backdoor
This blog post illustrates how RedTeam Pentesting discovered a real-world backdoor in a widely used Auerswald phone system (see also the advisory and CVE-2021-40859). We will describe the methodology used to find the backdoor by examining the …