#CVE-2021
#Log4j
Simple Python 3 noscript to detect the \"Log4j\" Java library vulnerability (CVE-2021-44228) for a list of URLs with multithreading
https://github.com/kal1gh0st/MyLog4Shell
@BlueRedTeam
#Log4j
Simple Python 3 noscript to detect the \"Log4j\" Java library vulnerability (CVE-2021-44228) for a list of URLs with multithreading
https://github.com/kal1gh0st/MyLog4Shell
@BlueRedTeam
GitHub
GitHub - kal1gh0st/MyLog4Shell: Simple Python 3 noscript to detect the "Log4j" Java library vulnerability (CVE-2021-44228) for a…
Simple Python 3 noscript to detect the "Log4j" Java library vulnerability (CVE-2021-44228) for a list of URLs with multithreading - GitHub - kal1gh0st/MyLog4Shell: Simple Python 3 s...
#Log4j
#CVE-2021
Log4j_dos_CVE-2021-45105
https://github.com/cckuailong/Log4j_dos_CVE-2021-45105
@BlueRedTeam
#CVE-2021
Log4j_dos_CVE-2021-45105
https://github.com/cckuailong/Log4j_dos_CVE-2021-45105
@BlueRedTeam
GitHub
GitHub - cckuailong/Log4j_dos_CVE-2021-45105: Log4j_dos_CVE-2021-45105
Log4j_dos_CVE-2021-45105. Contribute to cckuailong/Log4j_dos_CVE-2021-45105 development by creating an account on GitHub.
#exploit
1. Android: apps have VM_MAYWRITE access to shared zygote JIT mapping
https://bugs.chromium.org/p/project-zero/issues/detail?id=2227
2. CVE-2021-45105:
Log4j2 DOS
https://github.com/cckuailong/Log4j_dos_CVE-2021-45105
@BlueRedTeam
1. Android: apps have VM_MAYWRITE access to shared zygote JIT mapping
https://bugs.chromium.org/p/project-zero/issues/detail?id=2227
2. CVE-2021-45105:
Log4j2 DOS
https://github.com/cckuailong/Log4j_dos_CVE-2021-45105
@BlueRedTeam
GitHub
GitHub - cckuailong/Log4j_dos_CVE-2021-45105: Log4j_dos_CVE-2021-45105
Log4j_dos_CVE-2021-45105. Contribute to cckuailong/Log4j_dos_CVE-2021-45105 development by creating an account on GitHub.
#Red_Team
1. Alternative Process Injection
https://www.netero1010-securitylab.com/eavsion/alternative-process-injection
2. HTTP Parameter Pollution
https://medium.com/geekculture/http-parameter-pollution-981af7894c6e
@BlueRedTeam
1. Alternative Process Injection
https://www.netero1010-securitylab.com/eavsion/alternative-process-injection
2. HTTP Parameter Pollution
https://medium.com/geekculture/http-parameter-pollution-981af7894c6e
@BlueRedTeam
Netero1010-Securitylab
Alternative Process Injection | Netero1010 Security Lab
21 December 2021
#Red_Team
In this project, I acted as both Red Team and Blue Team, alternately, and examined the Kibana log files that were created by my Red Team actions.
https://github.com/Symantha/Project_2-RedTeam-vs-BlueTeam
@BlueRedTeam
In this project, I acted as both Red Team and Blue Team, alternately, and examined the Kibana log files that were created by my Red Team actions.
https://github.com/Symantha/Project_2-RedTeam-vs-BlueTeam
@BlueRedTeam
GitHub
GitHub - Symantha/Project_2-RedTeam-vs-BlueTeam: In this project, I acted as both Red Team and Blue Team, alternately, and examined…
In this project, I acted as both Red Team and Blue Team, alternately, and examined the Kibana log files that were created by my Red Team actions. - GitHub - Symantha/Project_2-RedTeam-vs-BlueTeam: ...
#CVE-2021
#Log4Shell
Searches filesystem for CVE-2021-44228 and CVE-2021-45046 vulnerable instances, including embedded (jar/war/zip) packaged ones.
https://github.com/HynekPetrak/log4shell_finder
@BlueRedTeam
#Log4Shell
Searches filesystem for CVE-2021-44228 and CVE-2021-45046 vulnerable instances, including embedded (jar/war/zip) packaged ones.
https://github.com/HynekPetrak/log4shell_finder
@BlueRedTeam
GitHub
GitHub - HynekPetrak/log4shell-finder: Fastest filesystem scanner for log4shell (CVE-2021-44228, CVE-2021-45046) and other vulnerable…
Fastest filesystem scanner for log4shell (CVE-2021-44228, CVE-2021-45046) and other vulnerable (CVE-2017-5645, CVE-2019-17571, CVE-2022-23305, CVE-2022-23307 ... ) instances of log4j library. Excel...
#CVE-2021
#log4j
Vulerability analysis, patch management and exploitation tool CVE-2021-44228 / CVE-2021-45046 / CVE-2021-4104
https://github.com/TheInterception/Log4J-Simulation-Tool
@BlueRedTeam
#log4j
Vulerability analysis, patch management and exploitation tool CVE-2021-44228 / CVE-2021-45046 / CVE-2021-4104
https://github.com/TheInterception/Log4J-Simulation-Tool
@BlueRedTeam
GitHub
GitHub - TheInterception/Log4J-Simulation-Tool: Vulnerability analysis, patch management and exploitation tool forCVE-2021-44228…
Vulnerability analysis, patch management and exploitation tool forCVE-2021-44228 / CVE-2021-45046 / CVE-2021-4104 - TheInterception/Log4J-Simulation-Tool
#Red_Team
1. Primary Access Token Manipulation
https://www.ired.team/offensive-security/privilege-escalation/t1134-access-token-manipulation
2. Cover tracks during Linux Exploitation by leaving zero traces on system logs and filesystem timestamps
https://github.com/mufeedvh/moonwalk
@BlueRedTeam
1. Primary Access Token Manipulation
https://www.ired.team/offensive-security/privilege-escalation/t1134-access-token-manipulation
2. Cover tracks during Linux Exploitation by leaving zero traces on system logs and filesystem timestamps
https://github.com/mufeedvh/moonwalk
@BlueRedTeam
www.ired.team
Primary Access Token Manipulation | Red Team Notes
Defense Evasion, Privilege Escalation by stealing an re-using security access tokens.
#exploit
1. Microsoft Office Word MSHTML RCE
https://github.com/34zY/Microsoft-Office-Word-MSHTML-Remote-Code-Execution-Exploit
2. HSMX Internet Gateway Vulnerability Exploitation including RCE - a guest Wi-Fi system used in hundreds of hotels
https://web.archive.org/web/20211123141312/http://etizazmohsin.com/hsmx.html
@BlueRedTeam
1. Microsoft Office Word MSHTML RCE
https://github.com/34zY/Microsoft-Office-Word-MSHTML-Remote-Code-Execution-Exploit
2. HSMX Internet Gateway Vulnerability Exploitation including RCE - a guest Wi-Fi system used in hundreds of hotels
https://web.archive.org/web/20211123141312/http://etizazmohsin.com/hsmx.html
@BlueRedTeam
GitHub
GitHub - 34zY/Microsoft-Office-Word-MSHTML-Remote-Code-Execution-Exploit: CVE-2021-40444
CVE-2021-40444. Contribute to 34zY/Microsoft-Office-Word-MSHTML-Remote-Code-Execution-Exploit development by creating an account on GitHub.
#Red_Team
d4rk Ghost is a all in one hacking framework . Red Team Pentesting Framework it contains all things
https://github.com/d4rkconsole/d4rk_ghost
@BlueRedTeam
d4rk Ghost is a all in one hacking framework . Red Team Pentesting Framework it contains all things
https://github.com/d4rkconsole/d4rk_ghost
@BlueRedTeam
GitHub
GitHub - abhinavJha103/d4rk_ghost: It is all in One Pentesting tool . It Has modules , Information Gathering exploitation + vulnerability…
It is all in One Pentesting tool . It Has modules , Information Gathering exploitation + vulnerability scanning , proxy scraper and wordpress vulnerability scanning and more - GitHub - abhinavJ...
#tools
#Blue_Team
1. Catalyst is a SOAR system that helps to automate alert handling and incident response processes
https://github.com/SecurityBrewery/catalyst
2. Rogue Assembly Hunter is a utility for discovering 'interesting' .NET CLR modules in running processes
https://github.com/bohops/RogueAssemblyHunter
3. Detecting Anomalous Network Traffic Resulting from a Successful Log4j Attack
https://www.ironnet.com/blog/detecting-anomalous-network-traffic-resulting-from-a-successful-log4j-attack
@BlueRedTeam
#Blue_Team
1. Catalyst is a SOAR system that helps to automate alert handling and incident response processes
https://github.com/SecurityBrewery/catalyst
2. Rogue Assembly Hunter is a utility for discovering 'interesting' .NET CLR modules in running processes
https://github.com/bohops/RogueAssemblyHunter
3. Detecting Anomalous Network Traffic Resulting from a Successful Log4j Attack
https://www.ironnet.com/blog/detecting-anomalous-network-traffic-resulting-from-a-successful-log4j-attack
@BlueRedTeam
GitHub
GitHub - SecurityBrewery/catalyst: ⚡️ Catalyst is a self-hosted, open source incident response platform and ticket system that…
⚡️ Catalyst is a self-hosted, open source incident response platform and ticket system that helps to automate alert handling and incident response processes - SecurityBrewery/catalyst
#Red_Team
1. Inside a PBX - Discovering a Firmware Backdoor
https://blog.redteam-pentesting.de/2021/inside-a-pbx
2. RCE in Visual Studio Code's Remote WSL for Fun and Negative Profit
https://parsiya.net/blog/2021-12-20-rce-in-visual-studio-codes-remote-wsl-for-fun-and-negative-profit
3. Auerswald COMpact Multiple Backdoors
https://www.redteam-pentesting.de/en/advisories/rt-sa-2021-007/-auerswald-compact-multiple-backdoors
@BlueRedTeam
1. Inside a PBX - Discovering a Firmware Backdoor
https://blog.redteam-pentesting.de/2021/inside-a-pbx
2. RCE in Visual Studio Code's Remote WSL for Fun and Negative Profit
https://parsiya.net/blog/2021-12-20-rce-in-visual-studio-codes-remote-wsl-for-fun-and-negative-profit
3. Auerswald COMpact Multiple Backdoors
https://www.redteam-pentesting.de/en/advisories/rt-sa-2021-007/-auerswald-compact-multiple-backdoors
@BlueRedTeam
RedTeam Pentesting - Blog
Inside a PBX - Discovering a Firmware Backdoor
This blog post illustrates how RedTeam Pentesting discovered a real-world backdoor in a widely used Auerswald phone system (see also the advisory and CVE-2021-40859). We will describe the methodology used to find the backdoor by examining the …
#exploit
1. CVE-2021-4061:
Type Confusion in V8
https://github.com/msrkp/exploits/tree/main/CVE-2021-4061
2. CVE-2021-43224:
Windows Common Log File System Driver PoC
https://github.com/KaLendsi/CVE-2021-43224-POC
@BlueRedTeam
1. CVE-2021-4061:
Type Confusion in V8
https://github.com/msrkp/exploits/tree/main/CVE-2021-4061
2. CVE-2021-43224:
Windows Common Log File System Driver PoC
https://github.com/KaLendsi/CVE-2021-43224-POC
@BlueRedTeam
GitHub
exploits/CVE-2021-4061 at main · msrkp/exploits
'>"><img src=x onerror=alert(1) /><b>asd</b>. Contribute to msrkp/exploits development by creating an account on GitHub.
#CVE-2021
#Log4j
#CheetSheet
Log4J CVE-2021-44228 : Mitigation Cheat Sheet
https://github.com/thedevappsecguy/Log4J-Mitigation-CVE-2021-44228--CVE-2021-45046--CVE-2021-45105
@BlueRedTeam
#Log4j
#CheetSheet
Log4J CVE-2021-44228 : Mitigation Cheat Sheet
https://github.com/thedevappsecguy/Log4J-Mitigation-CVE-2021-44228--CVE-2021-45046--CVE-2021-45105
@BlueRedTeam
GitHub
GitHub - thedevappsecguy/Log4J-Mitigation-CVE-2021-44228--CVE-2021-45046--CVE-2021-45105--CVE-2021-44832: Log4J CVE-2021-44228…
Log4J CVE-2021-44228 : Mitigation Cheat Sheet. Contribute to thedevappsecguy/Log4J-Mitigation-CVE-2021-44228--CVE-2021-45046--CVE-2021-45105--CVE-2021-44832 development by creating an account on Gi...
#exploit
1. CVE-2021-44659:
Adding a new pipeline in GoCD server 21.3.0 has a functionality that could be abused to do an un-intended action in order to achieve a SSRF
https://github.com/Mesh3l911/CVE-2021-44659
2. A buffer overflow vulnerability in a babykernel.ko driver. The exploit is written in a way to bypass SMEP protection and the technique used is ret2usr
https://github.com/0x3SC4L4T3/Babykernel-ctf-ret2usr
@BlueRedTeam
1. CVE-2021-44659:
Adding a new pipeline in GoCD server 21.3.0 has a functionality that could be abused to do an un-intended action in order to achieve a SSRF
https://github.com/Mesh3l911/CVE-2021-44659
2. A buffer overflow vulnerability in a babykernel.ko driver. The exploit is written in a way to bypass SMEP protection and the technique used is ret2usr
https://github.com/0x3SC4L4T3/Babykernel-ctf-ret2usr
@BlueRedTeam
#Red_Team
1. macOS Gatekeeper Bypass (CVE-2021-30853)
https://objective-see.com/blog/blog_0x6A.html
2. Responder and IPv6 attacks
https://g-laurent.blogspot.com/2021/12/responder-and-ipv6-attacks.html?m=1
@BlueRedTeam
1. macOS Gatekeeper Bypass (CVE-2021-30853)
https://objective-see.com/blog/blog_0x6A.html
2. Responder and IPv6 attacks
https://g-laurent.blogspot.com/2021/12/responder-and-ipv6-attacks.html?m=1
@BlueRedTeam
Blogspot
Responder and IPv6 attacks
Responder 3.1.1.0 comes with full IPv6 support by default, which allows you to perform more attacks on IPv4 and IPv6 networks. As pointed b...
#Blue_Team
1. This tool reveals hidden desktops and investigate processes/threads utilizing hidden desktops
https://github.com/AgigoNoTana/HiddenDesktopViewer
2. Analysis of Log4jShell Attack
https://www.goggleheadedhacker.com/blog/post/log4jshell-analysis
@BlueRedTeam
1. This tool reveals hidden desktops and investigate processes/threads utilizing hidden desktops
https://github.com/AgigoNoTana/HiddenDesktopViewer
2. Analysis of Log4jShell Attack
https://www.goggleheadedhacker.com/blog/post/log4jshell-analysis
@BlueRedTeam
GitHub
GitHub - AgigoNoTana/HiddenDesktopViewer: This tool reveals hidden desktops and investigate processes/threads utilizing hidden…
This tool reveals hidden desktops and investigate processes/threads utilizing hidden desktops - AgigoNoTana/HiddenDesktopViewer
#Log4j
Examining Log4j Vulnerabilities in Connected Cars
and Charging Stations
https://www.trendmicro.com/en_us/research/21/l/examining-log4j-vulnerabilities-in-connected-cars.html
@BlueRedTeam
Examining Log4j Vulnerabilities in Connected Cars
and Charging Stations
https://www.trendmicro.com/en_us/research/21/l/examining-log4j-vulnerabilities-in-connected-cars.html
@BlueRedTeam
Trend Micro
Examining Log4j Vulnerabilities in Connected Cars and Charging Stations
In this entry we look into how Log4j vulnerabilities affect devices or properties embedded in or used for connected cars, specifically chargers, in-vehicle infotainment systems, and digital remotes for opening cars.
#Red_Team
1. Path traversal in Grafana 8.x allows UnAuth arbitrary local file read
https://hackerone.com/reports/1415820
2. Flickr Account Takeover
https://security.lauritz-holtmann.de/advisories/flickr-account-takeover
@BlueRedTeam
1. Path traversal in Grafana 8.x allows UnAuth arbitrary local file read
https://hackerone.com/reports/1415820
2. Flickr Account Takeover
https://security.lauritz-holtmann.de/advisories/flickr-account-takeover
@BlueRedTeam
HackerOne
Aiven Ltd disclosed on HackerOne: Zero day path traversal...
## Summary:
Hi team,
I've found a path traversal issue in the Grafana instances hosted on the Aiven platforms. With the path traversal it's possible for an unauthenticated user to read arbitrary...
Hi team,
I've found a path traversal issue in the Grafana instances hosted on the Aiven platforms. With the path traversal it's possible for an unauthenticated user to read arbitrary...