#exploit
1. Microsoft Office Word MSHTML RCE
https://github.com/34zY/Microsoft-Office-Word-MSHTML-Remote-Code-Execution-Exploit
2. HSMX Internet Gateway Vulnerability Exploitation including RCE - a guest Wi-Fi system used in hundreds of hotels
https://web.archive.org/web/20211123141312/http://etizazmohsin.com/hsmx.html
@BlueRedTeam
1. Microsoft Office Word MSHTML RCE
https://github.com/34zY/Microsoft-Office-Word-MSHTML-Remote-Code-Execution-Exploit
2. HSMX Internet Gateway Vulnerability Exploitation including RCE - a guest Wi-Fi system used in hundreds of hotels
https://web.archive.org/web/20211123141312/http://etizazmohsin.com/hsmx.html
@BlueRedTeam
GitHub
GitHub - 34zY/Microsoft-Office-Word-MSHTML-Remote-Code-Execution-Exploit: CVE-2021-40444
CVE-2021-40444. Contribute to 34zY/Microsoft-Office-Word-MSHTML-Remote-Code-Execution-Exploit development by creating an account on GitHub.
#Red_Team
d4rk Ghost is a all in one hacking framework . Red Team Pentesting Framework it contains all things
https://github.com/d4rkconsole/d4rk_ghost
@BlueRedTeam
d4rk Ghost is a all in one hacking framework . Red Team Pentesting Framework it contains all things
https://github.com/d4rkconsole/d4rk_ghost
@BlueRedTeam
GitHub
GitHub - abhinavJha103/d4rk_ghost: It is all in One Pentesting tool . It Has modules , Information Gathering exploitation + vulnerability…
It is all in One Pentesting tool . It Has modules , Information Gathering exploitation + vulnerability scanning , proxy scraper and wordpress vulnerability scanning and more - GitHub - abhinavJ...
#tools
#Blue_Team
1. Catalyst is a SOAR system that helps to automate alert handling and incident response processes
https://github.com/SecurityBrewery/catalyst
2. Rogue Assembly Hunter is a utility for discovering 'interesting' .NET CLR modules in running processes
https://github.com/bohops/RogueAssemblyHunter
3. Detecting Anomalous Network Traffic Resulting from a Successful Log4j Attack
https://www.ironnet.com/blog/detecting-anomalous-network-traffic-resulting-from-a-successful-log4j-attack
@BlueRedTeam
#Blue_Team
1. Catalyst is a SOAR system that helps to automate alert handling and incident response processes
https://github.com/SecurityBrewery/catalyst
2. Rogue Assembly Hunter is a utility for discovering 'interesting' .NET CLR modules in running processes
https://github.com/bohops/RogueAssemblyHunter
3. Detecting Anomalous Network Traffic Resulting from a Successful Log4j Attack
https://www.ironnet.com/blog/detecting-anomalous-network-traffic-resulting-from-a-successful-log4j-attack
@BlueRedTeam
GitHub
GitHub - SecurityBrewery/catalyst: ⚡️ Catalyst is a self-hosted, open source incident response platform and ticket system that…
⚡️ Catalyst is a self-hosted, open source incident response platform and ticket system that helps to automate alert handling and incident response processes - SecurityBrewery/catalyst
#Red_Team
1. Inside a PBX - Discovering a Firmware Backdoor
https://blog.redteam-pentesting.de/2021/inside-a-pbx
2. RCE in Visual Studio Code's Remote WSL for Fun and Negative Profit
https://parsiya.net/blog/2021-12-20-rce-in-visual-studio-codes-remote-wsl-for-fun-and-negative-profit
3. Auerswald COMpact Multiple Backdoors
https://www.redteam-pentesting.de/en/advisories/rt-sa-2021-007/-auerswald-compact-multiple-backdoors
@BlueRedTeam
1. Inside a PBX - Discovering a Firmware Backdoor
https://blog.redteam-pentesting.de/2021/inside-a-pbx
2. RCE in Visual Studio Code's Remote WSL for Fun and Negative Profit
https://parsiya.net/blog/2021-12-20-rce-in-visual-studio-codes-remote-wsl-for-fun-and-negative-profit
3. Auerswald COMpact Multiple Backdoors
https://www.redteam-pentesting.de/en/advisories/rt-sa-2021-007/-auerswald-compact-multiple-backdoors
@BlueRedTeam
RedTeam Pentesting - Blog
Inside a PBX - Discovering a Firmware Backdoor
This blog post illustrates how RedTeam Pentesting discovered a real-world backdoor in a widely used Auerswald phone system (see also the advisory and CVE-2021-40859). We will describe the methodology used to find the backdoor by examining the …
#exploit
1. CVE-2021-4061:
Type Confusion in V8
https://github.com/msrkp/exploits/tree/main/CVE-2021-4061
2. CVE-2021-43224:
Windows Common Log File System Driver PoC
https://github.com/KaLendsi/CVE-2021-43224-POC
@BlueRedTeam
1. CVE-2021-4061:
Type Confusion in V8
https://github.com/msrkp/exploits/tree/main/CVE-2021-4061
2. CVE-2021-43224:
Windows Common Log File System Driver PoC
https://github.com/KaLendsi/CVE-2021-43224-POC
@BlueRedTeam
GitHub
exploits/CVE-2021-4061 at main · msrkp/exploits
'>"><img src=x onerror=alert(1) /><b>asd</b>. Contribute to msrkp/exploits development by creating an account on GitHub.
#CVE-2021
#Log4j
#CheetSheet
Log4J CVE-2021-44228 : Mitigation Cheat Sheet
https://github.com/thedevappsecguy/Log4J-Mitigation-CVE-2021-44228--CVE-2021-45046--CVE-2021-45105
@BlueRedTeam
#Log4j
#CheetSheet
Log4J CVE-2021-44228 : Mitigation Cheat Sheet
https://github.com/thedevappsecguy/Log4J-Mitigation-CVE-2021-44228--CVE-2021-45046--CVE-2021-45105
@BlueRedTeam
GitHub
GitHub - thedevappsecguy/Log4J-Mitigation-CVE-2021-44228--CVE-2021-45046--CVE-2021-45105--CVE-2021-44832: Log4J CVE-2021-44228…
Log4J CVE-2021-44228 : Mitigation Cheat Sheet. Contribute to thedevappsecguy/Log4J-Mitigation-CVE-2021-44228--CVE-2021-45046--CVE-2021-45105--CVE-2021-44832 development by creating an account on Gi...
#exploit
1. CVE-2021-44659:
Adding a new pipeline in GoCD server 21.3.0 has a functionality that could be abused to do an un-intended action in order to achieve a SSRF
https://github.com/Mesh3l911/CVE-2021-44659
2. A buffer overflow vulnerability in a babykernel.ko driver. The exploit is written in a way to bypass SMEP protection and the technique used is ret2usr
https://github.com/0x3SC4L4T3/Babykernel-ctf-ret2usr
@BlueRedTeam
1. CVE-2021-44659:
Adding a new pipeline in GoCD server 21.3.0 has a functionality that could be abused to do an un-intended action in order to achieve a SSRF
https://github.com/Mesh3l911/CVE-2021-44659
2. A buffer overflow vulnerability in a babykernel.ko driver. The exploit is written in a way to bypass SMEP protection and the technique used is ret2usr
https://github.com/0x3SC4L4T3/Babykernel-ctf-ret2usr
@BlueRedTeam
#Red_Team
1. macOS Gatekeeper Bypass (CVE-2021-30853)
https://objective-see.com/blog/blog_0x6A.html
2. Responder and IPv6 attacks
https://g-laurent.blogspot.com/2021/12/responder-and-ipv6-attacks.html?m=1
@BlueRedTeam
1. macOS Gatekeeper Bypass (CVE-2021-30853)
https://objective-see.com/blog/blog_0x6A.html
2. Responder and IPv6 attacks
https://g-laurent.blogspot.com/2021/12/responder-and-ipv6-attacks.html?m=1
@BlueRedTeam
Blogspot
Responder and IPv6 attacks
Responder 3.1.1.0 comes with full IPv6 support by default, which allows you to perform more attacks on IPv4 and IPv6 networks. As pointed b...
#Blue_Team
1. This tool reveals hidden desktops and investigate processes/threads utilizing hidden desktops
https://github.com/AgigoNoTana/HiddenDesktopViewer
2. Analysis of Log4jShell Attack
https://www.goggleheadedhacker.com/blog/post/log4jshell-analysis
@BlueRedTeam
1. This tool reveals hidden desktops and investigate processes/threads utilizing hidden desktops
https://github.com/AgigoNoTana/HiddenDesktopViewer
2. Analysis of Log4jShell Attack
https://www.goggleheadedhacker.com/blog/post/log4jshell-analysis
@BlueRedTeam
GitHub
GitHub - AgigoNoTana/HiddenDesktopViewer: This tool reveals hidden desktops and investigate processes/threads utilizing hidden…
This tool reveals hidden desktops and investigate processes/threads utilizing hidden desktops - AgigoNoTana/HiddenDesktopViewer
#Log4j
Examining Log4j Vulnerabilities in Connected Cars
and Charging Stations
https://www.trendmicro.com/en_us/research/21/l/examining-log4j-vulnerabilities-in-connected-cars.html
@BlueRedTeam
Examining Log4j Vulnerabilities in Connected Cars
and Charging Stations
https://www.trendmicro.com/en_us/research/21/l/examining-log4j-vulnerabilities-in-connected-cars.html
@BlueRedTeam
Trend Micro
Examining Log4j Vulnerabilities in Connected Cars and Charging Stations
In this entry we look into how Log4j vulnerabilities affect devices or properties embedded in or used for connected cars, specifically chargers, in-vehicle infotainment systems, and digital remotes for opening cars.
#Red_Team
1. Path traversal in Grafana 8.x allows UnAuth arbitrary local file read
https://hackerone.com/reports/1415820
2. Flickr Account Takeover
https://security.lauritz-holtmann.de/advisories/flickr-account-takeover
@BlueRedTeam
1. Path traversal in Grafana 8.x allows UnAuth arbitrary local file read
https://hackerone.com/reports/1415820
2. Flickr Account Takeover
https://security.lauritz-holtmann.de/advisories/flickr-account-takeover
@BlueRedTeam
HackerOne
Aiven Ltd disclosed on HackerOne: Zero day path traversal...
## Summary:
Hi team,
I've found a path traversal issue in the Grafana instances hosted on the Aiven platforms. With the path traversal it's possible for an unauthenticated user to read arbitrary...
Hi team,
I've found a path traversal issue in the Grafana instances hosted on the Aiven platforms. With the path traversal it's possible for an unauthenticated user to read arbitrary...
#Blue_Team
#Log4j
How to exploit Log4j vulnerabilities in VMWare vCenter
https://www.sprocketsecurity.com/blog/how-to-exploit-log4j-vulnerabilities-in-vmware-vcenter
@BlueRedTeam
#Log4j
How to exploit Log4j vulnerabilities in VMWare vCenter
https://www.sprocketsecurity.com/blog/how-to-exploit-log4j-vulnerabilities-in-vmware-vcenter
@BlueRedTeam
Sprocket Security
How to exploit Log4j vulnerabilities in VMWare vCenter
A vulnerability was recently disclosed for the Java logging library, Log4j. The vulnerability is wide-reaching and affects both open source projects and enterprise software, meaning we need to understand how to ID and remediate it in our network environments.…
#Blue_Team
Zabbix vulnerability assessment plugin
https://github.com/vulnersCom/zabbix-threat-control
@BlueRedTeam
Zabbix vulnerability assessment plugin
https://github.com/vulnersCom/zabbix-threat-control
@BlueRedTeam
GitHub
GitHub - vulnersCom/zabbix-threat-control: Zabbix vulnerability assessment plugin
Zabbix vulnerability assessment plugin. Contribute to vulnersCom/zabbix-threat-control development by creating an account on GitHub.
#exploit
1. CVE 2020-14871:
Sun Solaris PoC Exploit
https://github.com/robidev/CVE-2020-14871-Exploit
2. CVE-2021-45105:
DoS via Uncontrolled Recursion in Log4j Strsubstitutor
https://www.zerodayinitiative.com/blog/2021/12/17/cve-2021-45105-denial-of-service-via-uncontrolled-recursion-in-log4j-strsubstitutor
@BlueRedTeam
1. CVE 2020-14871:
Sun Solaris PoC Exploit
https://github.com/robidev/CVE-2020-14871-Exploit
2. CVE-2021-45105:
DoS via Uncontrolled Recursion in Log4j Strsubstitutor
https://www.zerodayinitiative.com/blog/2021/12/17/cve-2021-45105-denial-of-service-via-uncontrolled-recursion-in-log4j-strsubstitutor
@BlueRedTeam
GitHub
GitHub - robidev/CVE-2020-14871-Exploit: This is a basic ROP based exploit for CVE 2020-14871. CVE 2020-14871 is a vulnerability…
This is a basic ROP based exploit for CVE 2020-14871. CVE 2020-14871 is a vulnerability in Sun Solaris systems libpam library, and exploitable over ssh - robidev/CVE-2020-14871-Exploit
#Blue_Team
Cache Poisoning at Scale:
Identifying and Exploiting over 70 Cache Poisoning vulnerabilities
https://youst.in/posts/cache-poisoning-at-scale
@BlueRedTeam
Cache Poisoning at Scale:
Identifying and Exploiting over 70 Cache Poisoning vulnerabilities
https://youst.in/posts/cache-poisoning-at-scale
@BlueRedTeam
#Red_Team
PHP LFI with Nginx Assistance
https://bierbaumer.net/security/php-lfi-with-nginx-assistance
@BlueRedTeam
PHP LFI with Nginx Assistance
https://bierbaumer.net/security/php-lfi-with-nginx-assistance
@BlueRedTeam
#Red_Team
Overlord - Red Teaming Infrastructure Automation
https://github.com/qsecure-labs/overlord
@BlueRedTeam
Overlord - Red Teaming Infrastructure Automation
https://github.com/qsecure-labs/overlord
@BlueRedTeam
GitHub
GitHub - qsecure-labs/overlord: Overlord - Red Teaming Infrastructure Automation
Overlord - Red Teaming Infrastructure Automation. Contribute to qsecure-labs/overlord development by creating an account on GitHub.
#Red_Team
1. Nim implementation of Process Hollowing using syscalls (PoC)
https://github.com/snovvcrash/NimHollow
2. Minimal Cobalt Strike C2 Profile for Bypassing Defender
https://gist.github.com/tothi/8abd2de8f4948af57aa2d027f9e59efe
@BlueRedTeam
1. Nim implementation of Process Hollowing using syscalls (PoC)
https://github.com/snovvcrash/NimHollow
2. Minimal Cobalt Strike C2 Profile for Bypassing Defender
https://gist.github.com/tothi/8abd2de8f4948af57aa2d027f9e59efe
@BlueRedTeam
#Blue_Team
1. WELA - Windows Event Log Analyzer
https://github.com/Yamato-Security/WELA
2. Tutorial: Lateral movement playbook
https://docs.microsoft.com/en-us/defender-for-identity/playbook-lateral-movement
@BlueRedTeam
1. WELA - Windows Event Log Analyzer
https://github.com/Yamato-Security/WELA
2. Tutorial: Lateral movement playbook
https://docs.microsoft.com/en-us/defender-for-identity/playbook-lateral-movement
@BlueRedTeam
GitHub
GitHub - Yamato-Security/WELA: Windows Event Log Auditor
Windows Event Log Auditor. Contribute to Yamato-Security/WELA development by creating an account on GitHub.