#Red_Team
Code for executing simulations used in the \"Training Intelligent Red Team Agents Via Deep Reinforcement Learning\" project
https://github.com/alanballard/Training-Intelligent-Red-Team-Agents-Via-Deep-Reinforcement-Learning
@BlueRedTeam
Code for executing simulations used in the \"Training Intelligent Red Team Agents Via Deep Reinforcement Learning\" project
https://github.com/alanballard/Training-Intelligent-Red-Team-Agents-Via-Deep-Reinforcement-Learning
@BlueRedTeam
GitHub
GitHub - alanballard/Training-Intelligent-Red-Team-Agents-Via-Deep-Reinforcement-Learning: Code for executing simulations used…
Code for executing simulations used in the "Training Intelligent Red Team Agents Via Deep Reinforcement Learning" project - GitHub - alanballard/Training-Intelligent-Red-Team-Agen...
👍1
#exploit
1. CVE-2021-35296:
PTCL Modem HG150-Ub - Authentication Bypass through response manipulation
https://github.com/afaq1337/CVE-2021-35296
2. CVE-2017-5816:
RCE in HP Intelligent Management Center (iMC) PLAT
https://oxagast.org/posts/CVE-2017-5816
@BlueRedTeam
1. CVE-2021-35296:
PTCL Modem HG150-Ub - Authentication Bypass through response manipulation
https://github.com/afaq1337/CVE-2021-35296
2. CVE-2017-5816:
RCE in HP Intelligent Management Center (iMC) PLAT
https://oxagast.org/posts/CVE-2017-5816
@BlueRedTeam
GitHub
GitHub - afaq1337/CVE-2021-35296: PoC of CVE-2021-35296 - PTCL Modem HG150-Ub
PoC of CVE-2021-35296 - PTCL Modem HG150-Ub. Contribute to afaq1337/CVE-2021-35296 development by creating an account on GitHub.
#Red_Team
Code for executing simulations used in the \"Training Intelligent Red Team Agents Via Deep Reinforcement Learning\" project
https://github.com/jaredalanis/Red-vs-Blue
@BlueRedTeam
Code for executing simulations used in the \"Training Intelligent Red Team Agents Via Deep Reinforcement Learning\" project
https://github.com/jaredalanis/Red-vs-Blue
@BlueRedTeam
GitHub
GitHub - jaredalanis/Red-vs-Blue: In this project, I will work on a Red Team vs. Blue Team scenario in which I will play the role…
In this project, I will work on a Red Team vs. Blue Team scenario in which I will play the role of both pentester and SOC analyst. As the Red Team, I will attack a vulnerable VM within my environme...
#Blue_Team
CyberSecurity Blue Team Resources
https://blueteamresources.blogspot.com/2022/01/osi-model.html
@BlueRedTeam
CyberSecurity Blue Team Resources
https://blueteamresources.blogspot.com/2022/01/osi-model.html
@BlueRedTeam
#Blue_Team
Backdoor detection for VMware view post Log4j exploitation (CVE-2021-44228)
https://github.com/mr-r3b00t/CVE-2021-44228
@BlueRedTeam
Backdoor detection for VMware view post Log4j exploitation (CVE-2021-44228)
https://github.com/mr-r3b00t/CVE-2021-44228
@BlueRedTeam
GitHub
GitHub - mr-r3b00t/CVE-2021-44228: Backdoor detection for VMware view
Backdoor detection for VMware view. Contribute to mr-r3b00t/CVE-2021-44228 development by creating an account on GitHub.
#Red_Team
A collection of Python noscripts for Red Teaming or otherwise
https://github.com/kussic/offensive-noscripts
@BlueRedTeam
A collection of Python noscripts for Red Teaming or otherwise
https://github.com/kussic/offensive-noscripts
@BlueRedTeam
GitHub
GitHub - rivet1337/offensive-noscripts: A collection of Python noscripts for Red Teaming or otherwise
A collection of Python noscripts for Red Teaming or otherwise - GitHub - rivet1337/offensive-noscripts: A collection of Python noscripts for Red Teaming or otherwise
#exploit
1. CVE-2021-30937:
XNU: heap-use-after-free in inm_merge
https://bugs.chromium.org/p/project-zero/issues/detail?id=2224
2. PHP disable_functions bypass
https://github.com/mm0r1/exploits
@BlueRedTeam
1. CVE-2021-30937:
XNU: heap-use-after-free in inm_merge
https://bugs.chromium.org/p/project-zero/issues/detail?id=2224
2. PHP disable_functions bypass
https://github.com/mm0r1/exploits
@BlueRedTeam
GitHub
GitHub - mm0r1/exploits: Pwn stuff.
Pwn stuff. Contribute to mm0r1/exploits development by creating an account on GitHub.
👍1
#Red_Team
Red Team Templates For Obsidian.md
https://github.com/cwinfosec/redteam_obsidian_templates
@BlueRedTeam
Red Team Templates For Obsidian.md
https://github.com/cwinfosec/redteam_obsidian_templates
@BlueRedTeam
GitHub
GitHub - cwinfosec/redteam_obsidian_templates: Red Team Templates For Obsidian.md
Red Team Templates For Obsidian.md. Contribute to cwinfosec/redteam_obsidian_templates development by creating an account on GitHub.
❤1
#Red_Team
Polymorphic code obfuscator for use in Red Team operations
https://github.com/maltek-labs/Malcode-Obfuscator
@BlueRedTeam
Polymorphic code obfuscator for use in Red Team operations
https://github.com/maltek-labs/Malcode-Obfuscator
@BlueRedTeam
GitHub
GitHub - maltek-labs/Malcode-Obfuscator: Polymorphic code obfuscator for use in Red Team operations
Polymorphic code obfuscator for use in Red Team operations - maltek-labs/Malcode-Obfuscator
#CVE-2021
Exploiting CVE-2021-44228 in VMWare Horizon for remote code execution and more.
https://github.com/puzzlepeaches/Log4jHorizon
@BlueRedTeam
Exploiting CVE-2021-44228 in VMWare Horizon for remote code execution and more.
https://github.com/puzzlepeaches/Log4jHorizon
@BlueRedTeam
GitHub
GitHub - puzzlepeaches/Log4jHorizon: Exploiting CVE-2021-44228 in VMWare Horizon for remote code execution and more.
Exploiting CVE-2021-44228 in VMWare Horizon for remote code execution and more. - puzzlepeaches/Log4jHorizon
#Red_Team
1. EDR Parallel-asis through Analysis
https://www.mdsec.co.uk/2022/01/edr-parallel-asis-through-analysis
2. Bypass IP source restrictions using HTTP headers
https://github.com/p0dalirius/ipsourcebypass
@BlueRedTeam
1. EDR Parallel-asis through Analysis
https://www.mdsec.co.uk/2022/01/edr-parallel-asis-through-analysis
2. Bypass IP source restrictions using HTTP headers
https://github.com/p0dalirius/ipsourcebypass
@BlueRedTeam
MDSec
EDR Parallel-asis through Analysis - MDSec
Introduction Post-exploitation tooling designed to operate within mature environments is frequently required to slip past endpoint detection and response (EDR) software running on the target. EDR frequently operate by hooking...
#Blue_Team
1. Recurring Active Directory Checks
https://techcommunity.microsoft.com/t5/core-infrastructure-and-security/recurring-active-directory-checks/ba-p/3047258
2. Cobalt Strike Sleep Mask Kit IOCs
https://github.com/p0dalirius/ipsourcebypass
@BlueRedTeam
1. Recurring Active Directory Checks
https://techcommunity.microsoft.com/t5/core-infrastructure-and-security/recurring-active-directory-checks/ba-p/3047258
2. Cobalt Strike Sleep Mask Kit IOCs
https://github.com/p0dalirius/ipsourcebypass
@BlueRedTeam
TECHCOMMUNITY.MICROSOFT.COM
Recurring Active Directory Checks
How to automatically do Active Directory health checks
#exploit
PHP 7.3-8.1 disable_functions bypass using string concatenation (PoC)
https://github.com/mm0r1/exploits/tree/master/php-concat-bypass
@BlueRedTeam
PHP 7.3-8.1 disable_functions bypass using string concatenation (PoC)
https://github.com/mm0r1/exploits/tree/master/php-concat-bypass
@BlueRedTeam
GitHub
exploits/php-concat-bypass at master · mm0r1/exploits
Pwn stuff. Contribute to mm0r1/exploits development by creating an account on GitHub.
#Threat_Research
Polygon Lack Of Balance Check Bugfix Postmortem
https://medium.com/immunefi/polygon-lack-of-balance-check-bugfix-postmortem-2-2m-bounty-64ec66c24c7d
@BlueRedTeam
Polygon Lack Of Balance Check Bugfix Postmortem
https://medium.com/immunefi/polygon-lack-of-balance-check-bugfix-postmortem-2-2m-bounty-64ec66c24c7d
@BlueRedTeam
Medium
Polygon Lack Of Balance Check Bugfix Postmortem — $2.2m Bounty
Whitehat Leon Spacewalker reported a critical vulnerability in Polygon on December 3.
#Red_Team
Red Team Field Manual tips and tricks automated via noscripts for fast and easy access during CTF events.
https://github.com/adm20-dev/rtfm-noscripts
@BlueRedTeam
Red Team Field Manual tips and tricks automated via noscripts for fast and easy access during CTF events.
https://github.com/adm20-dev/rtfm-noscripts
@BlueRedTeam
#exploit
1. Unpacking CVE-2021-40444:
A Deep Technical Analysis of an Office RCE Exploit
https://billdemirkapi.me/unpacking-cve-2021-40444-microsoft-office-rce
2. CVE-2021-38000:
Chrome Intents Logic Flaw
https://googleprojectzero.github.io/0days-in-the-wild//0day-RCAs/2021/CVE-2021-38000.html
@BlueRedTeam
1. Unpacking CVE-2021-40444:
A Deep Technical Analysis of an Office RCE Exploit
https://billdemirkapi.me/unpacking-cve-2021-40444-microsoft-office-rce
2. CVE-2021-38000:
Chrome Intents Logic Flaw
https://googleprojectzero.github.io/0days-in-the-wild//0day-RCAs/2021/CVE-2021-38000.html
@BlueRedTeam
Bill Demirkapi's Blog
Unpacking CVE-2021-40444: A Deep Technical Analysis of an Office RCE Exploit
In the middle of August 2021, a special Word document was uploaded to VirusTotal by a user from Argentina. Although it was only detected by a single antivirus engine at the time, this sample turned out to be exploiting a zero day vulnerability in Microsoft…
#Red_Team
A cheat sheet that contains advanced queries for SQL Injection of all types
https://github.com/kleiton0x00/Advanced-SQL-Injection-Cheatsheet
@BlueRedTeam
A cheat sheet that contains advanced queries for SQL Injection of all types
https://github.com/kleiton0x00/Advanced-SQL-Injection-Cheatsheet
@BlueRedTeam
GitHub
GitHub - kleiton0x00/Advanced-SQL-Injection-Cheatsheet: A cheat sheet that contains advanced queries for SQL Injection of all types.
A cheat sheet that contains advanced queries for SQL Injection of all types. - kleiton0x00/Advanced-SQL-Injection-Cheatsheet
#Blue_Team
1. Strategically Aged Domain Detection: Capture APT Attacks With DNS Traffic Trends
https://unit42.paloaltonetworks.com/strategically-aged-domain-detection
2. Windows Process Listing using NTQuerySystemInformation
https://tbhaxor.com/windows-process-listing-using-ntquerysysteminformation
@BlueRedTeam
1. Strategically Aged Domain Detection: Capture APT Attacks With DNS Traffic Trends
https://unit42.paloaltonetworks.com/strategically-aged-domain-detection
2. Windows Process Listing using NTQuerySystemInformation
https://tbhaxor.com/windows-process-listing-using-ntquerysysteminformation
@BlueRedTeam
Unit 42
Strategically Aged Domain Detection: Capture APT Attacks With DNS Traffic Trends
Strategically aged domain detection can capture domains registered by advanced persistent threats or likely to be used for network abuses.
#Blue_Team
An "Attack Path" Mapping Approach to CVEs 2021-42287 and 2021-42278
https://www.trustedsec.com/blog/an-attack-path-mapping-approach-to-cves-2021-42287-and-2021-42278
@BlueRedTeam
An "Attack Path" Mapping Approach to CVEs 2021-42287 and 2021-42278
https://www.trustedsec.com/blog/an-attack-path-mapping-approach-to-cves-2021-42287-and-2021-42278
@BlueRedTeam
TrustedSec
An 'Attack Path' Mapping Approach to CVEs 2021-42287 and 2021-42278
Figure 1 - CVE 2021-42287 and 2021-42278 Attack Path 1 Diagram While each detection strives for high fidelity and may be able stand on its own accord,…
🔥1
#Red_Team
1. Domain Escalation - sAMAccountName Spoofing
https://pentestlab.blog/2022/01/10/domain-escalation-samaccountname-spoofing
2. Loading dbk64.sys and grabbing a handle to it
https://github.com/ioncodes/ceload
3. O365 - Bypass Malicious Link Analysis
<a href="phishing link">click</a> ==> junk
<a href="" href="phishing link">click</a> ==> inbox
// If you compose an email using the "Reply" function on O365 which has a link, intercept the request and add an extra empty href attribute then O365 won't scan the link anymore
@BlueRedTeam
1. Domain Escalation - sAMAccountName Spoofing
https://pentestlab.blog/2022/01/10/domain-escalation-samaccountname-spoofing
2. Loading dbk64.sys and grabbing a handle to it
https://github.com/ioncodes/ceload
3. O365 - Bypass Malicious Link Analysis
<a href="phishing link">click</a> ==> junk
<a href="" href="phishing link">click</a> ==> inbox
// If you compose an email using the "Reply" function on O365 which has a link, intercept the request and add an extra empty href attribute then O365 won't scan the link anymore
@BlueRedTeam
Penetration Testing Lab
Domain Escalation – sAMAccountName Spoofing
Computer accounts have the $ sign appended at the end of their names in contrast with standard user accounts. By default Microsoft operating systems lack of security controls and hardening that wou…
👍1