#Red_Team
Flexible C2 framework for Nation State Simulations in Red Team Assessments.
https://github.com/aidden-laoch/sabre
@BlueRedTeam
Flexible C2 framework for Nation State Simulations in Red Team Assessments.
https://github.com/aidden-laoch/sabre
@BlueRedTeam
🔥1
#Red_Team
BreadMan Module Stomping & API Unhooking Using Native APIs
https://medium.com/@Breadman602/breadman-module-stomping-api-unhooking-using-native-apis-b10df89cc0a2
@BlueRedTeam
BreadMan Module Stomping & API Unhooking Using Native APIs
https://medium.com/@Breadman602/breadman-module-stomping-api-unhooking-using-native-apis-b10df89cc0a2
@BlueRedTeam
Medium
BreadMan Module Stomping & API Unhooking Using Native APIs
Introduction
#Blue_Team
1. This repository detects a system vulnerable to CVE-2022-21907 and protects against this vulnerability if desired
https://github.com/mauricelambert/CVE-2022-21907
2. Hardening HashiCorp Vault
https://github.com/hashicorp/vault-selinux-policies
@BlueRedTeam
1. This repository detects a system vulnerable to CVE-2022-21907 and protects against this vulnerability if desired
https://github.com/mauricelambert/CVE-2022-21907
2. Hardening HashiCorp Vault
https://github.com/hashicorp/vault-selinux-policies
@BlueRedTeam
GitHub
GitHub - mauricelambert/CVE-2022-21907: CVE-2022-21907: detection, protection, exploitation and demonstration. Exploitation: Powershell…
CVE-2022-21907: detection, protection, exploitation and demonstration. Exploitation: Powershell, Python, Ruby, NMAP and Metasploit. Detection and protection: Powershell. Demonstration: Youtube. - m...
🔥1
#Red_Team
I'm putting together my class notes, practice results, and other information I accumulate over time on Red Team operation courses and work.
https://github.com/SlyJose/Red-Team
@BlueRedTeam
I'm putting together my class notes, practice results, and other information I accumulate over time on Red Team operation courses and work.
https://github.com/SlyJose/Red-Team
@BlueRedTeam
GitHub
GitHub - SlyJose/Red-Team: I'm putting together my class notes, practice results, and other information I accumulate over time…
I'm putting together my class notes, practice results, and other information I accumulate over time on Red Team operation courses and work. - GitHub - SlyJose/Red-Team: I'm putting ...
#Red_Team
1. Domain Persistence - Machine Account
https://pentestlab.blog/2022/01/17/domain-persistence-machine-account
2. Shell command obfuscation to avoid SIEM/detection system
https://github.com/ariary/volana
@BlueRedTeam
1. Domain Persistence - Machine Account
https://pentestlab.blog/2022/01/17/domain-persistence-machine-account
2. Shell command obfuscation to avoid SIEM/detection system
https://github.com/ariary/volana
@BlueRedTeam
Penetration Testing Lab
Domain Persistence – Machine Account
Machine accounts play a role in red team operations as in a number of techniques are utilized for privilege escalation, lateral movement and domain escalation. However, there are also cases which a…
🔥1
#tools
OpenAPI Security Scanner:
discover authorization security issues
https://github.com/ngalongc/openapi_security_scanner#warning-before-use
@BlueRedTeam
OpenAPI Security Scanner:
discover authorization security issues
https://github.com/ngalongc/openapi_security_scanner#warning-before-use
@BlueRedTeam
GitHub
GitHub - ngalongc/openapi_security_scanner
Contribute to ngalongc/openapi_security_scanner development by creating an account on GitHub.
#Red_Team
I'm putting together my class notes, practice results, and other information I accumulate over time on Red Team operation courses and work.
https://github.com/Raviikanth/working-assgmnt
@BlueRedTeam
I'm putting together my class notes, practice results, and other information I accumulate over time on Red Team operation courses and work.
https://github.com/Raviikanth/working-assgmnt
@BlueRedTeam
GitHub
GitHub - Raviikanth/working-assgmnt: <!DOCTYPE html> <html> <head> <link rel="stylesheet" href="https://stackpath.bootstr…
<!DOCTYPE html> <html> <head> <link rel="stylesheet" href="https://stackpath.bootstrapcdn.com/bootstrap/4.5.2/css/bo...
👍1🔥1
#Red_Team
#tools
1. A way to bypass multi-factor authentication (MFA) for Box accounts that use an SMS code for login verification
https://www.varonis.com/blog/box-mfa-bypass-sms
2. A tool for creating hidden accounts using the registry
https://github.com/wgpsec/CreateHiddenAccount
@BlueRedTeam
#tools
1. A way to bypass multi-factor authentication (MFA) for Box accounts that use an SMS code for login verification
https://www.varonis.com/blog/box-mfa-bypass-sms
2. A tool for creating hidden accounts using the registry
https://github.com/wgpsec/CreateHiddenAccount
@BlueRedTeam
Varonis
Mixed Messages: Busting Box’s MFA Methods | Varonis
Varonis Threat Labs discovered a way to bypass multi-factor authentication (MFA) for Box accounts that use an SMS code for login verification.
#Blue_Team
1. Suricata Language Server is an implementation of the Language Server Protocol for Suricata signatures. It adds syntax check, hints and auto-completion
https://github.com/StamusNetworks/suricata-language-server
2. Malicious Macros Analysis with OLETOOLS
https://infosecwriteups.com/maldoc101-malicious-macros-analysis-with-oletools-8be3cda84544
@BlueRedTeam
1. Suricata Language Server is an implementation of the Language Server Protocol for Suricata signatures. It adds syntax check, hints and auto-completion
https://github.com/StamusNetworks/suricata-language-server
2. Malicious Macros Analysis with OLETOOLS
https://infosecwriteups.com/maldoc101-malicious-macros-analysis-with-oletools-8be3cda84544
@BlueRedTeam
GitHub
GitHub - StamusNetworks/suricata-language-server: Suricata Language Server is an implementation of the Language Server Protocol…
Suricata Language Server is an implementation of the Language Server Protocol for Suricata signatures. It adds syntax check, hints and auto-completion to your preferred editor once it is configured...
#Red_Team
My Collection of Red Team Tools Building
https://github.com/nobodyatall648/Red-Team-Tools-Collections
@BlueRedTeam
My Collection of Red Team Tools Building
https://github.com/nobodyatall648/Red-Team-Tools-Collections
@BlueRedTeam
GitHub
GitHub - nobodyatall648/Red-Team-Tools-Collections: My Collection of Building Red Team Tools
My Collection of Building Red Team Tools . Contribute to nobodyatall648/Red-Team-Tools-Collections development by creating an account on GitHub.
#CVE-2021
It is a nmap noscript for metabase vulnerability (CVE-2021-41277)
https://github.com/frknktlca/Metabase_Nmap_Script
@BlueRedTeam
It is a nmap noscript for metabase vulnerability (CVE-2021-41277)
https://github.com/frknktlca/Metabase_Nmap_Script
@BlueRedTeam
GitHub
GitHub - frknktlca/Metabase_Nmap_Script: It is a nmap noscript for metabase vulnerability (CVE-2021-41277)
It is a nmap noscript for metabase vulnerability (CVE-2021-41277) - GitHub - frknktlca/Metabase_Nmap_Script: It is a nmap noscript for metabase vulnerability (CVE-2021-41277)
#CVE-2021
It is a nmap noscript for GravCMS vulnerability (CVE-2021-21425)
https://github.com/frknktlca/GravCMS_Nmap_Script
@BlueRedTeam
It is a nmap noscript for GravCMS vulnerability (CVE-2021-21425)
https://github.com/frknktlca/GravCMS_Nmap_Script
@BlueRedTeam
GitHub
GitHub - grey-master-a/GravCMS_Nmap_Script: It is a nmap noscript for GravCMS vulnerability (CVE-2021-21425)
It is a nmap noscript for GravCMS vulnerability (CVE-2021-21425) - grey-master-a/GravCMS_Nmap_Script
#tools
#Blue_Team
1. Blueteam operational triage registry hunting/forensic tool
https://github.com/theflakes/reg_hunter
2. Check for LDAP protections regarding the relay of NTLM authentication
https://github.com/zyn3rgy/LdapRelayScan
@BlueRedTeam
#Blue_Team
1. Blueteam operational triage registry hunting/forensic tool
https://github.com/theflakes/reg_hunter
2. Check for LDAP protections regarding the relay of NTLM authentication
https://github.com/zyn3rgy/LdapRelayScan
@BlueRedTeam
GitHub
GitHub - theflakes/reg_hunter: Blueteam operational triage registry hunting/forensic tool.
Blueteam operational triage registry hunting/forensic tool. - theflakes/reg_hunter
#exploit
- Unauthenticated RCE Chain in SysAid ITIL - CVE-2021-43971, CVE-2021-43972, CVE-2021-43973, CVE-2021-43974
https://www.atredis.com/blog/2022/1/5/unauthenticated-rce-chain-in-sysaid-itil
- CVE-2022-0219:
Improper Restriction of XML External Entity Reference in skylot/jadx
https://github.com/Haxatron/CVE-2022-0219
@BlueRedTeam
- Unauthenticated RCE Chain in SysAid ITIL - CVE-2021-43971, CVE-2021-43972, CVE-2021-43973, CVE-2021-43974
https://www.atredis.com/blog/2022/1/5/unauthenticated-rce-chain-in-sysaid-itil
- CVE-2022-0219:
Improper Restriction of XML External Entity Reference in skylot/jadx
https://github.com/Haxatron/CVE-2022-0219
@BlueRedTeam
Atredis Partners
Unauthenticated Remote Code Execution Chain in SysAid ITIL — Atredis Partners
Atredis Partners found a chain of vulnerabilities in the ITIL product offering by SysAid during personal research. Other competitors to this SysAid product are ManageEngine, Remedy, or other ticketing and workflow systems. The full chain of issues allows…
#Red_Team
TREVORproxy/TREVORspray 2.0 - Increasing the Speed and Effectiveness of Password Sprays
https://blog.blacklanternsecurity.com/p/introducing-trevorproxy-and-trevorspray
@BlueRedTeam
TREVORproxy/TREVORspray 2.0 - Increasing the Speed and Effectiveness of Password Sprays
https://blog.blacklanternsecurity.com/p/introducing-trevorproxy-and-trevorspray
@BlueRedTeam
Blacklanternsecurity
Introducing TREVORproxy and TREVORspray 2.0
Increasing the Speed and Effectiveness of Password Sprays
#tools
#Blue_Team
- beacon-fronting: A simple command line tool to help defender test their detections for network beacon patterns and domain fronting
https://github.com/BinaryDefense/beacon-fronting
- ICS Network Protocol Parsers
https://github.com/cisagov/ICSNPP
@BlueRedTeam
#Blue_Team
- beacon-fronting: A simple command line tool to help defender test their detections for network beacon patterns and domain fronting
https://github.com/BinaryDefense/beacon-fronting
- ICS Network Protocol Parsers
https://github.com/cisagov/ICSNPP
@BlueRedTeam
GitHub
GitHub - BinaryDefense/beacon-fronting: A simple command line program to help defender test their detections for network beacon…
A simple command line program to help defender test their detections for network beacon patterns and domain fronting - BinaryDefense/beacon-fronting
#Blue_Team
1. A series of PowerShell noscripts to automate collection of forensic artefacts in most Incident Response environments
https://github.com/hackjalstead/IRCP
2. Snooping on Android 12’s Privacy Dashboard
https://thebinaryhick.blog/2022/01/22/snooping-on-android-12s-privacy-dashboard
]-> Android Logs Events And Protobuf Parser:
https://github.com/abrignoni/ALEAPP
@BlueRedTeam
1. A series of PowerShell noscripts to automate collection of forensic artefacts in most Incident Response environments
https://github.com/hackjalstead/IRCP
2. Snooping on Android 12’s Privacy Dashboard
https://thebinaryhick.blog/2022/01/22/snooping-on-android-12s-privacy-dashboard
]-> Android Logs Events And Protobuf Parser:
https://github.com/abrignoni/ALEAPP
@BlueRedTeam
GitHub
GitHub - hackjalstead/IRCP: A series of PowerShell noscripts to automate collection of forensic artefacts in most Incident Response…
A series of PowerShell noscripts to automate collection of forensic artefacts in most Incident Response environments - hackjalstead/IRCP