#Red_Team
I'm putting together my class notes, practice results, and other information I accumulate over time on Red Team operation courses and work.
https://github.com/Raviikanth/working-assgmnt
@BlueRedTeam
I'm putting together my class notes, practice results, and other information I accumulate over time on Red Team operation courses and work.
https://github.com/Raviikanth/working-assgmnt
@BlueRedTeam
GitHub
GitHub - Raviikanth/working-assgmnt: <!DOCTYPE html> <html> <head> <link rel="stylesheet" href="https://stackpath.bootstr…
<!DOCTYPE html> <html> <head> <link rel="stylesheet" href="https://stackpath.bootstrapcdn.com/bootstrap/4.5.2/css/bo...
👍1🔥1
#Red_Team
#tools
1. A way to bypass multi-factor authentication (MFA) for Box accounts that use an SMS code for login verification
https://www.varonis.com/blog/box-mfa-bypass-sms
2. A tool for creating hidden accounts using the registry
https://github.com/wgpsec/CreateHiddenAccount
@BlueRedTeam
#tools
1. A way to bypass multi-factor authentication (MFA) for Box accounts that use an SMS code for login verification
https://www.varonis.com/blog/box-mfa-bypass-sms
2. A tool for creating hidden accounts using the registry
https://github.com/wgpsec/CreateHiddenAccount
@BlueRedTeam
Varonis
Mixed Messages: Busting Box’s MFA Methods | Varonis
Varonis Threat Labs discovered a way to bypass multi-factor authentication (MFA) for Box accounts that use an SMS code for login verification.
#Blue_Team
1. Suricata Language Server is an implementation of the Language Server Protocol for Suricata signatures. It adds syntax check, hints and auto-completion
https://github.com/StamusNetworks/suricata-language-server
2. Malicious Macros Analysis with OLETOOLS
https://infosecwriteups.com/maldoc101-malicious-macros-analysis-with-oletools-8be3cda84544
@BlueRedTeam
1. Suricata Language Server is an implementation of the Language Server Protocol for Suricata signatures. It adds syntax check, hints and auto-completion
https://github.com/StamusNetworks/suricata-language-server
2. Malicious Macros Analysis with OLETOOLS
https://infosecwriteups.com/maldoc101-malicious-macros-analysis-with-oletools-8be3cda84544
@BlueRedTeam
GitHub
GitHub - StamusNetworks/suricata-language-server: Suricata Language Server is an implementation of the Language Server Protocol…
Suricata Language Server is an implementation of the Language Server Protocol for Suricata signatures. It adds syntax check, hints and auto-completion to your preferred editor once it is configured...
#Red_Team
My Collection of Red Team Tools Building
https://github.com/nobodyatall648/Red-Team-Tools-Collections
@BlueRedTeam
My Collection of Red Team Tools Building
https://github.com/nobodyatall648/Red-Team-Tools-Collections
@BlueRedTeam
GitHub
GitHub - nobodyatall648/Red-Team-Tools-Collections: My Collection of Building Red Team Tools
My Collection of Building Red Team Tools . Contribute to nobodyatall648/Red-Team-Tools-Collections development by creating an account on GitHub.
#CVE-2021
It is a nmap noscript for metabase vulnerability (CVE-2021-41277)
https://github.com/frknktlca/Metabase_Nmap_Script
@BlueRedTeam
It is a nmap noscript for metabase vulnerability (CVE-2021-41277)
https://github.com/frknktlca/Metabase_Nmap_Script
@BlueRedTeam
GitHub
GitHub - frknktlca/Metabase_Nmap_Script: It is a nmap noscript for metabase vulnerability (CVE-2021-41277)
It is a nmap noscript for metabase vulnerability (CVE-2021-41277) - GitHub - frknktlca/Metabase_Nmap_Script: It is a nmap noscript for metabase vulnerability (CVE-2021-41277)
#CVE-2021
It is a nmap noscript for GravCMS vulnerability (CVE-2021-21425)
https://github.com/frknktlca/GravCMS_Nmap_Script
@BlueRedTeam
It is a nmap noscript for GravCMS vulnerability (CVE-2021-21425)
https://github.com/frknktlca/GravCMS_Nmap_Script
@BlueRedTeam
GitHub
GitHub - grey-master-a/GravCMS_Nmap_Script: It is a nmap noscript for GravCMS vulnerability (CVE-2021-21425)
It is a nmap noscript for GravCMS vulnerability (CVE-2021-21425) - grey-master-a/GravCMS_Nmap_Script
#tools
#Blue_Team
1. Blueteam operational triage registry hunting/forensic tool
https://github.com/theflakes/reg_hunter
2. Check for LDAP protections regarding the relay of NTLM authentication
https://github.com/zyn3rgy/LdapRelayScan
@BlueRedTeam
#Blue_Team
1. Blueteam operational triage registry hunting/forensic tool
https://github.com/theflakes/reg_hunter
2. Check for LDAP protections regarding the relay of NTLM authentication
https://github.com/zyn3rgy/LdapRelayScan
@BlueRedTeam
GitHub
GitHub - theflakes/reg_hunter: Blueteam operational triage registry hunting/forensic tool.
Blueteam operational triage registry hunting/forensic tool. - theflakes/reg_hunter
#exploit
- Unauthenticated RCE Chain in SysAid ITIL - CVE-2021-43971, CVE-2021-43972, CVE-2021-43973, CVE-2021-43974
https://www.atredis.com/blog/2022/1/5/unauthenticated-rce-chain-in-sysaid-itil
- CVE-2022-0219:
Improper Restriction of XML External Entity Reference in skylot/jadx
https://github.com/Haxatron/CVE-2022-0219
@BlueRedTeam
- Unauthenticated RCE Chain in SysAid ITIL - CVE-2021-43971, CVE-2021-43972, CVE-2021-43973, CVE-2021-43974
https://www.atredis.com/blog/2022/1/5/unauthenticated-rce-chain-in-sysaid-itil
- CVE-2022-0219:
Improper Restriction of XML External Entity Reference in skylot/jadx
https://github.com/Haxatron/CVE-2022-0219
@BlueRedTeam
Atredis Partners
Unauthenticated Remote Code Execution Chain in SysAid ITIL — Atredis Partners
Atredis Partners found a chain of vulnerabilities in the ITIL product offering by SysAid during personal research. Other competitors to this SysAid product are ManageEngine, Remedy, or other ticketing and workflow systems. The full chain of issues allows…
#Red_Team
TREVORproxy/TREVORspray 2.0 - Increasing the Speed and Effectiveness of Password Sprays
https://blog.blacklanternsecurity.com/p/introducing-trevorproxy-and-trevorspray
@BlueRedTeam
TREVORproxy/TREVORspray 2.0 - Increasing the Speed and Effectiveness of Password Sprays
https://blog.blacklanternsecurity.com/p/introducing-trevorproxy-and-trevorspray
@BlueRedTeam
Blacklanternsecurity
Introducing TREVORproxy and TREVORspray 2.0
Increasing the Speed and Effectiveness of Password Sprays
#tools
#Blue_Team
- beacon-fronting: A simple command line tool to help defender test their detections for network beacon patterns and domain fronting
https://github.com/BinaryDefense/beacon-fronting
- ICS Network Protocol Parsers
https://github.com/cisagov/ICSNPP
@BlueRedTeam
#Blue_Team
- beacon-fronting: A simple command line tool to help defender test their detections for network beacon patterns and domain fronting
https://github.com/BinaryDefense/beacon-fronting
- ICS Network Protocol Parsers
https://github.com/cisagov/ICSNPP
@BlueRedTeam
GitHub
GitHub - BinaryDefense/beacon-fronting: A simple command line program to help defender test their detections for network beacon…
A simple command line program to help defender test their detections for network beacon patterns and domain fronting - BinaryDefense/beacon-fronting
#Blue_Team
1. A series of PowerShell noscripts to automate collection of forensic artefacts in most Incident Response environments
https://github.com/hackjalstead/IRCP
2. Snooping on Android 12’s Privacy Dashboard
https://thebinaryhick.blog/2022/01/22/snooping-on-android-12s-privacy-dashboard
]-> Android Logs Events And Protobuf Parser:
https://github.com/abrignoni/ALEAPP
@BlueRedTeam
1. A series of PowerShell noscripts to automate collection of forensic artefacts in most Incident Response environments
https://github.com/hackjalstead/IRCP
2. Snooping on Android 12’s Privacy Dashboard
https://thebinaryhick.blog/2022/01/22/snooping-on-android-12s-privacy-dashboard
]-> Android Logs Events And Protobuf Parser:
https://github.com/abrignoni/ALEAPP
@BlueRedTeam
GitHub
GitHub - hackjalstead/IRCP: A series of PowerShell noscripts to automate collection of forensic artefacts in most Incident Response…
A series of PowerShell noscripts to automate collection of forensic artefacts in most Incident Response environments - hackjalstead/IRCP
#exploit
CVE-2021-45467:
CWP CentOS Web Panel - preauth RCE
https://octagon.net/blog/2022/01/22/cve-2021-45467-cwp-centos-web-panel-preauth-rce
-
CVE-2021-30949:
XNU kernel use-after-free in mach_msg
https://bugs.chromium.org/p/project-zero/issues/detail?id=2232
@BlueRedTeam
CVE-2021-45467:
CWP CentOS Web Panel - preauth RCE
https://octagon.net/blog/2022/01/22/cve-2021-45467-cwp-centos-web-panel-preauth-rce
-
CVE-2021-30949:
XNU kernel use-after-free in mach_msg
https://bugs.chromium.org/p/project-zero/issues/detail?id=2232
@BlueRedTeam
#Blue_Team
Hunting with weak signals:
How to find malware with mutated strings and YARA rules
https://stairwell.com/news/hunting-with-weak-signals
@BlueRedTeam
Hunting with weak signals:
How to find malware with mutated strings and YARA rules
https://stairwell.com/news/hunting-with-weak-signals
@BlueRedTeam
Stairwell
Hunting with weak signals — Stairwell
Forwarded from Network Penetration Testing
Active Directory security check in seconds The PingCastle tool allows you to perform more than 100K AD security checks, without installation, administration or sending data "to the cloud", while generating a convenient report. Some of the checks include potential risks, so there may be occasional false positives.
https://github.com/vletoux/pingcastle
#redteam
#ad
@NetPentesters
https://github.com/vletoux/pingcastle
#redteam
#ad
@NetPentesters
GitHub
GitHub - netwrix/pingcastle: PingCastle - Get Active Directory Security at 80% in 20% of the time
PingCastle - Get Active Directory Security at 80% in 20% of the time - netwrix/pingcastle
#Red_Team
Red Team Reconnaissance Tool for Windows systems
https://github.com/bvoris/RedTeamRecon
@BlueRedTeam
Red Team Reconnaissance Tool for Windows systems
https://github.com/bvoris/RedTeamRecon
@BlueRedTeam
GitHub
GitHub - bvoris/RedTeamRecon: Red Team Reconnaissance Tool for Windows systems
Red Team Reconnaissance Tool for Windows systems. Contribute to bvoris/RedTeamRecon development by creating an account on GitHub.
#Red_Team
1. RBCD WebClient attack
https://www.bussink.net/rbcd-webclient-attack
2. How to Detect and Compromise Azure Blobs and Storage Accounts
https://www.inversecos.com/2022/01/how-to-detect-and-compromise-azure.html?m=1
@BlueRedTeam
1. RBCD WebClient attack
https://www.bussink.net/rbcd-webclient-attack
2. How to Detect and Compromise Azure Blobs and Storage Accounts
https://www.inversecos.com/2022/01/how-to-detect-and-compromise-azure.html?m=1
@BlueRedTeam
Inversecos
How to Detect and Compromise Azure Blobs and Storage Accounts
#Red_Team
Cybersecurity blog. Red Team, pentest, malware analysis and dev
https://github.com/redhat-cop/automation-good-practices
@BlueRedTeam
Cybersecurity blog. Red Team, pentest, malware analysis and dev
https://github.com/redhat-cop/automation-good-practices
@BlueRedTeam
GitHub
GitHub - redhat-cop/automation-good-practices: Recommended practices for all elements of automation using Ansible, starting with…
Recommended practices for all elements of automation using Ansible, starting with collections and roles, continuing with playbooks, inventories and plug-ins... These good practices are planned to b...
👍1
#Red_Team
Red Teaming and Penetration Testing Checklist, Cheatsheet, Clicknoscript
https://github.com/ibr0wse/RedTeam-PenTest-Cheatsheet-Checklist
@BlueRedTeam
Red Teaming and Penetration Testing Checklist, Cheatsheet, Clicknoscript
https://github.com/ibr0wse/RedTeam-PenTest-Cheatsheet-Checklist
@BlueRedTeam
GitHub
GitHub - ibr0wse/RedTeam-PenTest-Cheatsheet-Checklist: Red Teaming and Penetration Testing Checklist, Cheatsheet, Clicknoscript
Red Teaming and Penetration Testing Checklist, Cheatsheet, Clicknoscript - ibr0wse/RedTeam-PenTest-Cheatsheet-Checklist