#Red_Team
PDF for the Intro to Security Research - Red Team Hacking
https://github.com/zumaroc/intro-to-security-research
@BlueRedTeam
PDF for the Intro to Security Research - Red Team Hacking
https://github.com/zumaroc/intro-to-security-research
@BlueRedTeam
GitHub
GitHub - zumaroc/intro-to-security-research: PDF for the Intro to Security Research - Red Team Hacking
PDF for the Intro to Security Research - Red Team Hacking - GitHub - zumaroc/intro-to-security-research: PDF for the Intro to Security Research - Red Team Hacking
#Red_Team
Red Team engagement platform with the goal of unifying offensive tools behind a simple UI
https://github.com/KCarretto/paragon
@BlueRedTeam
Red Team engagement platform with the goal of unifying offensive tools behind a simple UI
https://github.com/KCarretto/paragon
@BlueRedTeam
GitHub
GitHub - KCarretto/paragon: Red Team engagement platform with the goal of unifying offensive tools behind a simple UI
Red Team engagement platform with the goal of unifying offensive tools behind a simple UI - KCarretto/paragon
#Red_Team
During pentests or Red Team assessments, it all comes down to our beloved toolbox, containing all the usefull and naughty stuff of a pentester´s every day life. The problem to us is that there are three kind of people outside there.
The first group being the security researchers who develop and publish these tools with the goal of providing knowledge and to rise awareness.
The second group is (besides their own tools) using these tools and techniques to carry out attacks on governments, companies and people.
The last group is trying to keep up with the first two groups by developing and implementing detection mechanisms and countermeasures to defend against the bad guys...
https://luemmelsec.github.io/Circumventing-Countermeasures-In-AD/
@BlueRedTeam
During pentests or Red Team assessments, it all comes down to our beloved toolbox, containing all the usefull and naughty stuff of a pentester´s every day life. The problem to us is that there are three kind of people outside there.
The first group being the security researchers who develop and publish these tools with the goal of providing knowledge and to rise awareness.
The second group is (besides their own tools) using these tools and techniques to carry out attacks on governments, companies and people.
The last group is trying to keep up with the first two groups by developing and implementing detection mechanisms and countermeasures to defend against the bad guys...
https://luemmelsec.github.io/Circumventing-Countermeasures-In-AD/
@BlueRedTeam
luemmelsec.github.io
Sailing Past Security Measures In AD
Today we´re going to talk a little about possible ways to circumvent some of the security measures one might face during an engagement in an Active Directory environment.
We as pentesters are heavily relying on our tools like Bloodhound, Rubeus, mimikatz…
We as pentesters are heavily relying on our tools like Bloodhound, Rubeus, mimikatz…
👍3
#Promo
Discuss information security and vulnerabilities of various systems in the field of programming and social engineering and cryptography and cryptography and malware analysis. If you are interested, join the following channel:
@PFK_Security
Discuss information security and vulnerabilities of various systems in the field of programming and social engineering and cryptography and cryptography and malware analysis. If you are interested, join the following channel:
@PFK_Security
#Blue_Team
1. How to Analyze RTF Template Injection Attacks
https://letsdefend.io/blog/how-to-analyze-rtf-template-injection-attacks
2. Moha Phishing Kit, targeting DEWA suppliers
https://stalkphish.com/2022/02/04/phishing-kit-moha-kit-targeting-dewa-suppliers
@BlueRedTeam
1. How to Analyze RTF Template Injection Attacks
https://letsdefend.io/blog/how-to-analyze-rtf-template-injection-attacks
2. Moha Phishing Kit, targeting DEWA suppliers
https://stalkphish.com/2022/02/04/phishing-kit-moha-kit-targeting-dewa-suppliers
@BlueRedTeam
letsdefend.io
How to Analyze RTF Template Injection Attacks
Proofpoint security researchers state that cyber attack groups have adopted a new technique called "RTF Template Injection" and reported that this technique has a low detection rate. It is also included in the report that phishing attacks were carried out…
#Red_Team
1. linWinPwn is a bash noscript that automates a number of Active Directory Enumeration and Exploitation steps
https://github.com/lefayjey/linWinPwn
2. MSDT DLL Hijack UAC bypass
https://blog.sevagas.com/?MSDT-DLL-Hijack-UAC-bypass
3. Project Than - Bypass Windows Defender, Using ThreadStackSpoofer, TDP && KCTHijack
https://gitlab.com/ORCA666/3in1
@BlueRedTeam
1. linWinPwn is a bash noscript that automates a number of Active Directory Enumeration and Exploitation steps
https://github.com/lefayjey/linWinPwn
2. MSDT DLL Hijack UAC bypass
https://blog.sevagas.com/?MSDT-DLL-Hijack-UAC-bypass
3. Project Than - Bypass Windows Defender, Using ThreadStackSpoofer, TDP && KCTHijack
https://gitlab.com/ORCA666/3in1
@BlueRedTeam
GitHub
GitHub - lefayjey/linWinPwn: linWinPwn is a bash noscript that streamlines the use of a number of Active Directory tools
linWinPwn is a bash noscript that streamlines the use of a number of Active Directory tools - lefayjey/linWinPwn
#Red_Team
Advanced Process Injection
https://github.com/RedTeamOperations/Advanced-Process-Injection-Workshop
@BlueRedTeam
Advanced Process Injection
https://github.com/RedTeamOperations/Advanced-Process-Injection-Workshop
@BlueRedTeam
GitHub
GitHub - RedTeamOperations/Advanced-Process-Injection-Workshop
Contribute to RedTeamOperations/Advanced-Process-Injection-Workshop development by creating an account on GitHub.
#Red_Team
1. A PoC to make defender useless by removing its token privileges and lowering the token integrity
https://github.com/pwn1sher/KillDefender
2. SSRF Testing Resources
https://github.com/cujanovic/SSRF-Testing
3. A Nim implementation of reflective PE-Loading from memory
https://github.com/S3cur3Th1sSh1t/Nim-RunPE
@BlueRedTeam
1. A PoC to make defender useless by removing its token privileges and lowering the token integrity
https://github.com/pwn1sher/KillDefender
2. SSRF Testing Resources
https://github.com/cujanovic/SSRF-Testing
3. A Nim implementation of reflective PE-Loading from memory
https://github.com/S3cur3Th1sSh1t/Nim-RunPE
@BlueRedTeam
GitHub
GitHub - pwn1sher/KillDefender: A small POC to make defender useless by removing its token privileges and lowering the token integrity
A small POC to make defender useless by removing its token privileges and lowering the token integrity - GitHub - pwn1sher/KillDefender: A small POC to make defender useless by removing its token...
👍2
#Blue_Team
Decoding Cobalt Strike:
Understanding Payloads
https://decoded.avast.io/threatintel/decoding-cobalt-strike-understanding-payloads
]-> Repo:
https://github.com/avast/ioc/tree/master/CobaltStrike
@BlueRedTeam
Decoding Cobalt Strike:
Understanding Payloads
https://decoded.avast.io/threatintel/decoding-cobalt-strike-understanding-payloads
]-> Repo:
https://github.com/avast/ioc/tree/master/CobaltStrike
@BlueRedTeam
Gendigital
Decoding Cobalt Strike: Understanding payloads
Identifying and Parsing Cobalt Payloads
#Cobalt_Strike
#C2
Cobalt Strike External C2 Integration With Azure Servicebus, C2 traffic via Azure Servicebus
https://github.com/Flangvik/CobaltBus
@BlueRedTeam
#C2
Cobalt Strike External C2 Integration With Azure Servicebus, C2 traffic via Azure Servicebus
https://github.com/Flangvik/CobaltBus
@BlueRedTeam
GitHub
GitHub - Flangvik/CobaltBus: Cobalt Strike External C2 Integration With Azure Servicebus, C2 traffic via Azure Servicebus
Cobalt Strike External C2 Integration With Azure Servicebus, C2 traffic via Azure Servicebus - Flangvik/CobaltBus
👍1
#Red_Team
1. SPF-BYPASS
https://www.redteam.cafe/phishing/long-live-dmarc-email-spoof-issues
2. SIM Hijacking
https://sensepost.com/blog/2022/sim-hijacking
@BlueRedTeam
1. SPF-BYPASS
https://www.redteam.cafe/phishing/long-live-dmarc-email-spoof-issues
2. SIM Hijacking
https://sensepost.com/blog/2022/sim-hijacking
@BlueRedTeam
www.redteam.cafe
Long Live DMARC - Email Spoof issues | Intruder
Spoof emails when SPF is present but DMARC is not allowing you to spoof the sender
❤2
#Red_Team
1. DDoS Attack Script Python3, Cyber Attack With 36 Methods
https://github.com/MHProDev/MHDDoS
2. PackMyPayload -
Emerging Threat of Containerized Malware
https://github.com/mgeeky/PackMyPayload
3. Kerberos Authentication Relaying, OffensiveCon 2022
https://github.com/tyranid/infosec-presentations/blob/master/OffensiveCon/2022/This%20are%20my%20principals.pdf
@BlueRedTeam
1. DDoS Attack Script Python3, Cyber Attack With 36 Methods
https://github.com/MHProDev/MHDDoS
2. PackMyPayload -
Emerging Threat of Containerized Malware
https://github.com/mgeeky/PackMyPayload
3. Kerberos Authentication Relaying, OffensiveCon 2022
https://github.com/tyranid/infosec-presentations/blob/master/OffensiveCon/2022/This%20are%20my%20principals.pdf
@BlueRedTeam
GitHub
GitHub - MatrixTM/MHDDoS: Best DDoS Attack Script Python3, (Cyber / DDos) Attack With 56 Methods
Best DDoS Attack Script Python3, (Cyber / DDos) Attack With 56 Methods - MatrixTM/MHDDoS
🔥1
lateral_movement.pdf
6.5 MB
#Whitepaper
#Blue_Team
#Techniques
"Lateral Movement Analyst Reference", 2020.
// This document is designed to help network defenders understand some of the tools and tactics used by attackers in order to inform security and threat hunting activities.
@BlueRedTeam
#Blue_Team
#Techniques
"Lateral Movement Analyst Reference", 2020.
// This document is designed to help network defenders understand some of the tools and tactics used by attackers in order to inform security and threat hunting activities.
@BlueRedTeam
#exploit
Exploring UNIX pipes for iOS kernel exploit primitives,
and introducing kalloc_data_require
https://tfp0labs.com/blog/unix-pipes-exploitation
]-> Example code for creating read/write primitives from Unix pipes on XNU:
https://github.com/TFP0Labs/pipe_rw
@BlueRedTeam
Exploring UNIX pipes for iOS kernel exploit primitives,
and introducing kalloc_data_require
https://tfp0labs.com/blog/unix-pipes-exploitation
]-> Example code for creating read/write primitives from Unix pipes on XNU:
https://github.com/TFP0Labs/pipe_rw
@BlueRedTeam
TFP0 Labs
Exploring UNIX pipes for iOS kernel exploit primitives, and introducing kalloc_data_require — TFP0 Labs
While playing with Corellium to practice developing exploits with previously-patched bugs , I started to think about how Corellium's hypervisor magic could be used to practice on generalized techniques even without an underlying vulnerability. In the…
#Cobalt_Strike
Agressor noscript that lists available Cobalt Strike beacon commands and colors them based on their type
https://github.com/outflanknl/HelpColor
@BlueRedTeam
Agressor noscript that lists available Cobalt Strike beacon commands and colors them based on their type
https://github.com/outflanknl/HelpColor
@BlueRedTeam
GitHub
GitHub - outflanknl/HelpColor: Agressor noscript that lists available Cobalt Strike beacon commands and colors them based on their…
Agressor noscript that lists available Cobalt Strike beacon commands and colors them based on their type - outflanknl/HelpColor
#Cobalt_Strike
A collection of noscripts for Cobalt Strike
https://github.com/SamSepiolProxy/CobaltStrikeScripts
@BlueRedTeam
A collection of noscripts for Cobalt Strike
https://github.com/SamSepiolProxy/CobaltStrikeScripts
@BlueRedTeam
GitHub
GitHub - SamSepiolProxy/CobaltStrikeScripts: A collection of noscripts for Cobalt Strike
A collection of noscripts for Cobalt Strike. Contribute to SamSepiolProxy/CobaltStrikeScripts development by creating an account on GitHub.
#Cobalt_Strike
Privat crypt Cobalt Strike and powershell
https://github.com/trewisscotch/Crypt-Cobalt-Strike-Powershell
@BlueRedTeam
Privat crypt Cobalt Strike and powershell
https://github.com/trewisscotch/Crypt-Cobalt-Strike-Powershell
@BlueRedTeam
#AD
This tool can perform specific LDAP/SAMR calls to a domain controller in order to perform AD privesc.
https://github.com/CravateRouge/bloodyAD
@BlueRedTeam
This tool can perform specific LDAP/SAMR calls to a domain controller in order to perform AD privesc.
https://github.com/CravateRouge/bloodyAD
@BlueRedTeam
GitHub
GitHub - CravateRouge/bloodyAD: BloodyAD is an Active Directory Privilege Escalation Framework
BloodyAD is an Active Directory Privilege Escalation Framework - CravateRouge/bloodyAD
Network penetration testing resources and network security : @NetPentesters
Persian Channel : @NetPentester
Persian Channel : @NetPentester