#exploit
Exploring UNIX pipes for iOS kernel exploit primitives,
and introducing kalloc_data_require
https://tfp0labs.com/blog/unix-pipes-exploitation
]-> Example code for creating read/write primitives from Unix pipes on XNU:
https://github.com/TFP0Labs/pipe_rw
@BlueRedTeam
Exploring UNIX pipes for iOS kernel exploit primitives,
and introducing kalloc_data_require
https://tfp0labs.com/blog/unix-pipes-exploitation
]-> Example code for creating read/write primitives from Unix pipes on XNU:
https://github.com/TFP0Labs/pipe_rw
@BlueRedTeam
TFP0 Labs
Exploring UNIX pipes for iOS kernel exploit primitives, and introducing kalloc_data_require — TFP0 Labs
While playing with Corellium to practice developing exploits with previously-patched bugs , I started to think about how Corellium's hypervisor magic could be used to practice on generalized techniques even without an underlying vulnerability. In the…
#Cobalt_Strike
Agressor noscript that lists available Cobalt Strike beacon commands and colors them based on their type
https://github.com/outflanknl/HelpColor
@BlueRedTeam
Agressor noscript that lists available Cobalt Strike beacon commands and colors them based on their type
https://github.com/outflanknl/HelpColor
@BlueRedTeam
GitHub
GitHub - outflanknl/HelpColor: Agressor noscript that lists available Cobalt Strike beacon commands and colors them based on their…
Agressor noscript that lists available Cobalt Strike beacon commands and colors them based on their type - outflanknl/HelpColor
#Cobalt_Strike
A collection of noscripts for Cobalt Strike
https://github.com/SamSepiolProxy/CobaltStrikeScripts
@BlueRedTeam
A collection of noscripts for Cobalt Strike
https://github.com/SamSepiolProxy/CobaltStrikeScripts
@BlueRedTeam
GitHub
GitHub - SamSepiolProxy/CobaltStrikeScripts: A collection of noscripts for Cobalt Strike
A collection of noscripts for Cobalt Strike. Contribute to SamSepiolProxy/CobaltStrikeScripts development by creating an account on GitHub.
#Cobalt_Strike
Privat crypt Cobalt Strike and powershell
https://github.com/trewisscotch/Crypt-Cobalt-Strike-Powershell
@BlueRedTeam
Privat crypt Cobalt Strike and powershell
https://github.com/trewisscotch/Crypt-Cobalt-Strike-Powershell
@BlueRedTeam
#AD
This tool can perform specific LDAP/SAMR calls to a domain controller in order to perform AD privesc.
https://github.com/CravateRouge/bloodyAD
@BlueRedTeam
This tool can perform specific LDAP/SAMR calls to a domain controller in order to perform AD privesc.
https://github.com/CravateRouge/bloodyAD
@BlueRedTeam
GitHub
GitHub - CravateRouge/bloodyAD: BloodyAD is an Active Directory Privilege Escalation Framework
BloodyAD is an Active Directory Privilege Escalation Framework - CravateRouge/bloodyAD
Network penetration testing resources and network security : @NetPentesters
Persian Channel : @NetPentester
Persian Channel : @NetPentester
#Red_Team
k1t is a Red Team Weaponization Tool Rapid Deployment BASH Script.
https://github.com/bash-k1t/k1t
@BlueRedTeam
k1t is a Red Team Weaponization Tool Rapid Deployment BASH Script.
https://github.com/bash-k1t/k1t
@BlueRedTeam
GitHub
GitHub - bash-k1t/k1t: k1t is a Red Team Weaponization Tool Rapid Deployment BASH Script.
k1t is a Red Team Weaponization Tool Rapid Deployment BASH Script. - GitHub - bash-k1t/k1t: k1t is a Red Team Weaponization Tool Rapid Deployment BASH Script.
#exploit
1. A Zero-Click RCE Exploit for the Peloton Bike
(And Also Every Other Unpatched Android Device)
https://www.nowsecure.com/blog/2022/02/09/a-zero-click-rce-exploit-for-the-peloton-bike-and-also-every-other-unpatched-android-device
2. An analysis of CVE-2022-21877
https://big5-sec.github.io/posts/an-analysis-of-cve-2022-21877
3. CVE-2022-20699:
Cisco Anyconnect VPN unauth RCE (rwx stack)
https://github.com/Audiobahn/CVE-2022-20699
@BlueRedTeam
1. A Zero-Click RCE Exploit for the Peloton Bike
(And Also Every Other Unpatched Android Device)
https://www.nowsecure.com/blog/2022/02/09/a-zero-click-rce-exploit-for-the-peloton-bike-and-also-every-other-unpatched-android-device
2. An analysis of CVE-2022-21877
https://big5-sec.github.io/posts/an-analysis-of-cve-2022-21877
3. CVE-2022-20699:
Cisco Anyconnect VPN unauth RCE (rwx stack)
https://github.com/Audiobahn/CVE-2022-20699
@BlueRedTeam
Nowsecure
Zero-Click RCE Exploit for the Peloton Bike Identified and Patched
The Peloton Bike ran an unpatched version of Android 7 which led to it being vulnerable to a number of known issues, most significantly CVE-2021-0326, which could allow an attacker within WiFi range to execute arbitrary code on the device with no user interaction.
👍1
#Red_Team
1. Dump Information for Process using GetTokenInformation
https://tbhaxor.com/dumping-token-information-in-windows
2. Cloudflare WAF Bypass
https://www.astrocamel.com/web/2022/01/25/my-sqli-adventure-or-why-you-should-make-sure-your-waf-is-configured-properly.html
@BlueRedTeam
1. Dump Information for Process using GetTokenInformation
https://tbhaxor.com/dumping-token-information-in-windows
2. Cloudflare WAF Bypass
https://www.astrocamel.com/web/2022/01/25/my-sqli-adventure-or-why-you-should-make-sure-your-waf-is-configured-properly.html
@BlueRedTeam
tbhaxor's Blog
Dump Information for Process using GetTokenInformation
In this post, you will get a very thorough step-by-step walkthrough on building your own process token dumper in the c++ which will help you in knowing your target better before launching another post exploitation attack.
A collection of various awesome lists for hackers, pentesters and security researchers
https://github.com/Hack-with-Github/Awesome-Hacking
@BlueRedTeam
https://github.com/Hack-with-Github/Awesome-Hacking
@BlueRedTeam
GitHub
GitHub - Hack-with-Github/Awesome-Hacking: A collection of various awesome lists for hackers, pentesters and security researchers
A collection of various awesome lists for hackers, pentesters and security researchers - Hack-with-Github/Awesome-Hacking
👍2
#Red_Team
1. AD CS: from ManageCA to RCE
https://www.blackarrow.net/ad-cs-from-manageca-to-rce
2. Bypassing Cylance and other AVs/EDRs by Unhooking Windows APIs
https://www.ired.team/offensive-security/defense-evasion/bypassing-cylance-and-other-avs-edrs-by-unhooking-windows-apis
3. WindowsNoExec - Abusing existing instructions to executing arbitrary code without allocating executable memory
https://www.x86matthew.com/view_post?id=windows_no_exec&s=09
@BlueRedTeam
1. AD CS: from ManageCA to RCE
https://www.blackarrow.net/ad-cs-from-manageca-to-rce
2. Bypassing Cylance and other AVs/EDRs by Unhooking Windows APIs
https://www.ired.team/offensive-security/defense-evasion/bypassing-cylance-and-other-avs-edrs-by-unhooking-windows-apis
3. WindowsNoExec - Abusing existing instructions to executing arbitrary code without allocating executable memory
https://www.x86matthew.com/view_post?id=windows_no_exec&s=09
@BlueRedTeam
Tarlogic Security
BlackArrow - Offensive security services
BlackArrow is the offensive and defensive security services division of Tarlogic Security. A team of high level professionals
#tools
#Blue_Team
master_librarian - A tool to audit Linux system libraries to find public security vulnerabilities
https://github.com/CoolerVoid/master_librarian
@BlueRedTeam
#Blue_Team
master_librarian - A tool to audit Linux system libraries to find public security vulnerabilities
https://github.com/CoolerVoid/master_librarian
@BlueRedTeam
👍1
#Red_Team
Tool created for Red Team to test default credentials on SSH and WinRM and then execute noscripts with those credentials before the password can be changed by Blue Team.
https://github.com/RITRedteam/StreetCred
@BlueRedTeam
Tool created for Red Team to test default credentials on SSH and WinRM and then execute noscripts with those credentials before the password can be changed by Blue Team.
https://github.com/RITRedteam/StreetCred
@BlueRedTeam
GitHub
GitHub - RITRedteam/StreetCred: Tool created for Red Team to test default credentials on SSH and WinRM and then execute noscripts…
Tool created for Red Team to test default credentials on SSH and WinRM and then execute noscripts with those credentials before the password can be changed by Blue Team. - RITRedteam/StreetCred
#Red_Team
Penetration Testing, Vulnerability Assessment and Red Team Learning
https://github.com/nairuzabulhul/R3d-Buck3T
@BlueRedTeam
Penetration Testing, Vulnerability Assessment and Red Team Learning
https://github.com/nairuzabulhul/R3d-Buck3T
@BlueRedTeam
GitHub
GitHub - nairuzabulhul/R3d-Buck3T: Penetration Testing, Vulnerability Assessment and Red Team Learning
Penetration Testing, Vulnerability Assessment and Red Team Learning - nairuzabulhul/R3d-Buck3T
#Cobalt_Strike
Cobalt Strike 4.5 cracked version.
https://github.com/trewisscotch/CobaltStr4.5
@BlueRedTeam
Cobalt Strike 4.5 cracked version.
https://github.com/trewisscotch/CobaltStr4.5
@BlueRedTeam
👍2
#tools
#Blue_Team
1. Fnord - Pattern Extractor for Obfuscated Code
https://github.com/Neo23x0/Fnord
2. A collection of tools to help audit NPM dependencies for suspicious packages or continuously monitor dependencies for future security events
https://github.com/jfrog/jfrog-npm-tools
@BlueRedTeam
#Blue_Team
1. Fnord - Pattern Extractor for Obfuscated Code
https://github.com/Neo23x0/Fnord
2. A collection of tools to help audit NPM dependencies for suspicious packages or continuously monitor dependencies for future security events
https://github.com/jfrog/jfrog-npm-tools
@BlueRedTeam
GitHub
GitHub - Neo23x0/Fnord: Pattern Extractor for Obfuscated Code
Pattern Extractor for Obfuscated Code. Contribute to Neo23x0/Fnord development by creating an account on GitHub.
#Red_Team
1. SysWhispers integrated shellcode loader w/ ETW patching & anti-sandboxing
https://github.com/ChadMotivation/TymSpecial
2. Kernel mode WinDbg extension and PoCs for token privilege investigation
https://github.com/daem0nc0re/PrivFu
@BlueRedTeam
1. SysWhispers integrated shellcode loader w/ ETW patching & anti-sandboxing
https://github.com/ChadMotivation/TymSpecial
2. Kernel mode WinDbg extension and PoCs for token privilege investigation
https://github.com/daem0nc0re/PrivFu
@BlueRedTeam
Forwarded from Network Penetration Testing
A small library to alter AWS API requests
https://github.com/Frichetten/aws_api_shapeshifter
#Cloud
#API
#AWS
@NetPentesters
https://github.com/Frichetten/aws_api_shapeshifter
#Cloud
#API
#AWS
@NetPentesters
GitHub
GitHub - Frichetten/aws_api_shapeshifter: A small library to alter AWS API requests; Used for fuzzing research
A small library to alter AWS API requests; Used for fuzzing research - Frichetten/aws_api_shapeshifter
#exploit
1. WebKit RCE on iOS 14.1 Exploit
https://gist.github.com/ujin5/6b9a32eedc5a39d714a3a72f06efffe5
2. Writing Anti-Anti-Virus Exploit
https://ptr-yudai.hatenablog.com/entry/2022/02/13/122744
@BlueRedTeam
1. WebKit RCE on iOS 14.1 Exploit
https://gist.github.com/ujin5/6b9a32eedc5a39d714a3a72f06efffe5
2. Writing Anti-Anti-Virus Exploit
https://ptr-yudai.hatenablog.com/entry/2022/02/13/122744
@BlueRedTeam
Gist
WebKit RCE on ios 14.1
WebKit RCE on ios 14.1. GitHub Gist: instantly share code, notes, and snippets.
👍1