#exploit
1. A Zero-Click RCE Exploit for the Peloton Bike
(And Also Every Other Unpatched Android Device)
https://www.nowsecure.com/blog/2022/02/09/a-zero-click-rce-exploit-for-the-peloton-bike-and-also-every-other-unpatched-android-device
2. An analysis of CVE-2022-21877
https://big5-sec.github.io/posts/an-analysis-of-cve-2022-21877
3. CVE-2022-20699:
Cisco Anyconnect VPN unauth RCE (rwx stack)
https://github.com/Audiobahn/CVE-2022-20699
@BlueRedTeam
1. A Zero-Click RCE Exploit for the Peloton Bike
(And Also Every Other Unpatched Android Device)
https://www.nowsecure.com/blog/2022/02/09/a-zero-click-rce-exploit-for-the-peloton-bike-and-also-every-other-unpatched-android-device
2. An analysis of CVE-2022-21877
https://big5-sec.github.io/posts/an-analysis-of-cve-2022-21877
3. CVE-2022-20699:
Cisco Anyconnect VPN unauth RCE (rwx stack)
https://github.com/Audiobahn/CVE-2022-20699
@BlueRedTeam
Nowsecure
Zero-Click RCE Exploit for the Peloton Bike Identified and Patched
The Peloton Bike ran an unpatched version of Android 7 which led to it being vulnerable to a number of known issues, most significantly CVE-2021-0326, which could allow an attacker within WiFi range to execute arbitrary code on the device with no user interaction.
👍1
#Red_Team
1. Dump Information for Process using GetTokenInformation
https://tbhaxor.com/dumping-token-information-in-windows
2. Cloudflare WAF Bypass
https://www.astrocamel.com/web/2022/01/25/my-sqli-adventure-or-why-you-should-make-sure-your-waf-is-configured-properly.html
@BlueRedTeam
1. Dump Information for Process using GetTokenInformation
https://tbhaxor.com/dumping-token-information-in-windows
2. Cloudflare WAF Bypass
https://www.astrocamel.com/web/2022/01/25/my-sqli-adventure-or-why-you-should-make-sure-your-waf-is-configured-properly.html
@BlueRedTeam
tbhaxor's Blog
Dump Information for Process using GetTokenInformation
In this post, you will get a very thorough step-by-step walkthrough on building your own process token dumper in the c++ which will help you in knowing your target better before launching another post exploitation attack.
A collection of various awesome lists for hackers, pentesters and security researchers
https://github.com/Hack-with-Github/Awesome-Hacking
@BlueRedTeam
https://github.com/Hack-with-Github/Awesome-Hacking
@BlueRedTeam
GitHub
GitHub - Hack-with-Github/Awesome-Hacking: A collection of various awesome lists for hackers, pentesters and security researchers
A collection of various awesome lists for hackers, pentesters and security researchers - Hack-with-Github/Awesome-Hacking
👍2
#Red_Team
1. AD CS: from ManageCA to RCE
https://www.blackarrow.net/ad-cs-from-manageca-to-rce
2. Bypassing Cylance and other AVs/EDRs by Unhooking Windows APIs
https://www.ired.team/offensive-security/defense-evasion/bypassing-cylance-and-other-avs-edrs-by-unhooking-windows-apis
3. WindowsNoExec - Abusing existing instructions to executing arbitrary code without allocating executable memory
https://www.x86matthew.com/view_post?id=windows_no_exec&s=09
@BlueRedTeam
1. AD CS: from ManageCA to RCE
https://www.blackarrow.net/ad-cs-from-manageca-to-rce
2. Bypassing Cylance and other AVs/EDRs by Unhooking Windows APIs
https://www.ired.team/offensive-security/defense-evasion/bypassing-cylance-and-other-avs-edrs-by-unhooking-windows-apis
3. WindowsNoExec - Abusing existing instructions to executing arbitrary code without allocating executable memory
https://www.x86matthew.com/view_post?id=windows_no_exec&s=09
@BlueRedTeam
Tarlogic Security
BlackArrow - Offensive security services
BlackArrow is the offensive and defensive security services division of Tarlogic Security. A team of high level professionals
#tools
#Blue_Team
master_librarian - A tool to audit Linux system libraries to find public security vulnerabilities
https://github.com/CoolerVoid/master_librarian
@BlueRedTeam
#Blue_Team
master_librarian - A tool to audit Linux system libraries to find public security vulnerabilities
https://github.com/CoolerVoid/master_librarian
@BlueRedTeam
👍1
#Red_Team
Tool created for Red Team to test default credentials on SSH and WinRM and then execute noscripts with those credentials before the password can be changed by Blue Team.
https://github.com/RITRedteam/StreetCred
@BlueRedTeam
Tool created for Red Team to test default credentials on SSH and WinRM and then execute noscripts with those credentials before the password can be changed by Blue Team.
https://github.com/RITRedteam/StreetCred
@BlueRedTeam
GitHub
GitHub - RITRedteam/StreetCred: Tool created for Red Team to test default credentials on SSH and WinRM and then execute noscripts…
Tool created for Red Team to test default credentials on SSH and WinRM and then execute noscripts with those credentials before the password can be changed by Blue Team. - RITRedteam/StreetCred
#Red_Team
Penetration Testing, Vulnerability Assessment and Red Team Learning
https://github.com/nairuzabulhul/R3d-Buck3T
@BlueRedTeam
Penetration Testing, Vulnerability Assessment and Red Team Learning
https://github.com/nairuzabulhul/R3d-Buck3T
@BlueRedTeam
GitHub
GitHub - nairuzabulhul/R3d-Buck3T: Penetration Testing, Vulnerability Assessment and Red Team Learning
Penetration Testing, Vulnerability Assessment and Red Team Learning - nairuzabulhul/R3d-Buck3T
#Cobalt_Strike
Cobalt Strike 4.5 cracked version.
https://github.com/trewisscotch/CobaltStr4.5
@BlueRedTeam
Cobalt Strike 4.5 cracked version.
https://github.com/trewisscotch/CobaltStr4.5
@BlueRedTeam
👍2
#tools
#Blue_Team
1. Fnord - Pattern Extractor for Obfuscated Code
https://github.com/Neo23x0/Fnord
2. A collection of tools to help audit NPM dependencies for suspicious packages or continuously monitor dependencies for future security events
https://github.com/jfrog/jfrog-npm-tools
@BlueRedTeam
#Blue_Team
1. Fnord - Pattern Extractor for Obfuscated Code
https://github.com/Neo23x0/Fnord
2. A collection of tools to help audit NPM dependencies for suspicious packages or continuously monitor dependencies for future security events
https://github.com/jfrog/jfrog-npm-tools
@BlueRedTeam
GitHub
GitHub - Neo23x0/Fnord: Pattern Extractor for Obfuscated Code
Pattern Extractor for Obfuscated Code. Contribute to Neo23x0/Fnord development by creating an account on GitHub.
#Red_Team
1. SysWhispers integrated shellcode loader w/ ETW patching & anti-sandboxing
https://github.com/ChadMotivation/TymSpecial
2. Kernel mode WinDbg extension and PoCs for token privilege investigation
https://github.com/daem0nc0re/PrivFu
@BlueRedTeam
1. SysWhispers integrated shellcode loader w/ ETW patching & anti-sandboxing
https://github.com/ChadMotivation/TymSpecial
2. Kernel mode WinDbg extension and PoCs for token privilege investigation
https://github.com/daem0nc0re/PrivFu
@BlueRedTeam
Forwarded from Network Penetration Testing
A small library to alter AWS API requests
https://github.com/Frichetten/aws_api_shapeshifter
#Cloud
#API
#AWS
@NetPentesters
https://github.com/Frichetten/aws_api_shapeshifter
#Cloud
#API
#AWS
@NetPentesters
GitHub
GitHub - Frichetten/aws_api_shapeshifter: A small library to alter AWS API requests; Used for fuzzing research
A small library to alter AWS API requests; Used for fuzzing research - Frichetten/aws_api_shapeshifter
#exploit
1. WebKit RCE on iOS 14.1 Exploit
https://gist.github.com/ujin5/6b9a32eedc5a39d714a3a72f06efffe5
2. Writing Anti-Anti-Virus Exploit
https://ptr-yudai.hatenablog.com/entry/2022/02/13/122744
@BlueRedTeam
1. WebKit RCE on iOS 14.1 Exploit
https://gist.github.com/ujin5/6b9a32eedc5a39d714a3a72f06efffe5
2. Writing Anti-Anti-Virus Exploit
https://ptr-yudai.hatenablog.com/entry/2022/02/13/122744
@BlueRedTeam
Gist
WebKit RCE on ios 14.1
WebKit RCE on ios 14.1. GitHub Gist: instantly share code, notes, and snippets.
👍1
#Red_Team
1. Persistence - Notepad++ Plugins
https://pentestlab.blog/2022/02/14/persistence-notepad-plugins
2. Use Flickr app to install malicious apps remotely acting as updates
https://infosecwriteups.com/install-invisible-malicious-apps-remotely-acting-as-updates-71178979ff13
@BlueRedTeam
1. Persistence - Notepad++ Plugins
https://pentestlab.blog/2022/02/14/persistence-notepad-plugins
2. Use Flickr app to install malicious apps remotely acting as updates
https://infosecwriteups.com/install-invisible-malicious-apps-remotely-acting-as-updates-71178979ff13
@BlueRedTeam
Penetration Testing Lab
Persistence – Notepad++ Plugins
It is not uncommon a windows environment especially dedicated servers which are managed by developers or IT staff to have installed the Notepad++ text editor. Except of the storage of noscripts and a…
👍1
#Red_Team
Dexter's Red Team Tool that creates cronjob/task scheduler to consistently creates users.
https://github.com/CDT-2215-Team-Bravo/DexterRedTool
@BlueRedTeam
Dexter's Red Team Tool that creates cronjob/task scheduler to consistently creates users.
https://github.com/CDT-2215-Team-Bravo/DexterRedTool
@BlueRedTeam
GitHub
GitHub - CDT-2215-Team-Bravo/DexterRedTool: Dexter's Red Team Tool that creates cronjob/task scheduler to consistently creates…
Dexter's Red Team Tool that creates cronjob/task scheduler to consistently creates users. - GitHub - CDT-2215-Team-Bravo/DexterRedTool: Dexter's Red Team Tool that creates cronjob/...
❤1
#exploit
1. CVE-2022-22536:
SAP NetWeaver Application Server ABAP/Java/ABAP Platform/SAP Content Server/Web Dispatcher memory pipes (MPI) desynchronization vulnerability
https://github.com/antx-code/CVE-2022-22536
2. CVE-2022-0435:
A Remote Stack Overflow in the Linux Kernel
https://www.appgate.com/blog/a-remote-stack-overflow-in-the-linux-kernel
@BlueRedTeam
1. CVE-2022-22536:
SAP NetWeaver Application Server ABAP/Java/ABAP Platform/SAP Content Server/Web Dispatcher memory pipes (MPI) desynchronization vulnerability
https://github.com/antx-code/CVE-2022-22536
2. CVE-2022-0435:
A Remote Stack Overflow in the Linux Kernel
https://www.appgate.com/blog/a-remote-stack-overflow-in-the-linux-kernel
@BlueRedTeam
GitHub
GitHub - ZZ-SOCMAP/CVE-2022-22536: SAP memory pipes(MPI) desynchronization vulnerability CVE-2022-22536.
SAP memory pipes(MPI) desynchronization vulnerability CVE-2022-22536. - ZZ-SOCMAP/CVE-2022-22536
#hardening
#Blue_Team
1. A command-line tool to quickly analyze all IPs in a file and see which ones have open ports/vulnerabilities
https://gitlab.com/shodan-public/nrich
2. Active Directory Privilege Escalation Hardening
https://hadess.io/active-directory-privilege-escalation-hardening
@BlueRedTeam
#Blue_Team
1. A command-line tool to quickly analyze all IPs in a file and see which ones have open ports/vulnerabilities
https://gitlab.com/shodan-public/nrich
2. Active Directory Privilege Escalation Hardening
https://hadess.io/active-directory-privilege-escalation-hardening
@BlueRedTeam
GitLab
shodan-public / nrich · GitLab
A command-line tool to quickly analyze all IPs in a file and see which ones have open ports/ vulnerabilities. Can also be fed data from stdin to be...
#Red_Team
1. WAF Bypass Methods
https://hadess.io/waf-bypass-methods
2. 0-Click Account Takeover and 2FA Bypass
https://infosecwriteups.com/a-tale-of-0-click-account-takeover-and-2fa-bypass-b369cd70e42f
3. Object Overloading
https://blog.xpnsec.com/object-overloading
@BlueRedTeam
1. WAF Bypass Methods
https://hadess.io/waf-bypass-methods
2. 0-Click Account Takeover and 2FA Bypass
https://infosecwriteups.com/a-tale-of-0-click-account-takeover-and-2fa-bypass-b369cd70e42f
3. Object Overloading
https://blog.xpnsec.com/object-overloading
@BlueRedTeam