#Red_Team
Tool created for Red Team to test default credentials on SSH and WinRM and then execute noscripts with those credentials before the password can be changed by Blue Team.
https://github.com/RITRedteam/StreetCred
@BlueRedTeam
Tool created for Red Team to test default credentials on SSH and WinRM and then execute noscripts with those credentials before the password can be changed by Blue Team.
https://github.com/RITRedteam/StreetCred
@BlueRedTeam
GitHub
GitHub - RITRedteam/StreetCred: Tool created for Red Team to test default credentials on SSH and WinRM and then execute noscripts…
Tool created for Red Team to test default credentials on SSH and WinRM and then execute noscripts with those credentials before the password can be changed by Blue Team. - RITRedteam/StreetCred
#Red_Team
Penetration Testing, Vulnerability Assessment and Red Team Learning
https://github.com/nairuzabulhul/R3d-Buck3T
@BlueRedTeam
Penetration Testing, Vulnerability Assessment and Red Team Learning
https://github.com/nairuzabulhul/R3d-Buck3T
@BlueRedTeam
GitHub
GitHub - nairuzabulhul/R3d-Buck3T: Penetration Testing, Vulnerability Assessment and Red Team Learning
Penetration Testing, Vulnerability Assessment and Red Team Learning - nairuzabulhul/R3d-Buck3T
#Cobalt_Strike
Cobalt Strike 4.5 cracked version.
https://github.com/trewisscotch/CobaltStr4.5
@BlueRedTeam
Cobalt Strike 4.5 cracked version.
https://github.com/trewisscotch/CobaltStr4.5
@BlueRedTeam
👍2
#tools
#Blue_Team
1. Fnord - Pattern Extractor for Obfuscated Code
https://github.com/Neo23x0/Fnord
2. A collection of tools to help audit NPM dependencies for suspicious packages or continuously monitor dependencies for future security events
https://github.com/jfrog/jfrog-npm-tools
@BlueRedTeam
#Blue_Team
1. Fnord - Pattern Extractor for Obfuscated Code
https://github.com/Neo23x0/Fnord
2. A collection of tools to help audit NPM dependencies for suspicious packages or continuously monitor dependencies for future security events
https://github.com/jfrog/jfrog-npm-tools
@BlueRedTeam
GitHub
GitHub - Neo23x0/Fnord: Pattern Extractor for Obfuscated Code
Pattern Extractor for Obfuscated Code. Contribute to Neo23x0/Fnord development by creating an account on GitHub.
#Red_Team
1. SysWhispers integrated shellcode loader w/ ETW patching & anti-sandboxing
https://github.com/ChadMotivation/TymSpecial
2. Kernel mode WinDbg extension and PoCs for token privilege investigation
https://github.com/daem0nc0re/PrivFu
@BlueRedTeam
1. SysWhispers integrated shellcode loader w/ ETW patching & anti-sandboxing
https://github.com/ChadMotivation/TymSpecial
2. Kernel mode WinDbg extension and PoCs for token privilege investigation
https://github.com/daem0nc0re/PrivFu
@BlueRedTeam
Forwarded from Network Penetration Testing
A small library to alter AWS API requests
https://github.com/Frichetten/aws_api_shapeshifter
#Cloud
#API
#AWS
@NetPentesters
https://github.com/Frichetten/aws_api_shapeshifter
#Cloud
#API
#AWS
@NetPentesters
GitHub
GitHub - Frichetten/aws_api_shapeshifter: A small library to alter AWS API requests; Used for fuzzing research
A small library to alter AWS API requests; Used for fuzzing research - Frichetten/aws_api_shapeshifter
#exploit
1. WebKit RCE on iOS 14.1 Exploit
https://gist.github.com/ujin5/6b9a32eedc5a39d714a3a72f06efffe5
2. Writing Anti-Anti-Virus Exploit
https://ptr-yudai.hatenablog.com/entry/2022/02/13/122744
@BlueRedTeam
1. WebKit RCE on iOS 14.1 Exploit
https://gist.github.com/ujin5/6b9a32eedc5a39d714a3a72f06efffe5
2. Writing Anti-Anti-Virus Exploit
https://ptr-yudai.hatenablog.com/entry/2022/02/13/122744
@BlueRedTeam
Gist
WebKit RCE on ios 14.1
WebKit RCE on ios 14.1. GitHub Gist: instantly share code, notes, and snippets.
👍1
#Red_Team
1. Persistence - Notepad++ Plugins
https://pentestlab.blog/2022/02/14/persistence-notepad-plugins
2. Use Flickr app to install malicious apps remotely acting as updates
https://infosecwriteups.com/install-invisible-malicious-apps-remotely-acting-as-updates-71178979ff13
@BlueRedTeam
1. Persistence - Notepad++ Plugins
https://pentestlab.blog/2022/02/14/persistence-notepad-plugins
2. Use Flickr app to install malicious apps remotely acting as updates
https://infosecwriteups.com/install-invisible-malicious-apps-remotely-acting-as-updates-71178979ff13
@BlueRedTeam
Penetration Testing Lab
Persistence – Notepad++ Plugins
It is not uncommon a windows environment especially dedicated servers which are managed by developers or IT staff to have installed the Notepad++ text editor. Except of the storage of noscripts and a…
👍1
#Red_Team
Dexter's Red Team Tool that creates cronjob/task scheduler to consistently creates users.
https://github.com/CDT-2215-Team-Bravo/DexterRedTool
@BlueRedTeam
Dexter's Red Team Tool that creates cronjob/task scheduler to consistently creates users.
https://github.com/CDT-2215-Team-Bravo/DexterRedTool
@BlueRedTeam
GitHub
GitHub - CDT-2215-Team-Bravo/DexterRedTool: Dexter's Red Team Tool that creates cronjob/task scheduler to consistently creates…
Dexter's Red Team Tool that creates cronjob/task scheduler to consistently creates users. - GitHub - CDT-2215-Team-Bravo/DexterRedTool: Dexter's Red Team Tool that creates cronjob/...
❤1
#exploit
1. CVE-2022-22536:
SAP NetWeaver Application Server ABAP/Java/ABAP Platform/SAP Content Server/Web Dispatcher memory pipes (MPI) desynchronization vulnerability
https://github.com/antx-code/CVE-2022-22536
2. CVE-2022-0435:
A Remote Stack Overflow in the Linux Kernel
https://www.appgate.com/blog/a-remote-stack-overflow-in-the-linux-kernel
@BlueRedTeam
1. CVE-2022-22536:
SAP NetWeaver Application Server ABAP/Java/ABAP Platform/SAP Content Server/Web Dispatcher memory pipes (MPI) desynchronization vulnerability
https://github.com/antx-code/CVE-2022-22536
2. CVE-2022-0435:
A Remote Stack Overflow in the Linux Kernel
https://www.appgate.com/blog/a-remote-stack-overflow-in-the-linux-kernel
@BlueRedTeam
GitHub
GitHub - ZZ-SOCMAP/CVE-2022-22536: SAP memory pipes(MPI) desynchronization vulnerability CVE-2022-22536.
SAP memory pipes(MPI) desynchronization vulnerability CVE-2022-22536. - ZZ-SOCMAP/CVE-2022-22536
#hardening
#Blue_Team
1. A command-line tool to quickly analyze all IPs in a file and see which ones have open ports/vulnerabilities
https://gitlab.com/shodan-public/nrich
2. Active Directory Privilege Escalation Hardening
https://hadess.io/active-directory-privilege-escalation-hardening
@BlueRedTeam
#Blue_Team
1. A command-line tool to quickly analyze all IPs in a file and see which ones have open ports/vulnerabilities
https://gitlab.com/shodan-public/nrich
2. Active Directory Privilege Escalation Hardening
https://hadess.io/active-directory-privilege-escalation-hardening
@BlueRedTeam
GitLab
shodan-public / nrich · GitLab
A command-line tool to quickly analyze all IPs in a file and see which ones have open ports/ vulnerabilities. Can also be fed data from stdin to be...
#Red_Team
1. WAF Bypass Methods
https://hadess.io/waf-bypass-methods
2. 0-Click Account Takeover and 2FA Bypass
https://infosecwriteups.com/a-tale-of-0-click-account-takeover-and-2fa-bypass-b369cd70e42f
3. Object Overloading
https://blog.xpnsec.com/object-overloading
@BlueRedTeam
1. WAF Bypass Methods
https://hadess.io/waf-bypass-methods
2. 0-Click Account Takeover and 2FA Bypass
https://infosecwriteups.com/a-tale-of-0-click-account-takeover-and-2fa-bypass-b369cd70e42f
3. Object Overloading
https://blog.xpnsec.com/object-overloading
@BlueRedTeam
#Red_Team
Blog for tracking internet adventures and open-source projects. Security / Engineering / Red Team / Writeups
https://github.com/0xRJTC/ryanengineers.github.io
@BlueRedTeam
Blog for tracking internet adventures and open-source projects. Security / Engineering / Red Team / Writeups
https://github.com/0xRJTC/ryanengineers.github.io
@BlueRedTeam
#Blue_Team
Attack Surface Monitoring using Open-Source Intelligence
https://infosecwriteups.com/attack-surface-monitoring-using-open-source-intelligence-90415e863e93
@BlueRedTeam
Attack Surface Monitoring using Open-Source Intelligence
https://infosecwriteups.com/attack-surface-monitoring-using-open-source-intelligence-90415e863e93
@BlueRedTeam
Medium
Attack Surface Monitoring using Open-Source Intelligence
The paper introduces the case study for attack surface analysis and monitoring with practical application of open-source intelligence…
#exploit
#Red_Team
1. Nightmare: One Byte to ROP // Deep Dive Edition
https://hackmd.io/@pepsipu/ry-SK44pt
2. A multi exploit instagram exploitation framework
https://github.com/TheBirdSecurity/Instagram-Exploitation-Framework
@BlueRedTeam
#Red_Team
1. Nightmare: One Byte to ROP // Deep Dive Edition
https://hackmd.io/@pepsipu/ry-SK44pt
2. A multi exploit instagram exploitation framework
https://github.com/TheBirdSecurity/Instagram-Exploitation-Framework
@BlueRedTeam
HackMD
Nightmare: One Byte to ROP // Deep Dive Edition - HackMD
# Nightmare: One Byte to ROP // Deep Dive Edition ## Introduction In this write-up, we'll discuss ho
#exploit
Exploiting CVE-2019-2215:
Brief introduction to binder, eventpoll subsystem and Vectored I/O
https://cutesmilee.github.io/kernel/linux/android/2022/02/17/cve-2019-2215_writeup.html
]-> PoC: https://github.com/cutesmilee/cutesmilee.github.io/blob/main/code/cve-2019-2215-exploit.c
@BlueRedTeam
Exploiting CVE-2019-2215:
Brief introduction to binder, eventpoll subsystem and Vectored I/O
https://cutesmilee.github.io/kernel/linux/android/2022/02/17/cve-2019-2215_writeup.html
]-> PoC: https://github.com/cutesmilee/cutesmilee.github.io/blob/main/code/cve-2019-2215-exploit.c
@BlueRedTeam
cutesmilee’s blog
exploiting CVE-2019-2215
Brief introduction to binder, eventpoll subsystem and Vectored I/O
#Malware_analysis
1. Kraken: A New Golang Botnet in Development
https://www.zerofox.com/blog/meet-kraken-a-new-golang-botnet-in-development
2. TargetCompany Ransomware
https://decoded.avast.io/threatresearch/decrypted-targetcompany-ransomware
@BlueRedTeam
1. Kraken: A New Golang Botnet in Development
https://www.zerofox.com/blog/meet-kraken-a-new-golang-botnet-in-development
2. TargetCompany Ransomware
https://decoded.avast.io/threatresearch/decrypted-targetcompany-ransomware
@BlueRedTeam
ZeroFox
Meet Kraken: A New Golang Botnet in Development
Stay up-to-date on the latest industry news with ZeroFox's Intelligence Hub. Access timely flash reports and expert analysis to stay informed and prepared.
#Red_Team
1. Bypassing Cloudflare’s WAF
https://medium.com/@friendly_/bypassing-cloudflares-waf-b1b83a50fb2f
2. Tool to audit and attack LAPS environments
https://github.com/leoloobeek/LAPSToolkit
@BlueRedTeam
1. Bypassing Cloudflare’s WAF
https://medium.com/@friendly_/bypassing-cloudflares-waf-b1b83a50fb2f
2. Tool to audit and attack LAPS environments
https://github.com/leoloobeek/LAPSToolkit
@BlueRedTeam
Medium
Bypassing Cloudflare’s WAF!
Before skipping through this write up and look for the final payload — be sure you understand what you read. Lots of you just copy and…