#hardening
#Blue_Team
1. A command-line tool to quickly analyze all IPs in a file and see which ones have open ports/vulnerabilities
https://gitlab.com/shodan-public/nrich
2. Active Directory Privilege Escalation Hardening
https://hadess.io/active-directory-privilege-escalation-hardening
@BlueRedTeam
#Blue_Team
1. A command-line tool to quickly analyze all IPs in a file and see which ones have open ports/vulnerabilities
https://gitlab.com/shodan-public/nrich
2. Active Directory Privilege Escalation Hardening
https://hadess.io/active-directory-privilege-escalation-hardening
@BlueRedTeam
GitLab
shodan-public / nrich · GitLab
A command-line tool to quickly analyze all IPs in a file and see which ones have open ports/ vulnerabilities. Can also be fed data from stdin to be...
#Red_Team
1. WAF Bypass Methods
https://hadess.io/waf-bypass-methods
2. 0-Click Account Takeover and 2FA Bypass
https://infosecwriteups.com/a-tale-of-0-click-account-takeover-and-2fa-bypass-b369cd70e42f
3. Object Overloading
https://blog.xpnsec.com/object-overloading
@BlueRedTeam
1. WAF Bypass Methods
https://hadess.io/waf-bypass-methods
2. 0-Click Account Takeover and 2FA Bypass
https://infosecwriteups.com/a-tale-of-0-click-account-takeover-and-2fa-bypass-b369cd70e42f
3. Object Overloading
https://blog.xpnsec.com/object-overloading
@BlueRedTeam
#Red_Team
Blog for tracking internet adventures and open-source projects. Security / Engineering / Red Team / Writeups
https://github.com/0xRJTC/ryanengineers.github.io
@BlueRedTeam
Blog for tracking internet adventures and open-source projects. Security / Engineering / Red Team / Writeups
https://github.com/0xRJTC/ryanengineers.github.io
@BlueRedTeam
#Blue_Team
Attack Surface Monitoring using Open-Source Intelligence
https://infosecwriteups.com/attack-surface-monitoring-using-open-source-intelligence-90415e863e93
@BlueRedTeam
Attack Surface Monitoring using Open-Source Intelligence
https://infosecwriteups.com/attack-surface-monitoring-using-open-source-intelligence-90415e863e93
@BlueRedTeam
Medium
Attack Surface Monitoring using Open-Source Intelligence
The paper introduces the case study for attack surface analysis and monitoring with practical application of open-source intelligence…
#exploit
#Red_Team
1. Nightmare: One Byte to ROP // Deep Dive Edition
https://hackmd.io/@pepsipu/ry-SK44pt
2. A multi exploit instagram exploitation framework
https://github.com/TheBirdSecurity/Instagram-Exploitation-Framework
@BlueRedTeam
#Red_Team
1. Nightmare: One Byte to ROP // Deep Dive Edition
https://hackmd.io/@pepsipu/ry-SK44pt
2. A multi exploit instagram exploitation framework
https://github.com/TheBirdSecurity/Instagram-Exploitation-Framework
@BlueRedTeam
HackMD
Nightmare: One Byte to ROP // Deep Dive Edition - HackMD
# Nightmare: One Byte to ROP // Deep Dive Edition ## Introduction In this write-up, we'll discuss ho
#exploit
Exploiting CVE-2019-2215:
Brief introduction to binder, eventpoll subsystem and Vectored I/O
https://cutesmilee.github.io/kernel/linux/android/2022/02/17/cve-2019-2215_writeup.html
]-> PoC: https://github.com/cutesmilee/cutesmilee.github.io/blob/main/code/cve-2019-2215-exploit.c
@BlueRedTeam
Exploiting CVE-2019-2215:
Brief introduction to binder, eventpoll subsystem and Vectored I/O
https://cutesmilee.github.io/kernel/linux/android/2022/02/17/cve-2019-2215_writeup.html
]-> PoC: https://github.com/cutesmilee/cutesmilee.github.io/blob/main/code/cve-2019-2215-exploit.c
@BlueRedTeam
cutesmilee’s blog
exploiting CVE-2019-2215
Brief introduction to binder, eventpoll subsystem and Vectored I/O
#Malware_analysis
1. Kraken: A New Golang Botnet in Development
https://www.zerofox.com/blog/meet-kraken-a-new-golang-botnet-in-development
2. TargetCompany Ransomware
https://decoded.avast.io/threatresearch/decrypted-targetcompany-ransomware
@BlueRedTeam
1. Kraken: A New Golang Botnet in Development
https://www.zerofox.com/blog/meet-kraken-a-new-golang-botnet-in-development
2. TargetCompany Ransomware
https://decoded.avast.io/threatresearch/decrypted-targetcompany-ransomware
@BlueRedTeam
ZeroFox
Meet Kraken: A New Golang Botnet in Development
Stay up-to-date on the latest industry news with ZeroFox's Intelligence Hub. Access timely flash reports and expert analysis to stay informed and prepared.
#Red_Team
1. Bypassing Cloudflare’s WAF
https://medium.com/@friendly_/bypassing-cloudflares-waf-b1b83a50fb2f
2. Tool to audit and attack LAPS environments
https://github.com/leoloobeek/LAPSToolkit
@BlueRedTeam
1. Bypassing Cloudflare’s WAF
https://medium.com/@friendly_/bypassing-cloudflares-waf-b1b83a50fb2f
2. Tool to audit and attack LAPS environments
https://github.com/leoloobeek/LAPSToolkit
@BlueRedTeam
Medium
Bypassing Cloudflare’s WAF!
Before skipping through this write up and look for the final payload — be sure you understand what you read. Lots of you just copy and…
#AD
Active Directory Certificate Services enumeration and abuse
https://github.com/ly4k/Certipy
@BlueRedTeam
Active Directory Certificate Services enumeration and abuse
https://github.com/ly4k/Certipy
@BlueRedTeam
GitHub
GitHub - ly4k/Certipy: Tool for Active Directory Certificate Services enumeration and abuse
Tool for Active Directory Certificate Services enumeration and abuse - ly4k/Certipy
👍1
#Red_Team
1. Steal Credentials & Bypass 2FA Using noVNC
https://mrd0x.com/bypass-2fa-using-novnc
2. Queries user sessions for the entire domain
(Interactive/RDP etc)
https://github.com/YossiSassi/Get-UserSession
@BlueRedTeam
1. Steal Credentials & Bypass 2FA Using noVNC
https://mrd0x.com/bypass-2fa-using-novnc
2. Queries user sessions for the entire domain
(Interactive/RDP etc)
https://github.com/YossiSassi/Get-UserSession
@BlueRedTeam
Mrd0X
Security Research | mr.d0x
Providing security research and red team techniques
👍1
#Blue_Team
1. PolarProxy in Windows Sandbox
https://www.netresec.com/?page=Blog&month=2022-01&post=PolarProxy-in-Windows-Sandbox
2. A command-line tool to quickly analyze all IPs in a file and see which ones have open ports/vulnerabilities
https://gitlab.com/shodan-public/nrich
@BlueRedTeam
1. PolarProxy in Windows Sandbox
https://www.netresec.com/?page=Blog&month=2022-01&post=PolarProxy-in-Windows-Sandbox
2. A command-line tool to quickly analyze all IPs in a file and see which ones have open ports/vulnerabilities
https://gitlab.com/shodan-public/nrich
@BlueRedTeam
Netresec
PolarProxy in Windows Sandbox
In this video I demonstrate how PolarProxy can be run in a Windows Sandbox to intercept and decrypt outgoing TLS communication. This setup can be used to inspect otherwise encrypted traffic from malware or suspicious Windows applications, which communicate…
👍1
#Red_Team
1. Vulhub is an open-source collection of pre-built vulnerable docker environments
https://github.com/vulhub/vulhub
2. linWinPwn is a bash noscript that automates a number of AD Enumeration and Vulnerability checks
https://github.com/lefayjey/linWinPwn
@BlueRedTeam
1. Vulhub is an open-source collection of pre-built vulnerable docker environments
https://github.com/vulhub/vulhub
2. linWinPwn is a bash noscript that automates a number of AD Enumeration and Vulnerability checks
https://github.com/lefayjey/linWinPwn
@BlueRedTeam
GitHub
GitHub - vulhub/vulhub: Pre-Built Vulnerable Environments Based on Docker-Compose
Pre-Built Vulnerable Environments Based on Docker-Compose - vulhub/vulhub
👍1
#Cobalt_Strike
The idea is to collect all the C# projects that are Sharp{Word} that can be used in Cobalt Strike as execute assembly command.
https://github.com/N7WEra/SharpAllTheThings
@BlueRedTeam
The idea is to collect all the C# projects that are Sharp{Word} that can be used in Cobalt Strike as execute assembly command.
https://github.com/N7WEra/SharpAllTheThings
@BlueRedTeam
GitHub
GitHub - N7WEra/SharpAllTheThings: The idea is to collect all the C# projects that are Sharp{Word} that can be used in Cobalt Strike…
The idea is to collect all the C# projects that are Sharp{Word} that can be used in Cobalt Strike as execute assembly command. - N7WEra/SharpAllTheThings
#Red_Team
Red Team vs. Blue Team scenario in which you I played the role of both pentester and SOC analyst.
https://github.com/Ogichka/Red-Vs.-Blue-Team-Project
@BlueRedTeam
Red Team vs. Blue Team scenario in which you I played the role of both pentester and SOC analyst.
https://github.com/Ogichka/Red-Vs.-Blue-Team-Project
@BlueRedTeam
GitHub
GitHub - Ogichka/Red-Vs.-Blue-Team-Project: Red Team vs. Blue Team scenario in which I played the role of both pentester and SOC…
Red Team vs. Blue Team scenario in which I played the role of both pentester and SOC analyst. - GitHub - Ogichka/Red-Vs.-Blue-Team-Project: Red Team vs. Blue Team scenario in which I played the rol...
#Red_Team
Red Team Suite Key Management & Utility Software
https://github.com/Tech-Slayers/RTS-Encryption-Manager
@BlueRedTeam
Red Team Suite Key Management & Utility Software
https://github.com/Tech-Slayers/RTS-Encryption-Manager
@BlueRedTeam
GitHub
GitHub - Tech-Slayers/RTS-Encryption-Manager: Red Team Suite Key Management & Utility Software
Red Team Suite Key Management & Utility Software. Contribute to Tech-Slayers/RTS-Encryption-Manager development by creating an account on GitHub.
#exploit
1. CVE-2022-25375:
Demo exploit of RNDIS USB Gadget
https://github.com/szymonh/rndis-co
2. CVE-2022-24112:
Apache APISIX apisix/batch-requests RCE
https://github.com/Mr-xn/CVE-2022-24112
]-> https://github.com/shakeman8/CVE-2022-24112
@BlueRedTeam
1. CVE-2022-25375:
Demo exploit of RNDIS USB Gadget
https://github.com/szymonh/rndis-co
2. CVE-2022-24112:
Apache APISIX apisix/batch-requests RCE
https://github.com/Mr-xn/CVE-2022-24112
]-> https://github.com/shakeman8/CVE-2022-24112
@BlueRedTeam
GitHub
GitHub - szymonh/rndis-co: CVE-2022-25375 - Demo exploit of RNDIS USB Gadget
CVE-2022-25375 - Demo exploit of RNDIS USB Gadget. Contribute to szymonh/rndis-co development by creating an account on GitHub.