#tools
#Red_Team
1. Copy the properties and groups of a user from neo4j (bloodhound) to create an identical golden ticket
https://github.com/Dramelac/GoldenCopy
2. Jbin Website Secret Scraper will gather all the URLs from the website and then it will try to expose the secret data from them such as API keys, secrets, tokens and many other juicy information
https://github.com/h33tlit/Jbin-website-secret-scraper
@BlueRedTeam
#Red_Team
1. Copy the properties and groups of a user from neo4j (bloodhound) to create an identical golden ticket
https://github.com/Dramelac/GoldenCopy
2. Jbin Website Secret Scraper will gather all the URLs from the website and then it will try to expose the secret data from them such as API keys, secrets, tokens and many other juicy information
https://github.com/h33tlit/Jbin-website-secret-scraper
@BlueRedTeam
GitHub
GitHub - Dramelac/GoldenCopy: Copy the properties and groups of a user from neo4j (bloodhound) to create an identical golden ticket.
Copy the properties and groups of a user from neo4j (bloodhound) to create an identical golden ticket. - Dramelac/GoldenCopy
#Blue_Team
HTTP Desync Attacks:
Request Smuggling Reborn
https://portswigger.net/research/http-desync-attacks-request-smuggling-reborn
]-> Http request smuggling vulnerability scanner:
https://github.com/Sh1Yo/request_smuggler
@BlueRedTeam
HTTP Desync Attacks:
Request Smuggling Reborn
https://portswigger.net/research/http-desync-attacks-request-smuggling-reborn
]-> Http request smuggling vulnerability scanner:
https://github.com/Sh1Yo/request_smuggler
@BlueRedTeam
#Red_Team
Into the art of Binary Exploitation
Part 4 - Reviving of Satanic-ROP
https://infosecwriteups.com/into-the-art-of-binary-exploitation-0x000004-reviving-of-satanic-rop-5ab604b52341
@BlueRedTeam
Into the art of Binary Exploitation
Part 4 - Reviving of Satanic-ROP
https://infosecwriteups.com/into-the-art-of-binary-exploitation-0x000004-reviving-of-satanic-rop-5ab604b52341
@BlueRedTeam
Medium
Into the art of Binary Exploitation 0x000004[Reviving of Satanic-ROP]
Continuation of sorcery…!!
#exploit
1. CVE-2021-30955:
Apple macOS Kernel Race Condition
https://gist.github.com/jakeajames/37f72c58c775bfbdda3aa9575149a8aa
2. CVE-2021-3489:
Exploitation Analysis of Linux Kernel eBPF RINGBUF Out-of-Bounds Access Vulnerability
https://mp.weixin.qq.com/s/biSNUlzZqqcYiYwfMSaTeg
@BlueRedTeam
1. CVE-2021-30955:
Apple macOS Kernel Race Condition
https://gist.github.com/jakeajames/37f72c58c775bfbdda3aa9575149a8aa
2. CVE-2021-3489:
Exploitation Analysis of Linux Kernel eBPF RINGBUF Out-of-Bounds Access Vulnerability
https://mp.weixin.qq.com/s/biSNUlzZqqcYiYwfMSaTeg
@BlueRedTeam
Gist
CVE-2021-30955 PoC
CVE-2021-30955 PoC. GitHub Gist: instantly share code, notes, and snippets.
#Blue_Team
1. The SpotBugs plugin for security audits of Java web applications and Android applications (also work with Kotlin/Groovy/Scala projects)
https://github.com/find-sec-bugs/find-sec-bugs
2. SOC Skills:
How to Detect Good Apps Gone Bad
https://www.intezer.com/blog/malware-analysis/how-to-detect-legitimate-apps-used-by-attackers
@BlueRedTeam
1. The SpotBugs plugin for security audits of Java web applications and Android applications (also work with Kotlin/Groovy/Scala projects)
https://github.com/find-sec-bugs/find-sec-bugs
2. SOC Skills:
How to Detect Good Apps Gone Bad
https://www.intezer.com/blog/malware-analysis/how-to-detect-legitimate-apps-used-by-attackers
@BlueRedTeam
GitHub
GitHub - find-sec-bugs/find-sec-bugs: The SpotBugs plugin for security audits of Java web applications and Android applications.…
The SpotBugs plugin for security audits of Java web applications and Android applications. (Also work with Kotlin, Groovy and Scala projects) - find-sec-bugs/find-sec-bugs
#Red_Team
1. Golden GMSA Attack
https://www.semperis.com/blog/golden-gmsa-attack
2. Bash Tricks for File Exfiltration over HTTP/S using Flask
https://medium.com/maverislabs/bash-tricks-for-file-exfiltration-over-http-s-using-flask-112aed524ad
@BlueRedTeam
1. Golden GMSA Attack
https://www.semperis.com/blog/golden-gmsa-attack
2. Bash Tricks for File Exfiltration over HTTP/S using Flask
https://medium.com/maverislabs/bash-tricks-for-file-exfiltration-over-http-s-using-flask-112aed524ad
@BlueRedTeam
Semperis
gMSA Active Directory Attacks | Semperis AD Guides
Group Managed Service Accounts (gMSAs) are vulverable to attacks called a "Golden gMSA". Learn more about GMSA Active Directory attacks on our blog.
#Cobalt_Strike
The idea is to collect all the C# projects that are Sharp{Word} that can be used in Cobalt Strike as execute assembly command.
https://github.com/N7WEra/SharpAllTheThings
@BlueRedTeam
The idea is to collect all the C# projects that are Sharp{Word} that can be used in Cobalt Strike as execute assembly command.
https://github.com/N7WEra/SharpAllTheThings
@BlueRedTeam
GitHub
GitHub - N7WEra/SharpAllTheThings: The idea is to collect all the C# projects that are Sharp{Word} that can be used in Cobalt Strike…
The idea is to collect all the C# projects that are Sharp{Word} that can be used in Cobalt Strike as execute assembly command. - N7WEra/SharpAllTheThings
#Red_Team
Red Team's SIEM - tool for Red Teams used for tracking and alarming about Blue Team activities as well as better usability in long term operations.
https://github.com/Yuvrajsinh05/Yuvrajsinh05
@BlueRedTeam
Red Team's SIEM - tool for Red Teams used for tracking and alarming about Blue Team activities as well as better usability in long term operations.
https://github.com/Yuvrajsinh05/Yuvrajsinh05
@BlueRedTeam
GitHub
GitHub - Yuvrajsinh05/Yuvrajsinh05
Contribute to Yuvrajsinh05/Yuvrajsinh05 development by creating an account on GitHub.
#Red_Team
Red Team, Blue Team, and Network Analysis
https://github.com/Jwulfe/Final-Project
@BlueRedTeam
Red Team, Blue Team, and Network Analysis
https://github.com/Jwulfe/Final-Project
@BlueRedTeam
GitHub
GitHub - Jwulfe/Cyber-Security-Bootcamp-Final-Project: Red Team, Blue Team, and Network Analysis
Red Team, Blue Team, and Network Analysis. Contribute to Jwulfe/Cyber-Security-Bootcamp-Final-Project development by creating an account on GitHub.
#Red_Team
Penetration Testing, Vulnerability Assessment and Red Team Learning
https://github.com/nairuzabulhul/R3d-Buck3T
@BlueRedTeam
Penetration Testing, Vulnerability Assessment and Red Team Learning
https://github.com/nairuzabulhul/R3d-Buck3T
@BlueRedTeam
GitHub
GitHub - nairuzabulhul/R3d-Buck3T: Penetration Testing, Vulnerability Assessment and Red Team Learning
Penetration Testing, Vulnerability Assessment and Red Team Learning - nairuzabulhul/R3d-Buck3T
#Cobalt_Strike
Cobalt Strike Beacon Object Files (BOFs) written in rust with rust core and alloc.
https://github.com/wumb0/rust_bof
@BlueRedTeam
Cobalt Strike Beacon Object Files (BOFs) written in rust with rust core and alloc.
https://github.com/wumb0/rust_bof
@BlueRedTeam
GitHub
GitHub - wumb0/rust_bof: Cobalt Strike Beacon Object Files (BOFs) written in rust with rust core and alloc.
Cobalt Strike Beacon Object Files (BOFs) written in rust with rust core and alloc. - wumb0/rust_bof
#Red_Team
Manipulating user passwords without Mimikatz
https://www.trustedsec.com/blog/manipulating-user-passwords-without-mimikatz
@BlueRedTeam
Manipulating user passwords without Mimikatz
https://www.trustedsec.com/blog/manipulating-user-passwords-without-mimikatz
@BlueRedTeam
TrustedSec
Manipulating User Passwords Without Mimikatz
Considering the following scenario: You have control over the n00py user account, which has permissions to reset the password of esteban_da , who is a…
#exploit
OAuth and PostMessage
Chaining misconfigurations for your access token
https://ninetyn1ne.github.io/2022-02-21-oauth-postmessage-misconfig
@BlueRedTeam
OAuth and PostMessage
Chaining misconfigurations for your access token
https://ninetyn1ne.github.io/2022-02-21-oauth-postmessage-misconfig
@BlueRedTeam
surajdisoja.me
OAuth and PostMessage | surajdisoja.me
Chaining misconfigurations for your access token.
#tools
#Red_Team
OSripper: AV evading OSX Backdoor and Crypter Framework
https://github.com/SubGlitch1/OSRipper
@BlueRedTeam
#Red_Team
OSripper: AV evading OSX Backdoor and Crypter Framework
https://github.com/SubGlitch1/OSRipper
@BlueRedTeam
GitHub
GitHub - NoahOksuz/OSRipper: AV evading cross platform Backdoor and Crypter Framework with a integrated lightweight webUI
AV evading cross platform Backdoor and Crypter Framework with a integrated lightweight webUI - NoahOksuz/OSRipper
#Blue_Team
ATT&CK Flow helps executives, SOC managers/defenders easily understand how attackers compose ATT&CK techniques into attacks by developing a representation of attack flows, modeling attack flows for a small corpus of incidents, and creating visualization tools to display attack flows
https://github.com/center-for-threat-informed-defense/attack-flow
@BlueRedTeam
ATT&CK Flow helps executives, SOC managers/defenders easily understand how attackers compose ATT&CK techniques into attacks by developing a representation of attack flows, modeling attack flows for a small corpus of incidents, and creating visualization tools to display attack flows
https://github.com/center-for-threat-informed-defense/attack-flow
@BlueRedTeam
GitHub
GitHub - center-for-threat-informed-defense/attack-flow: Attack Flow helps executives, SOC managers, and defenders easily understand…
Attack Flow helps executives, SOC managers, and defenders easily understand how attackers compose ATT&CK techniques into attacks by developing a representation of attack flows, modeling att...
#Blue_Team
1. Incident Response Playbooks Mapped to MITRE Attack Tactics and Techniques
https://github.com/austinsonger/Incident-Playbook
2. Malicious traffic detection system
https://github.com/stamparm/maltrail
@BlueRedTeam
1. Incident Response Playbooks Mapped to MITRE Attack Tactics and Techniques
https://github.com/austinsonger/Incident-Playbook
2. Malicious traffic detection system
https://github.com/stamparm/maltrail
@BlueRedTeam
GitHub
GitHub - austinsonger/Incident-Playbook: GOAL: Incident Response Playbooks Mapped to MITRE Attack Tactics and Techniques. [Contributors…
GOAL: Incident Response Playbooks Mapped to MITRE Attack Tactics and Techniques. [Contributors Friendly] - austinsonger/Incident-Playbook
#exploit
CVE-2022-0824:
Post-Auth Reverse Shell
https://github.com/faisalfs10x/Webmin-CVE-2022-0824-revshell
@BlueRedTeam
CVE-2022-0824:
Post-Auth Reverse Shell
https://github.com/faisalfs10x/Webmin-CVE-2022-0824-revshell
@BlueRedTeam
GitHub
GitHub - faisalfs10x/Webmin-CVE-2022-0824-revshell: Webmin <=1.984, CVE-2022-0824 Post-Auth Reverse Shell PoC
Webmin <=1.984, CVE-2022-0824 Post-Auth Reverse Shell PoC - faisalfs10x/Webmin-CVE-2022-0824-revshell
#Red_Team
Adjacency List to Manage P2P Implants
https://rastamouse.me/adjacency-list-to-manage-p2p-implants
@BlueRedTeam
Adjacency List to Manage P2P Implants
https://rastamouse.me/adjacency-list-to-manage-p2p-implants
@BlueRedTeam
#Cobalt_Strike
Cobalt Strike Licensed Key
https://github.com/trewisscotch/Cobalt-Strike-Licensed-Key
@BlueRedTeam
Cobalt Strike Licensed Key
https://github.com/trewisscotch/Cobalt-Strike-Licensed-Key
@BlueRedTeam