#Blue_Team

1. The SpotBugs plugin for security audits of Java web applications and Android applications (also work with Kotlin/Groovy/Scala projects)
https://github.com/find-sec-bugs/find-sec-bugs
2. SOC Skills:
How to Detect Good Apps Gone Bad
https://www.intezer.com/blog/malware-analysis/how-to-detect-legitimate-apps-used-by-attackers

@BlueRedTeam

#Red_Team
1. Golden GMSA Attack
https://www.semperis.com/blog/golden-gmsa-attack
2. Bash Tricks for File Exfiltration over HTTP/S using Flask
https://medium.com/maverislabs/bash-tricks-for-file-exfiltration-over-http-s-using-flask-112aed524ad

@BlueRedTeam

#Blue_Team

Mac OS X Keychain Forensic Tool

https://github.com/n0fate/chainbreaker

@BlueRedTeam

#Cobalt_Strike

The idea is to collect all the C# projects that are Sharp{Word} that can be used in Cobalt Strike as execute assembly command.

https://github.com/N7WEra/SharpAllTheThings

@BlueRedTeam

#Red_Team

Red Team's SIEM - tool for Red Teams used for tracking and alarming about Blue Team activities as well as better usability in long term operations.

https://github.com/Yuvrajsinh05/Yuvrajsinh05

@BlueRedTeam

#Red_Team

Red Team, Blue Team, and Network Analysis

https://github.com/Jwulfe/Final-Project

@BlueRedTeam

#Red_Team

Penetration Testing, Vulnerability Assessment and Red Team Learning

https://github.com/nairuzabulhul/R3d-Buck3T

@BlueRedTeam

#Cobalt_Strike

Cobalt Strike Beacon Object Files (BOFs) written in rust with rust core and alloc.

https://github.com/wumb0/rust_bof

@BlueRedTeam

#Red_Team
Manipulating user passwords without Mimikatz
https://www.trustedsec.com/blog/manipulating-user-passwords-without-mimikatz

@BlueRedTeam

#exploit
OAuth and PostMessage
Chaining misconfigurations for your access token
https://ninetyn1ne.github.io/2022-02-21-oauth-postmessage-misconfig

@BlueRedTeam

#tools
#Red_Team
OSripper: AV evading OSX Backdoor and Crypter Framework
https://github.com/SubGlitch1/OSRipper

@BlueRedTeam

#Blue_Team
ATT&CK Flow helps executives, SOC managers/defenders easily understand how attackers compose ATT&CK techniques into attacks by developing a representation of attack flows, modeling attack flows for a small corpus of incidents, and creating visualization tools to display attack flows
https://github.com/center-for-threat-informed-defense/attack-flow

@BlueRedTeam

#Roadmap

Free Certification Roadmap

@LibrarySecBackup
@Library_Sec

#Blue_Team
1. Incident Response Playbooks Mapped to MITRE Attack Tactics and Techniques
https://github.com/austinsonger/Incident-Playbook
2. Malicious traffic detection system
https://github.com/stamparm/maltrail

@BlueRedTeam

#exploit
CVE-2022-0824:
Post-Auth Reverse Shell
https://github.com/faisalfs10x/Webmin-CVE-2022-0824-revshell
@BlueRedTeam

#Red_Team

Adjacency List to Manage P2P Implants
https://rastamouse.me/adjacency-list-to-manage-p2p-implants

@BlueRedTeam

#Cobalt_Strike

Cobalt Strike Licensed Key

https://github.com/trewisscotch/Cobalt-Strike-Licensed-Key

@BlueRedTeam

#CVE-2022

CVE-2022-0847: Linux Kernel Privilege Escalation Vulnerability

https://github.com/ahrixia/CVE_2022_0847

@BlueRedTeam

#CVE-2022

Implementation of Max Kellermann's exploit for CVE-2022-0847

https://github.com/0xIronGoat/dirty-pipe

@BlueRedTeam

#CVE-2022

Bash noscript to check for CVE-2022-0847 \"Dirty Pipe\"

https://github.com/basharkey/CVE-2022-0847-dirty-pipe-checker

@BlueRedTeam

#Blue_Team
Detecting Kerberos Relaying Attacks
https://posts.bluraven.io/detecting-kerberos-relaying-e6be66fa647c
]-> Potentially Relayed NTLM Authentication:
https://github.com/Cyb3r-Monk/Threat-Hunting-and-Detection/blob/main/Credential%20Access/Potentially%20Relayed%20Kerberos%20Authentication%20-%20MS%20Sentinel.md

@BlueRedTeam