#Red_Team
1. Golden GMSA Attack
https://www.semperis.com/blog/golden-gmsa-attack
2. Bash Tricks for File Exfiltration over HTTP/S using Flask
https://medium.com/maverislabs/bash-tricks-for-file-exfiltration-over-http-s-using-flask-112aed524ad
@BlueRedTeam
1. Golden GMSA Attack
https://www.semperis.com/blog/golden-gmsa-attack
2. Bash Tricks for File Exfiltration over HTTP/S using Flask
https://medium.com/maverislabs/bash-tricks-for-file-exfiltration-over-http-s-using-flask-112aed524ad
@BlueRedTeam
Semperis
gMSA Active Directory Attacks | Semperis AD Guides
Group Managed Service Accounts (gMSAs) are vulverable to attacks called a "Golden gMSA". Learn more about GMSA Active Directory attacks on our blog.
#Cobalt_Strike
The idea is to collect all the C# projects that are Sharp{Word} that can be used in Cobalt Strike as execute assembly command.
https://github.com/N7WEra/SharpAllTheThings
@BlueRedTeam
The idea is to collect all the C# projects that are Sharp{Word} that can be used in Cobalt Strike as execute assembly command.
https://github.com/N7WEra/SharpAllTheThings
@BlueRedTeam
GitHub
GitHub - N7WEra/SharpAllTheThings: The idea is to collect all the C# projects that are Sharp{Word} that can be used in Cobalt Strike…
The idea is to collect all the C# projects that are Sharp{Word} that can be used in Cobalt Strike as execute assembly command. - N7WEra/SharpAllTheThings
#Red_Team
Red Team's SIEM - tool for Red Teams used for tracking and alarming about Blue Team activities as well as better usability in long term operations.
https://github.com/Yuvrajsinh05/Yuvrajsinh05
@BlueRedTeam
Red Team's SIEM - tool for Red Teams used for tracking and alarming about Blue Team activities as well as better usability in long term operations.
https://github.com/Yuvrajsinh05/Yuvrajsinh05
@BlueRedTeam
GitHub
GitHub - Yuvrajsinh05/Yuvrajsinh05
Contribute to Yuvrajsinh05/Yuvrajsinh05 development by creating an account on GitHub.
#Red_Team
Red Team, Blue Team, and Network Analysis
https://github.com/Jwulfe/Final-Project
@BlueRedTeam
Red Team, Blue Team, and Network Analysis
https://github.com/Jwulfe/Final-Project
@BlueRedTeam
GitHub
GitHub - Jwulfe/Cyber-Security-Bootcamp-Final-Project: Red Team, Blue Team, and Network Analysis
Red Team, Blue Team, and Network Analysis. Contribute to Jwulfe/Cyber-Security-Bootcamp-Final-Project development by creating an account on GitHub.
#Red_Team
Penetration Testing, Vulnerability Assessment and Red Team Learning
https://github.com/nairuzabulhul/R3d-Buck3T
@BlueRedTeam
Penetration Testing, Vulnerability Assessment and Red Team Learning
https://github.com/nairuzabulhul/R3d-Buck3T
@BlueRedTeam
GitHub
GitHub - nairuzabulhul/R3d-Buck3T: Penetration Testing, Vulnerability Assessment and Red Team Learning
Penetration Testing, Vulnerability Assessment and Red Team Learning - nairuzabulhul/R3d-Buck3T
#Cobalt_Strike
Cobalt Strike Beacon Object Files (BOFs) written in rust with rust core and alloc.
https://github.com/wumb0/rust_bof
@BlueRedTeam
Cobalt Strike Beacon Object Files (BOFs) written in rust with rust core and alloc.
https://github.com/wumb0/rust_bof
@BlueRedTeam
GitHub
GitHub - wumb0/rust_bof: Cobalt Strike Beacon Object Files (BOFs) written in rust with rust core and alloc.
Cobalt Strike Beacon Object Files (BOFs) written in rust with rust core and alloc. - wumb0/rust_bof
#Red_Team
Manipulating user passwords without Mimikatz
https://www.trustedsec.com/blog/manipulating-user-passwords-without-mimikatz
@BlueRedTeam
Manipulating user passwords without Mimikatz
https://www.trustedsec.com/blog/manipulating-user-passwords-without-mimikatz
@BlueRedTeam
TrustedSec
Manipulating User Passwords Without Mimikatz
Considering the following scenario: You have control over the n00py user account, which has permissions to reset the password of esteban_da , who is a…
#exploit
OAuth and PostMessage
Chaining misconfigurations for your access token
https://ninetyn1ne.github.io/2022-02-21-oauth-postmessage-misconfig
@BlueRedTeam
OAuth and PostMessage
Chaining misconfigurations for your access token
https://ninetyn1ne.github.io/2022-02-21-oauth-postmessage-misconfig
@BlueRedTeam
surajdisoja.me
OAuth and PostMessage | surajdisoja.me
Chaining misconfigurations for your access token.
#tools
#Red_Team
OSripper: AV evading OSX Backdoor and Crypter Framework
https://github.com/SubGlitch1/OSRipper
@BlueRedTeam
#Red_Team
OSripper: AV evading OSX Backdoor and Crypter Framework
https://github.com/SubGlitch1/OSRipper
@BlueRedTeam
GitHub
GitHub - NoahOksuz/OSRipper: AV evading cross platform Backdoor and Crypter Framework with a integrated lightweight webUI
AV evading cross platform Backdoor and Crypter Framework with a integrated lightweight webUI - NoahOksuz/OSRipper
#Blue_Team
ATT&CK Flow helps executives, SOC managers/defenders easily understand how attackers compose ATT&CK techniques into attacks by developing a representation of attack flows, modeling attack flows for a small corpus of incidents, and creating visualization tools to display attack flows
https://github.com/center-for-threat-informed-defense/attack-flow
@BlueRedTeam
ATT&CK Flow helps executives, SOC managers/defenders easily understand how attackers compose ATT&CK techniques into attacks by developing a representation of attack flows, modeling attack flows for a small corpus of incidents, and creating visualization tools to display attack flows
https://github.com/center-for-threat-informed-defense/attack-flow
@BlueRedTeam
GitHub
GitHub - center-for-threat-informed-defense/attack-flow: Attack Flow helps executives, SOC managers, and defenders easily understand…
Attack Flow helps executives, SOC managers, and defenders easily understand how attackers compose ATT&CK techniques into attacks by developing a representation of attack flows, modeling att...
#Blue_Team
1. Incident Response Playbooks Mapped to MITRE Attack Tactics and Techniques
https://github.com/austinsonger/Incident-Playbook
2. Malicious traffic detection system
https://github.com/stamparm/maltrail
@BlueRedTeam
1. Incident Response Playbooks Mapped to MITRE Attack Tactics and Techniques
https://github.com/austinsonger/Incident-Playbook
2. Malicious traffic detection system
https://github.com/stamparm/maltrail
@BlueRedTeam
GitHub
GitHub - austinsonger/Incident-Playbook: GOAL: Incident Response Playbooks Mapped to MITRE Attack Tactics and Techniques. [Contributors…
GOAL: Incident Response Playbooks Mapped to MITRE Attack Tactics and Techniques. [Contributors Friendly] - austinsonger/Incident-Playbook
#exploit
CVE-2022-0824:
Post-Auth Reverse Shell
https://github.com/faisalfs10x/Webmin-CVE-2022-0824-revshell
@BlueRedTeam
CVE-2022-0824:
Post-Auth Reverse Shell
https://github.com/faisalfs10x/Webmin-CVE-2022-0824-revshell
@BlueRedTeam
GitHub
GitHub - faisalfs10x/Webmin-CVE-2022-0824-revshell: Webmin <=1.984, CVE-2022-0824 Post-Auth Reverse Shell PoC
Webmin <=1.984, CVE-2022-0824 Post-Auth Reverse Shell PoC - faisalfs10x/Webmin-CVE-2022-0824-revshell
#Red_Team
Adjacency List to Manage P2P Implants
https://rastamouse.me/adjacency-list-to-manage-p2p-implants
@BlueRedTeam
Adjacency List to Manage P2P Implants
https://rastamouse.me/adjacency-list-to-manage-p2p-implants
@BlueRedTeam
#Cobalt_Strike
Cobalt Strike Licensed Key
https://github.com/trewisscotch/Cobalt-Strike-Licensed-Key
@BlueRedTeam
Cobalt Strike Licensed Key
https://github.com/trewisscotch/Cobalt-Strike-Licensed-Key
@BlueRedTeam
#CVE-2022
CVE-2022-0847: Linux Kernel Privilege Escalation Vulnerability
https://github.com/ahrixia/CVE_2022_0847
@BlueRedTeam
CVE-2022-0847: Linux Kernel Privilege Escalation Vulnerability
https://github.com/ahrixia/CVE_2022_0847
@BlueRedTeam
GitHub
GitHub - ahrixia/CVE_2022_0847: CVE-2022-0847: Linux Kernel Privilege Escalation Vulnerability
CVE-2022-0847: Linux Kernel Privilege Escalation Vulnerability - ahrixia/CVE_2022_0847
#CVE-2022
Implementation of Max Kellermann's exploit for CVE-2022-0847
https://github.com/0xIronGoat/dirty-pipe
@BlueRedTeam
Implementation of Max Kellermann's exploit for CVE-2022-0847
https://github.com/0xIronGoat/dirty-pipe
@BlueRedTeam
GitHub
GitHub - 0xIronGoat/dirty-pipe: Implementation of Max Kellermann's exploit for CVE-2022-0847
Implementation of Max Kellermann's exploit for CVE-2022-0847 - 0xIronGoat/dirty-pipe
#CVE-2022
Bash noscript to check for CVE-2022-0847 \"Dirty Pipe\"
https://github.com/basharkey/CVE-2022-0847-dirty-pipe-checker
@BlueRedTeam
Bash noscript to check for CVE-2022-0847 \"Dirty Pipe\"
https://github.com/basharkey/CVE-2022-0847-dirty-pipe-checker
@BlueRedTeam
GitHub
GitHub - basharkey/CVE-2022-0847-dirty-pipe-checker: Bash noscript to check for CVE-2022-0847 "Dirty Pipe"
Bash noscript to check for CVE-2022-0847 "Dirty Pipe" - basharkey/CVE-2022-0847-dirty-pipe-checker
#Blue_Team
Detecting Kerberos Relaying Attacks
https://posts.bluraven.io/detecting-kerberos-relaying-e6be66fa647c
]-> Potentially Relayed NTLM Authentication:
https://github.com/Cyb3r-Monk/Threat-Hunting-and-Detection/blob/main/Credential%20Access/Potentially%20Relayed%20Kerberos%20Authentication%20-%20MS%20Sentinel.md
@BlueRedTeam
Detecting Kerberos Relaying Attacks
https://posts.bluraven.io/detecting-kerberos-relaying-e6be66fa647c
]-> Potentially Relayed NTLM Authentication:
https://github.com/Cyb3r-Monk/Threat-Hunting-and-Detection/blob/main/Credential%20Access/Potentially%20Relayed%20Kerberos%20Authentication%20-%20MS%20Sentinel.md
@BlueRedTeam
Medium
Detecting Kerberos Relaying Attacks
Detecting Kerberos relaying attacks published by cube0x0 (KrbRelay) and by Dirk-jan (krbrelayx)
#Red_Team
1. Feroxbuster:
A fast, simple, recursive content discovery tool
https://github.com/epi052/feroxbuster
2. Jenkins Pentesting
https://github.com/gquere/pwn_jenkins
@BlueRedTeam
1. Feroxbuster:
A fast, simple, recursive content discovery tool
https://github.com/epi052/feroxbuster
2. Jenkins Pentesting
https://github.com/gquere/pwn_jenkins
@BlueRedTeam
GitHub
GitHub - epi052/feroxbuster: A fast, simple, recursive content discovery tool written in Rust.
A fast, simple, recursive content discovery tool written in Rust. - epi052/feroxbuster