#Cobalt_Strike
Cobalt Strike Beacon Object Files (BOFs) written in rust with rust core and alloc.
https://github.com/wumb0/rust_bof
@BlueRedTeam
Cobalt Strike Beacon Object Files (BOFs) written in rust with rust core and alloc.
https://github.com/wumb0/rust_bof
@BlueRedTeam
GitHub
GitHub - wumb0/rust_bof: Cobalt Strike Beacon Object Files (BOFs) written in rust with rust core and alloc.
Cobalt Strike Beacon Object Files (BOFs) written in rust with rust core and alloc. - wumb0/rust_bof
#Red_Team
Manipulating user passwords without Mimikatz
https://www.trustedsec.com/blog/manipulating-user-passwords-without-mimikatz
@BlueRedTeam
Manipulating user passwords without Mimikatz
https://www.trustedsec.com/blog/manipulating-user-passwords-without-mimikatz
@BlueRedTeam
TrustedSec
Manipulating User Passwords Without Mimikatz
Considering the following scenario: You have control over the n00py user account, which has permissions to reset the password of esteban_da , who is a…
#exploit
OAuth and PostMessage
Chaining misconfigurations for your access token
https://ninetyn1ne.github.io/2022-02-21-oauth-postmessage-misconfig
@BlueRedTeam
OAuth and PostMessage
Chaining misconfigurations for your access token
https://ninetyn1ne.github.io/2022-02-21-oauth-postmessage-misconfig
@BlueRedTeam
surajdisoja.me
OAuth and PostMessage | surajdisoja.me
Chaining misconfigurations for your access token.
#tools
#Red_Team
OSripper: AV evading OSX Backdoor and Crypter Framework
https://github.com/SubGlitch1/OSRipper
@BlueRedTeam
#Red_Team
OSripper: AV evading OSX Backdoor and Crypter Framework
https://github.com/SubGlitch1/OSRipper
@BlueRedTeam
GitHub
GitHub - NoahOksuz/OSRipper: AV evading cross platform Backdoor and Crypter Framework with a integrated lightweight webUI
AV evading cross platform Backdoor and Crypter Framework with a integrated lightweight webUI - NoahOksuz/OSRipper
#Blue_Team
ATT&CK Flow helps executives, SOC managers/defenders easily understand how attackers compose ATT&CK techniques into attacks by developing a representation of attack flows, modeling attack flows for a small corpus of incidents, and creating visualization tools to display attack flows
https://github.com/center-for-threat-informed-defense/attack-flow
@BlueRedTeam
ATT&CK Flow helps executives, SOC managers/defenders easily understand how attackers compose ATT&CK techniques into attacks by developing a representation of attack flows, modeling attack flows for a small corpus of incidents, and creating visualization tools to display attack flows
https://github.com/center-for-threat-informed-defense/attack-flow
@BlueRedTeam
GitHub
GitHub - center-for-threat-informed-defense/attack-flow: Attack Flow helps executives, SOC managers, and defenders easily understand…
Attack Flow helps executives, SOC managers, and defenders easily understand how attackers compose ATT&CK techniques into attacks by developing a representation of attack flows, modeling att...
#Blue_Team
1. Incident Response Playbooks Mapped to MITRE Attack Tactics and Techniques
https://github.com/austinsonger/Incident-Playbook
2. Malicious traffic detection system
https://github.com/stamparm/maltrail
@BlueRedTeam
1. Incident Response Playbooks Mapped to MITRE Attack Tactics and Techniques
https://github.com/austinsonger/Incident-Playbook
2. Malicious traffic detection system
https://github.com/stamparm/maltrail
@BlueRedTeam
GitHub
GitHub - austinsonger/Incident-Playbook: GOAL: Incident Response Playbooks Mapped to MITRE Attack Tactics and Techniques. [Contributors…
GOAL: Incident Response Playbooks Mapped to MITRE Attack Tactics and Techniques. [Contributors Friendly] - austinsonger/Incident-Playbook
#exploit
CVE-2022-0824:
Post-Auth Reverse Shell
https://github.com/faisalfs10x/Webmin-CVE-2022-0824-revshell
@BlueRedTeam
CVE-2022-0824:
Post-Auth Reverse Shell
https://github.com/faisalfs10x/Webmin-CVE-2022-0824-revshell
@BlueRedTeam
GitHub
GitHub - faisalfs10x/Webmin-CVE-2022-0824-revshell: Webmin <=1.984, CVE-2022-0824 Post-Auth Reverse Shell PoC
Webmin <=1.984, CVE-2022-0824 Post-Auth Reverse Shell PoC - faisalfs10x/Webmin-CVE-2022-0824-revshell
#Red_Team
Adjacency List to Manage P2P Implants
https://rastamouse.me/adjacency-list-to-manage-p2p-implants
@BlueRedTeam
Adjacency List to Manage P2P Implants
https://rastamouse.me/adjacency-list-to-manage-p2p-implants
@BlueRedTeam
#Cobalt_Strike
Cobalt Strike Licensed Key
https://github.com/trewisscotch/Cobalt-Strike-Licensed-Key
@BlueRedTeam
Cobalt Strike Licensed Key
https://github.com/trewisscotch/Cobalt-Strike-Licensed-Key
@BlueRedTeam
#CVE-2022
CVE-2022-0847: Linux Kernel Privilege Escalation Vulnerability
https://github.com/ahrixia/CVE_2022_0847
@BlueRedTeam
CVE-2022-0847: Linux Kernel Privilege Escalation Vulnerability
https://github.com/ahrixia/CVE_2022_0847
@BlueRedTeam
GitHub
GitHub - ahrixia/CVE_2022_0847: CVE-2022-0847: Linux Kernel Privilege Escalation Vulnerability
CVE-2022-0847: Linux Kernel Privilege Escalation Vulnerability - ahrixia/CVE_2022_0847
#CVE-2022
Implementation of Max Kellermann's exploit for CVE-2022-0847
https://github.com/0xIronGoat/dirty-pipe
@BlueRedTeam
Implementation of Max Kellermann's exploit for CVE-2022-0847
https://github.com/0xIronGoat/dirty-pipe
@BlueRedTeam
GitHub
GitHub - 0xIronGoat/dirty-pipe: Implementation of Max Kellermann's exploit for CVE-2022-0847
Implementation of Max Kellermann's exploit for CVE-2022-0847 - 0xIronGoat/dirty-pipe
#CVE-2022
Bash noscript to check for CVE-2022-0847 \"Dirty Pipe\"
https://github.com/basharkey/CVE-2022-0847-dirty-pipe-checker
@BlueRedTeam
Bash noscript to check for CVE-2022-0847 \"Dirty Pipe\"
https://github.com/basharkey/CVE-2022-0847-dirty-pipe-checker
@BlueRedTeam
GitHub
GitHub - basharkey/CVE-2022-0847-dirty-pipe-checker: Bash noscript to check for CVE-2022-0847 "Dirty Pipe"
Bash noscript to check for CVE-2022-0847 "Dirty Pipe" - basharkey/CVE-2022-0847-dirty-pipe-checker
#Blue_Team
Detecting Kerberos Relaying Attacks
https://posts.bluraven.io/detecting-kerberos-relaying-e6be66fa647c
]-> Potentially Relayed NTLM Authentication:
https://github.com/Cyb3r-Monk/Threat-Hunting-and-Detection/blob/main/Credential%20Access/Potentially%20Relayed%20Kerberos%20Authentication%20-%20MS%20Sentinel.md
@BlueRedTeam
Detecting Kerberos Relaying Attacks
https://posts.bluraven.io/detecting-kerberos-relaying-e6be66fa647c
]-> Potentially Relayed NTLM Authentication:
https://github.com/Cyb3r-Monk/Threat-Hunting-and-Detection/blob/main/Credential%20Access/Potentially%20Relayed%20Kerberos%20Authentication%20-%20MS%20Sentinel.md
@BlueRedTeam
Medium
Detecting Kerberos Relaying Attacks
Detecting Kerberos relaying attacks published by cube0x0 (KrbRelay) and by Dirk-jan (krbrelayx)
#Red_Team
1. Feroxbuster:
A fast, simple, recursive content discovery tool
https://github.com/epi052/feroxbuster
2. Jenkins Pentesting
https://github.com/gquere/pwn_jenkins
@BlueRedTeam
1. Feroxbuster:
A fast, simple, recursive content discovery tool
https://github.com/epi052/feroxbuster
2. Jenkins Pentesting
https://github.com/gquere/pwn_jenkins
@BlueRedTeam
GitHub
GitHub - epi052/feroxbuster: A fast, simple, recursive content discovery tool written in Rust.
A fast, simple, recursive content discovery tool written in Rust. - epi052/feroxbuster
#exploit
1. CVE-2022-22005:
Microsoft Sharepoint RCE
https://hnd3884.github.io/posts/cve-2022-22005-microsoft-sharepoint-RCE
2. CVE-2022-25636:
net/netfilter/nf_dup_netdev.c in the Linux kernel <5.6.10 allows local users to gain privileges because of a heap out-of-bounds write
https://github.com/Bonfee/CVE-2022-25636
@BlueRedTeam
1. CVE-2022-22005:
Microsoft Sharepoint RCE
https://hnd3884.github.io/posts/cve-2022-22005-microsoft-sharepoint-RCE
2. CVE-2022-25636:
net/netfilter/nf_dup_netdev.c in the Linux kernel <5.6.10 allows local users to gain privileges because of a heap out-of-bounds write
https://github.com/Bonfee/CVE-2022-25636
@BlueRedTeam
HoangND
CVE-2022-22005 Microsoft SharePoint RCE
Vulnerability Analysis CVE-2022-22005
👍1
#CVE-2022
Dirty Pipe (CVE-2022-0847) PoC that hijacks a SUID binary to spawn. a root shell. (and attempts to restore the damaged binary as well)
https://github.com/MRNIKO1/Dirtypipe-exploit
@BlueRedTeam
Dirty Pipe (CVE-2022-0847) PoC that hijacks a SUID binary to spawn. a root shell. (and attempts to restore the damaged binary as well)
https://github.com/MRNIKO1/Dirtypipe-exploit
@BlueRedTeam
#CVE-2022
A root exploit for CVE-2022-0847 (Dirty Pipe)
https://github.com/babyshen/CVE-2022-0847
@BlueRedTeam
A root exploit for CVE-2022-0847 (Dirty Pipe)
https://github.com/babyshen/CVE-2022-0847
@BlueRedTeam
GitHub
GitHub - babyshen/CVE-2022-0847: A root exploit for CVE-2022-0847 (Dirty Pipe)
A root exploit for CVE-2022-0847 (Dirty Pipe). Contribute to babyshen/CVE-2022-0847 development by creating an account on GitHub.
#Cobalt_Strike
Collection of Beacon Object Files (BOF) for Cobalt Strike
https://github.com/crypt0p3g/bof-collection
@BlueRedTeam
Collection of Beacon Object Files (BOF) for Cobalt Strike
https://github.com/crypt0p3g/bof-collection
@BlueRedTeam
GitHub
GitHub - crypt0p3g/bof-collection: Collection of Beacon Object Files (BOF) for Cobalt Strike
Collection of Beacon Object Files (BOF) for Cobalt Strike - crypt0p3g/bof-collection
#Cobalt_Strike
Parses logs created by Cobalt Strike and creates an SQLite DB which can be used to create custom reports.
https://github.com/Patrick-DE/Cobaltstrike-logparser
@BlueRedTeam
Parses logs created by Cobalt Strike and creates an SQLite DB which can be used to create custom reports.
https://github.com/Patrick-DE/Cobaltstrike-logparser
@BlueRedTeam
GitHub
GitHub - Patrick-DE/C2-logparser: Parses logs created by Cobalt Strike or Brute Ratel and creates an SQLite DB which can be used…
Parses logs created by Cobalt Strike or Brute Ratel and creates an SQLite DB which can be used to create custom reports. - Patrick-DE/C2-logparser
#Red_Team
A Python package is used to execute Atomic Red Team tests (Atomics) across multiple operating system environments.
https://github.com/dionmulaj/EnumVolcano
@BlueRedTeam
A Python package is used to execute Atomic Red Team tests (Atomics) across multiple operating system environments.
https://github.com/dionmulaj/EnumVolcano
@BlueRedTeam
GitHub
GitHub - dionmulaj/EnumVolcano: EnumVolcano is an open source Bash noscript which is used to perform automated enumeration for privilege…
EnumVolcano is an open source Bash noscript which is used to perform automated enumeration for privilege escalation. This tool is dedicated to ethical hackers, red teamers, blue teamers & sec...