#CVE-2022
Dirty Pipe (CVE-2022-0847) PoC that hijacks a SUID binary to spawn. a root shell. (and attempts to restore the damaged binary as well)
https://github.com/MRNIKO1/Dirtypipe-exploit
@BlueRedTeam
Dirty Pipe (CVE-2022-0847) PoC that hijacks a SUID binary to spawn. a root shell. (and attempts to restore the damaged binary as well)
https://github.com/MRNIKO1/Dirtypipe-exploit
@BlueRedTeam
#CVE-2022
A root exploit for CVE-2022-0847 (Dirty Pipe)
https://github.com/babyshen/CVE-2022-0847
@BlueRedTeam
A root exploit for CVE-2022-0847 (Dirty Pipe)
https://github.com/babyshen/CVE-2022-0847
@BlueRedTeam
GitHub
GitHub - babyshen/CVE-2022-0847: A root exploit for CVE-2022-0847 (Dirty Pipe)
A root exploit for CVE-2022-0847 (Dirty Pipe). Contribute to babyshen/CVE-2022-0847 development by creating an account on GitHub.
#Cobalt_Strike
Collection of Beacon Object Files (BOF) for Cobalt Strike
https://github.com/crypt0p3g/bof-collection
@BlueRedTeam
Collection of Beacon Object Files (BOF) for Cobalt Strike
https://github.com/crypt0p3g/bof-collection
@BlueRedTeam
GitHub
GitHub - crypt0p3g/bof-collection: Collection of Beacon Object Files (BOF) for Cobalt Strike
Collection of Beacon Object Files (BOF) for Cobalt Strike - crypt0p3g/bof-collection
#Cobalt_Strike
Parses logs created by Cobalt Strike and creates an SQLite DB which can be used to create custom reports.
https://github.com/Patrick-DE/Cobaltstrike-logparser
@BlueRedTeam
Parses logs created by Cobalt Strike and creates an SQLite DB which can be used to create custom reports.
https://github.com/Patrick-DE/Cobaltstrike-logparser
@BlueRedTeam
GitHub
GitHub - Patrick-DE/C2-logparser: Parses logs created by Cobalt Strike or Brute Ratel and creates an SQLite DB which can be used…
Parses logs created by Cobalt Strike or Brute Ratel and creates an SQLite DB which can be used to create custom reports. - Patrick-DE/C2-logparser
#Red_Team
A Python package is used to execute Atomic Red Team tests (Atomics) across multiple operating system environments.
https://github.com/dionmulaj/EnumVolcano
@BlueRedTeam
A Python package is used to execute Atomic Red Team tests (Atomics) across multiple operating system environments.
https://github.com/dionmulaj/EnumVolcano
@BlueRedTeam
GitHub
GitHub - dionmulaj/EnumVolcano: EnumVolcano is an open source Bash noscript which is used to perform automated enumeration for privilege…
EnumVolcano is an open source Bash noscript which is used to perform automated enumeration for privilege escalation. This tool is dedicated to ethical hackers, red teamers, blue teamers & sec...
#Red_Team
Automatic Linux privesc via exploitation of low-hanging fruit (gtfobins, pwnkit, dirty pipe, +w docker.sock)
https://github.com/liamg/traitor
@BlueRedTeam
Automatic Linux privesc via exploitation of low-hanging fruit (gtfobins, pwnkit, dirty pipe, +w docker.sock)
https://github.com/liamg/traitor
@BlueRedTeam
GitHub
GitHub - liamg/traitor: :arrow_up: :fire: Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, pwnkit,…
:arrow_up: :skull_and_crossbones: :fire: Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, pwnkit, dirty pipe, +w docker.sock - GitHub - liamg/traitor: :arrow_up: :fire: ...
#tools
#Blue_Team
DeTT&CT: Detect Tactics, Techniques & Combat Threats
https://github.com/rabobank-cdc/DeTTECT
@BlueRedTeam
#Blue_Team
DeTT&CT: Detect Tactics, Techniques & Combat Threats
https://github.com/rabobank-cdc/DeTTECT
@BlueRedTeam
GitHub
GitHub - rabobank-cdc/DeTTECT: Detect Tactics, Techniques & Combat Threats
Detect Tactics, Techniques & Combat Threats. Contribute to rabobank-cdc/DeTTECT development by creating an account on GitHub.
#CVE-2022
spring-cloud-gateway-rce CVE-2022-22947
https://github.com/k3rwin/spring-cloud-gateway-rce
@BlueRedTeam
spring-cloud-gateway-rce CVE-2022-22947
https://github.com/k3rwin/spring-cloud-gateway-rce
@BlueRedTeam
GitHub
GitHub - k3rwin/spring-cloud-gateway-rce: spring-cloud-gateway-rce CVE-2022-22947
spring-cloud-gateway-rce CVE-2022-22947. Contribute to k3rwin/spring-cloud-gateway-rce development by creating an account on GitHub.
#Blue_Team
Hunting for Suspicious DNS Communications
https://c99.sh/hunting-for-suspicious-dns-communications
@BlueRedTeam
Hunting for Suspicious DNS Communications
https://c99.sh/hunting-for-suspicious-dns-communications
@BlueRedTeam
#exploit
1. Oracle Access Manager Pre-Auth RCE Analysis (CVE-2021-35587)
https://testbnull.medium.com/oracle-access-manager-pre-auth-rce-cve-2021-35587-analysis-1302a4542316
2. The Discovery and Exploitation of CVE-2022-25636
https://nickgregory.me/linux/security/2022/03/12/cve-2022-25636
@BlueRedTeam
1. Oracle Access Manager Pre-Auth RCE Analysis (CVE-2021-35587)
https://testbnull.medium.com/oracle-access-manager-pre-auth-rce-cve-2021-35587-analysis-1302a4542316
2. The Discovery and Exploitation of CVE-2022-25636
https://nickgregory.me/linux/security/2022/03/12/cve-2022-25636
@BlueRedTeam
Medium
Oracle Access Manager Pre-Auth RCE (CVE-2021–35587 Analysis)
As you may know, Oracle Access Manager (OAM) is a popular SSO product used by many big corp such as Oracle, VMware, Huawei, Qualcomm, …
#CVE-2022
Exploits for Hotel Druid 3.0.3 - Remote Code Execution (RCE) CVE-2022-22909
https://github.com/kaal18/CVE-2022-22909
@BlueRedTeam
Exploits for Hotel Druid 3.0.3 - Remote Code Execution (RCE) CVE-2022-22909
https://github.com/kaal18/CVE-2022-22909
@BlueRedTeam
GitHub
GitHub - kaal18/CVE-2022-22909: Exploits for Hotel Druid 3.0.3 - Remote Code Execution (RCE) CVE-2022-22909
Exploits for Hotel Druid 3.0.3 - Remote Code Execution (RCE) CVE-2022-22909 - kaal18/CVE-2022-22909
#Red_Team
Red Teaming Assessment Scoring System
https://github.com/CipherKill/windows-login-phish
@BlueRedTeam
Red Teaming Assessment Scoring System
https://github.com/CipherKill/windows-login-phish
@BlueRedTeam
GitHub
GitHub - ReptilianPride/windows-login-phish: This is a windows maching login page designed using HTML, CSS and JS. This can be…
This is a windows maching login page designed using HTML, CSS and JS. This can be used for red teaming or cybersecurity awareness related purposes. There are some more things that I need to do and ...
#Red_Team
Automating a Red Team Lab
Part 1 - Domain Creation
https://nickzero.co.uk/automating-a-red-team-lab
Part 2 - Monitoring and Logging
https://nickzero.co.uk/automating-a-red-team-lab-part-2
@BlueRedTeam
Automating a Red Team Lab
Part 1 - Domain Creation
https://nickzero.co.uk/automating-a-red-team-lab
Part 2 - Monitoring and Logging
https://nickzero.co.uk/automating-a-red-team-lab-part-2
@BlueRedTeam
NickZero's Blog
Automating a Red Team Lab (Part 1): Domain Creation
If you're anything like me, you will tend to rip your test lab down and build it again at least once a day. Let's do it automagically!
#CVE-2022
Apache APISIX Remote Code Execution (CVE-2022-24112) proof of concept exploit
https://github.com/M4xSec/Apache-APISIX-CVE-2022-24112
@BlueRedTeam
Apache APISIX Remote Code Execution (CVE-2022-24112) proof of concept exploit
https://github.com/M4xSec/Apache-APISIX-CVE-2022-24112
@BlueRedTeam
GitHub
GitHub - M4xSec/Apache-APISIX-CVE-2022-24112: Apache APISIX Remote Code Execution (CVE-2022-24112) proof of concept exploit
Apache APISIX Remote Code Execution (CVE-2022-24112) proof of concept exploit - GitHub - M4xSec/Apache-APISIX-CVE-2022-24112: Apache APISIX Remote Code Execution (CVE-2022-24112) proof of concept ...
#Red_Team
Exploits Scripts and other tools that are useful during Penetration-Testing or Red Team engagement
https://github.com/carlwarnberg/FinalEngagement
@BlueRedTeam
Exploits Scripts and other tools that are useful during Penetration-Testing or Red Team engagement
https://github.com/carlwarnberg/FinalEngagement
@BlueRedTeam
GitHub
GitHub - carlwarnberg/FinalEngagement: In a similar vein to Project 2, in this third and final project, we were tasked with performing…
In a similar vein to Project 2, in this third and final project, we were tasked with performing the duties of a Red Team pen tester and a Blue Team SOC analyst, with the added wrinkle of inspecting...
#Red_Team
1. Browser In The Browser (BITB) Attack
https://mrd0x.com/browser-in-the-browser-phishing-attack
2. Simple way to bypass GateKeeper (CVE-2022-22616)
https://jhftss.github.io/CVE-2022-22616-Gatekeeper-Bypass
@BlueRedTeam
1. Browser In The Browser (BITB) Attack
https://mrd0x.com/browser-in-the-browser-phishing-attack
2. Simple way to bypass GateKeeper (CVE-2022-22616)
https://jhftss.github.io/CVE-2022-22616-Gatekeeper-Bypass
@BlueRedTeam
Mrd0X
Security Research | mr.d0x
Providing security research and red team techniques
#exploit
From XSS to RCE (dompdf 0day)
https://positive.security/blog/dompdf-rce
]-> RCE exploit for dompdf:
https://github.com/positive-security/dompdf-rce
@BlueRedTeam
From XSS to RCE (dompdf 0day)
https://positive.security/blog/dompdf-rce
]-> RCE exploit for dompdf:
https://github.com/positive-security/dompdf-rce
@BlueRedTeam
positive.security
From XSS to RCE (dompdf 0day) | Positive Security
Using a still unpatched vulnerability in the PHP library dompdf (used for rendering PDFs from HTML), we achieved RCE on a web server with merely a reflected XSS vulnerability as entry point.