#Red_Team
Windows Red Team Exploitation Techniques
https://hackersploit.org/windows-red-team-exploitation-techniques
@BlueRedTeam
Windows Red Team Exploitation Techniques
https://hackersploit.org/windows-red-team-exploitation-techniques
@BlueRedTeam
HackerSploit Blog
Windows Red Team Exploitation Techniques
Our objective is to generate a malicious office document that contains a macro that will provide us with a reverse shell on the target system when executed.
👍2🔥2
#Red_Team
ARTi-C2 is a post-exploitation framework used to execute Atomic Red Team test cases with rapid payload deployment and execution capabilities via .NET's DLR.
https://github.com/danielmaxio/Atomic-Red-Team-Intelligence-C2
@BlueRedTeam
ARTi-C2 is a post-exploitation framework used to execute Atomic Red Team test cases with rapid payload deployment and execution capabilities via .NET's DLR.
https://github.com/danielmaxio/Atomic-Red-Team-Intelligence-C2
@BlueRedTeam
👍1
#Red_Team
The all-in-one Red Team extension for Web Pentester 🛠
https://github.com/LasCC/Hack-Tools
@BlueRedTeam
The all-in-one Red Team extension for Web Pentester 🛠
https://github.com/LasCC/Hack-Tools
@BlueRedTeam
GitHub
GitHub - LasCC/HackTools: The all-in-one browser extension for offensive security professionals 🛠
The all-in-one browser extension for offensive security professionals 🛠 - LasCC/HackTools
#Red_Team
1. Unconstrained Delegation
https://pentestlab.blog/2022/03/21/unconstrained-delegation
2. Initial Access - Right-To-Left Override
https://www.exandroid.dev/2022/03/21/initial-access-right-to-left-override-t1036002
@BlueRedTeam
1. Unconstrained Delegation
https://pentestlab.blog/2022/03/21/unconstrained-delegation
2. Initial Access - Right-To-Left Override
https://www.exandroid.dev/2022/03/21/initial-access-right-to-left-override-t1036002
@BlueRedTeam
Penetration Testing Lab
Unconstrained Delegation
Microsoft to support scenarios where users authenticate via Kerberos to one system and information needs to be updated on another system implemented unconstrained delegation. This was implemented i…
#Red_Team
Cyber security,Red Teaming and CTF Writeup's
https://github.com/0xStarlight/0xStarlight.github.io
@BlueRedTeam
Cyber security,Red Teaming and CTF Writeup's
https://github.com/0xStarlight/0xStarlight.github.io
@BlueRedTeam
GitHub
GitHub - 0xStarlight/0xStarlight.github.io: Cyber security, Red Teaming and CTF Writeup's.
Cyber security, Red Teaming and CTF Writeup's. Contribute to 0xStarlight/0xStarlight.github.io development by creating an account on GitHub.
👍1
#Red_Team
OffSecOps: Using Jenkins For Red Team Tooling
https://http418infosec.com/offsecops-using-jenkins-for-red-team-tooling
@BlueRedTeam
OffSecOps: Using Jenkins For Red Team Tooling
https://http418infosec.com/offsecops-using-jenkins-for-red-team-tooling
@BlueRedTeam
HTTP418InfoSec
OffSecOps: Using Jenkins For Red Team Tooling - HTTP418InfoSec
A quick look at how Jenkins can be used to automatically build payloads and tooling, based on the OffSecOps talk by Harmj0y.
👍1
#tools
#Red_Team
Escalate from a low-integrity Administrator account to NT AUTHORITY\SYSTEM without an LPE exploit by combining a COM UAC bypass and Token Impersonation
https://github.com/FULLSHADE/Auto-Elevate
@BlueRedTeam
#Red_Team
Escalate from a low-integrity Administrator account to NT AUTHORITY\SYSTEM without an LPE exploit by combining a COM UAC bypass and Token Impersonation
https://github.com/FULLSHADE/Auto-Elevate
@BlueRedTeam
GitHub
GitHub - FULLSHADE/Auto-Elevate: Escalate from a low-integrity Administrator account to NT AUTHORITY\SYSTEM without an LPE exploit…
Escalate from a low-integrity Administrator account to NT AUTHORITY\SYSTEM without an LPE exploit by combining a COM UAC bypass and Token Impersonation - FULLSHADE/Auto-Elevate
#Cobalt_Strike
A collection of C# utilities intended to be used with Cobalt Strike's execute-assembly
https://github.com/breakid/SharpUtils
@BlueRedTeam
A collection of C# utilities intended to be used with Cobalt Strike's execute-assembly
https://github.com/breakid/SharpUtils
@BlueRedTeam
GitHub
GitHub - breakid/SharpUtils: A collection of C# utilities intended to be used with Cobalt Strike's execute-assembly
A collection of C# utilities intended to be used with Cobalt Strike's execute-assembly - GitHub - breakid/SharpUtils: A collection of C# utilities intended to be used with Cobalt Strike&...
#Red_Team
CTF Writeups / Penetration testing / Red Teaming
https://github.com/sujal11111/1337redteamer.github.io
@BlueRedTeam
CTF Writeups / Penetration testing / Red Teaming
https://github.com/sujal11111/1337redteamer.github.io
@BlueRedTeam
#exploit
1. CVE-2022-23648:
containerd: Insecure handling of image volumes
https://bugs.chromium.org/p/project-zero/issues/detail?id=2244
2. Exploit tool for CVE-2021-43008
Adminer 1.0 - 4.6.2 Arbitrary File Read vulnerability
https://github.com/p0dalirius/CVE-2021-43008-AdminerRead
@BlueRedTeam
1. CVE-2022-23648:
containerd: Insecure handling of image volumes
https://bugs.chromium.org/p/project-zero/issues/detail?id=2244
2. Exploit tool for CVE-2021-43008
Adminer 1.0 - 4.6.2 Arbitrary File Read vulnerability
https://github.com/p0dalirius/CVE-2021-43008-AdminerRead
@BlueRedTeam
GitHub
GitHub - p0dalirius/CVE-2021-43008-AdminerRead: Exploit tool for CVE-2021-43008 Adminer 1.0 up to 4.6.2 Arbitrary File Read vulnerability
Exploit tool for CVE-2021-43008 Adminer 1.0 up to 4.6.2 Arbitrary File Read vulnerability - GitHub - p0dalirius/CVE-2021-43008-AdminerRead: Exploit tool for CVE-2021-43008 Adminer 1.0 up to 4.6.2 ...
#Red_Team
Bypassing MFA with Pass-the-Cookie
https://stealthbits.com/blog/bypassing-mfa-with-pass-the-cookie
@BlueRedTeam
Bypassing MFA with Pass-the-Cookie
https://stealthbits.com/blog/bypassing-mfa-with-pass-the-cookie
@BlueRedTeam
#Cobalt_Strike
Useful Cobalt Strike BOFs found or used during engagements
https://github.com/wsummerhill/CobaltStrike_BOF_Collections
@BlueRedTeam
Useful Cobalt Strike BOFs found or used during engagements
https://github.com/wsummerhill/CobaltStrike_BOF_Collections
@BlueRedTeam
GitHub
GitHub - wsummerhill/CobaltStrike_BOF_Collections: Useful Cobalt Strike BOFs found or used during engagements
Useful Cobalt Strike BOFs found or used during engagements - wsummerhill/CobaltStrike_BOF_Collections
#Cobalt_Strike
Agressor noscript that lists available Cobalt Strike beacon commands and colors them based on their type
https://github.com/outflanknl/HelpColor
@BlueRedTeam
Agressor noscript that lists available Cobalt Strike beacon commands and colors them based on their type
https://github.com/outflanknl/HelpColor
@BlueRedTeam
GitHub
GitHub - outflanknl/HelpColor: Agressor noscript that lists available Cobalt Strike beacon commands and colors them based on their…
Agressor noscript that lists available Cobalt Strike beacon commands and colors them based on their type - outflanknl/HelpColor
👍2
#Red_Team
1. TCC ClickJacking:
A proof of concept for a ClickJacking attack on macOS
https://github.com/breakpointHQ/TCC-ClickJacking
2. iOS Hacking - A Beginner's Guide to Hacking iOS Apps (2022)
https://martabyte.github.io/ios/hacking/2022/03/13/ios-hacking-en.html
@BlueRedTeam
1. TCC ClickJacking:
A proof of concept for a ClickJacking attack on macOS
https://github.com/breakpointHQ/TCC-ClickJacking
2. iOS Hacking - A Beginner's Guide to Hacking iOS Apps (2022)
https://martabyte.github.io/ios/hacking/2022/03/13/ios-hacking-en.html
@BlueRedTeam
GitHub
GitHub - breakpointHQ/TCC-ClickJacking: A proof of concept for a clickjacking attack on macOS.
A proof of concept for a clickjacking attack on macOS. - breakpointHQ/TCC-ClickJacking
❤3
#Blue_Team
The LAPSUS$ Group - A Chaotic Start of Ransomware-free Extortion
https://www.picussecurity.com/resource/the-lapsus-group-a-chaotic-start-of-ransomware-free-extortion
Lapsus Group IOC
@BlueRedTeam
The LAPSUS$ Group - A Chaotic Start of Ransomware-free Extortion
https://www.picussecurity.com/resource/the-lapsus-group-a-chaotic-start-of-ransomware-free-extortion
Lapsus Group IOC
@BlueRedTeam
Picussecurity
The LAPSUS$ Group - A Chaotic Start of Ransomware-free Extortion
This article explains the LAPSUS$ group that threatened to leak the data of breached organizations, such as Octa and Microsoft, without using ransomware.
#Red_Team #Malware
Rootkit for Windows 10/11
Cronos is a Windows 10/11 x64 Ring 0 rootkit. Can hide processes, protect and elevate them with token manipulation.
https://github.com/XaFF-XaFF/Cronos-Rootkit
@BlueRedTeam
Rootkit for Windows 10/11
Cronos is a Windows 10/11 x64 Ring 0 rootkit. Can hide processes, protect and elevate them with token manipulation.
https://github.com/XaFF-XaFF/Cronos-Rootkit
@BlueRedTeam
GitHub
GitHub - XaFF-XaFF/Cronos-Rootkit: Cronos is Windows 10/11 x64 ring 0 rootkit. Cronos is able to hide processes, protect and elevate…
Cronos is Windows 10/11 x64 ring 0 rootkit. Cronos is able to hide processes, protect and elevate them with token manipulation. - GitHub - XaFF-XaFF/Cronos-Rootkit: Cronos is Windows 10/11 x64 rin...
#CVE-2022
Container Excape PoC for CVE-2022-0847 \"DirtyPipe\"
https://github.com/DataDog/dirtypipe-container-breakout-poc
@BlueRedTeam
Container Excape PoC for CVE-2022-0847 \"DirtyPipe\"
https://github.com/DataDog/dirtypipe-container-breakout-poc
@BlueRedTeam
GitHub
GitHub - DataDog/dirtypipe-container-breakout-poc: Container Excape PoC for CVE-2022-0847 "DirtyPipe"
Container Excape PoC for CVE-2022-0847 "DirtyPipe" - GitHub - DataDog/dirtypipe-container-breakout-poc: Container Excape PoC for CVE-2022-0847 "DirtyPipe"
#Cobalt_Strike
Python library for dissecting and parsing Cobalt Strike related data such as Beacon payloads and Malleable C2 Profiles
https://github.com/fox-it/dissect.cobaltstrike
@BlueRedTeam
Python library for dissecting and parsing Cobalt Strike related data such as Beacon payloads and Malleable C2 Profiles
https://github.com/fox-it/dissect.cobaltstrike
@BlueRedTeam
GitHub
GitHub - fox-it/dissect.cobaltstrike: Python library for dissecting and parsing Cobalt Strike related data such as Beacon payloads…
Python library for dissecting and parsing Cobalt Strike related data such as Beacon payloads and Malleable C2 Profiles - fox-it/dissect.cobaltstrike
👍1
#Cobalt_Strike
Parses Cobalt Strike malleable C2 profiles.
https://github.com/brett-fitz/pyMalleableProfileParser
@BlueRedTeam
Parses Cobalt Strike malleable C2 profiles.
https://github.com/brett-fitz/pyMalleableProfileParser
@BlueRedTeam
GitHub
GitHub - brett-fitz/pyMalleableProfileParser: Parses Cobalt Strike malleable C2 profiles.
Parses Cobalt Strike malleable C2 profiles. Contribute to brett-fitz/pyMalleableProfileParser development by creating an account on GitHub.