#Red_Team
1. Circumventing Browser Security Mechanisms For SSRF
https://github.com/httpvoid/writeups/blob/main/Circumventing-Browser-Security-Mechanisms-For-SSRF.md
2. GitLab Arbitrary file read via the bulk imports UploadsPipeline
https://hackerone.com/reports/1439593
@BlueRedTeam
1. Circumventing Browser Security Mechanisms For SSRF
https://github.com/httpvoid/writeups/blob/main/Circumventing-Browser-Security-Mechanisms-For-SSRF.md
2. GitLab Arbitrary file read via the bulk imports UploadsPipeline
https://hackerone.com/reports/1439593
@BlueRedTeam
GitHub
writeups/Circumventing-Browser-Security-Mechanisms-For-SSRF.md at main · httpvoid/writeups
Contribute to httpvoid/writeups development by creating an account on GitHub.
#exploit
CVE-2022-23121:
RCE on Western Digital PR4100 NAS
https://research.nccgroup.com/2022/03/24/remote-code-execution-on-western-digital-pr4100-nas-cve-2022-23121
@BlueRedTeam
CVE-2022-23121:
RCE on Western Digital PR4100 NAS
https://research.nccgroup.com/2022/03/24/remote-code-execution-on-western-digital-pr4100-nas-cve-2022-23121
@BlueRedTeam
Nccgroup
Cyber Security Research
Cutting-edge cyber security research from NCC Group. Find public reports, technical advisories, analyses, & other novel insights from our global experts.
#Cobalt_Strike
#Purple_Team
Automating EDR Testing with reference to MITRE ATTACK via Cobalt Strike [Purple Team].
https://github.com/TH3xACE/EDR-Test
@BlueRedTeam
#Purple_Team
Automating EDR Testing with reference to MITRE ATTACK via Cobalt Strike [Purple Team].
https://github.com/TH3xACE/EDR-Test
@BlueRedTeam
GitHub
GitHub - TH3xACE/EDR-Test: Automating EDR Testing with reference to MITRE ATTACK via Cobalt Strike [Purple Team].
Automating EDR Testing with reference to MITRE ATTACK via Cobalt Strike [Purple Team]. - GitHub - TH3xACE/EDR-Test: Automating EDR Testing with reference to MITRE ATTACK via Cobalt Strike [Purple ...
#Blue_Team
Powershell Script to aid Incidence Response and Live Forensics
https://github.com/Johnng007/Live-Forensicator#dependencies
@BlueRedTeam
Powershell Script to aid Incidence Response and Live Forensics
https://github.com/Johnng007/Live-Forensicator#dependencies
@BlueRedTeam
GitHub
GitHub - Johnng007/Live-Forensicator: A suite of Tools to aid Incidence Response and Live Forensics for - Windows (Powershell)…
A suite of Tools to aid Incidence Response and Live Forensics for - Windows (Powershell) | Linux (Bash) | MacOS (Shell) - GitHub - Johnng007/Live-Forensicator: A suite of Tools to aid Incidence Re...
#Cobalt_Strike
Open Dataset of Cobalt Strike Beacon metadata (2018-2022)
https://github.com/fox-it/cobaltstrike-beacon-data
@BlueRedTeam
Open Dataset of Cobalt Strike Beacon metadata (2018-2022)
https://github.com/fox-it/cobaltstrike-beacon-data
@BlueRedTeam
GitHub
GitHub - fox-it/cobaltstrike-beacon-data: Open Dataset of Cobalt Strike Beacon metadata (2018-2022)
Open Dataset of Cobalt Strike Beacon metadata (2018-2022) - fox-it/cobaltstrike-beacon-data
#exploit
1. PHP filter_var shenanigans
https://pwning.systems/posts/php_filter_var_shenanigans
2. RTLO Injection URI Spoofing:
WhatsApp, iMessage, Instagram, Facebook Messenger. CVE-2020-20093, CVE-2020-20094, CVE-2020-20095, CVE-2020-20096
https://sick.codes/sick-2022-40
@BlueRedTeam
1. PHP filter_var shenanigans
https://pwning.systems/posts/php_filter_var_shenanigans
2. RTLO Injection URI Spoofing:
WhatsApp, iMessage, Instagram, Facebook Messenger. CVE-2020-20093, CVE-2020-20094, CVE-2020-20095, CVE-2020-20096
https://sick.codes/sick-2022-40
@BlueRedTeam
pwning.systems
PHP filter_var shenanigans
It is likely that we have all seen PHP filters that prevent us from encountering vulnerabilities. Here in this blog post, I'll walk you through my thought process for bypassing a filter by looking for a bug in the filter itself in order to reach a bug!
#Red_Team
Account Manipulation
https://github.com/redcanaryco/atomic-red-team/blob/master/atomics/T1098/T1098.md
@BlueRedTeam
Account Manipulation
https://github.com/redcanaryco/atomic-red-team/blob/master/atomics/T1098/T1098.md
@BlueRedTeam
GitHub
atomic-red-team/atomics/T1098/T1098.md at master · redcanaryco/atomic-red-team
Small and highly portable detection tests based on MITRE's ATT&CK. - redcanaryco/atomic-red-team
#Red_Team
Red Team deployment tool for UFSIT.
https://github.com/coledmcmullen/red-team-deployment
@BlueRedTeam
Red Team deployment tool for UFSIT.
https://github.com/coledmcmullen/red-team-deployment
@BlueRedTeam
GitHub
GitHub - coledmcmullen/red-team-deployment: Red Team deployment tool for UFSIT.
Red Team deployment tool for UFSIT. Contribute to coledmcmullen/red-team-deployment development by creating an account on GitHub.
#Red_Team
Red Team Suite Key Management & Utility Software
https://github.com/Tech-Slayers/RTS-Encryption-Manager
@BlueRedTeam
Red Team Suite Key Management & Utility Software
https://github.com/Tech-Slayers/RTS-Encryption-Manager
@BlueRedTeam
GitHub
GitHub - Tech-Slayers/RTS-Encryption-Manager: Red Team Suite Key Management & Utility Software
Red Team Suite Key Management & Utility Software. Contribute to Tech-Slayers/RTS-Encryption-Manager development by creating an account on GitHub.
👍2
#Cobalt_Strike
Cobalt Strike noscript for ScareCrow payloads (EDR/AV evasion)
https://github.com/Verizon/redshell
@BlueRedTeam
Cobalt Strike noscript for ScareCrow payloads (EDR/AV evasion)
https://github.com/Verizon/redshell
@BlueRedTeam
GitHub
GitHub - Verizon/redshell: An interactive command prompt for red teaming and pentesting. Automatically pushes commands through…
An interactive command prompt for red teaming and pentesting. Automatically pushes commands through SOCKS4/5 proxies via proxychains. Optional Cobalt Strike integration pulls beacon SOCKS4/5 proxie...
👍1
#Red_Team
AzureRT - A Powershell module implementing various Azure Red Team tactics
https://github.com/mgeeky/AzureRT
@BlueRedTeam
AzureRT - A Powershell module implementing various Azure Red Team tactics
https://github.com/mgeeky/AzureRT
@BlueRedTeam
GitHub
GitHub - mgeeky/AzureRT: AzureRT - A Powershell module implementing various Azure Red Team tactics
AzureRT - A Powershell module implementing various Azure Red Team tactics - mgeeky/AzureRT
Comparison_MS_Def_v3.pdf
296.2 KB
#Blue_Team
Ultimate Comparison of Microsoft Defender for Endpoint Features by Operating System. v.3.0, 2022.
]-> https://campbell.scot/march-22-defender-for-endpoint-feature-comparison
@BlueRedTeam
Ultimate Comparison of Microsoft Defender for Endpoint Features by Operating System. v.3.0, 2022.
]-> https://campbell.scot/march-22-defender-for-endpoint-feature-comparison
@BlueRedTeam
#CVE-2022
Spring Cloud Gateway RCE - CVE-2022-22947
https://github.com/sagaryadav8742/springcloudRCE
@BlueRedTeam
Spring Cloud Gateway RCE - CVE-2022-22947
https://github.com/sagaryadav8742/springcloudRCE
@BlueRedTeam
GitHub
GitHub - sagaryadav8742/springcloudRCE: Spring Cloud Gateway RCE - CVE-2022-22947
Spring Cloud Gateway RCE - CVE-2022-22947 . Contribute to sagaryadav8742/springcloudRCE development by creating an account on GitHub.
#Blue_Team
Tracking WMI Activity with PSGumshoe
https://www.darkoperator.com/blog/2022/3/27/tracking-wmi-activity-with-psgumshoe
https://github.com/PSGumshoe/PSGumshoe
@BlueRedTeam
Tracking WMI Activity with PSGumshoe
https://www.darkoperator.com/blog/2022/3/27/tracking-wmi-activity-with-psgumshoe
https://github.com/PSGumshoe/PSGumshoe
@BlueRedTeam
Shell is Only the Beginning
Tracking WMI Activity with PSGumshoe
WMI (Windows Management Instrumentation) is the Microsoft implementation of the Web-Based Enterprise Management (WBEM) and Common Information Model (CIM) standards from the Distributed Management Task Force (DMTF). This allows for a unified way…
#Red_Team
1. Pwning 3CX Phone Management Backends from the Internet
https://medium.com/@frycos/pwning-3cx-phone-management-backends-from-the-internet-d0096339dd88
2. Local Privilege Escalation Attack via Razer Synapse Installer (CVE-2021-44226)
https://blog.syss.com/posts/razer-lpe-attack
@BlueRedTeam
1. Pwning 3CX Phone Management Backends from the Internet
https://medium.com/@frycos/pwning-3cx-phone-management-backends-from-the-internet-d0096339dd88
2. Local Privilege Escalation Attack via Razer Synapse Installer (CVE-2021-44226)
https://blog.syss.com/posts/razer-lpe-attack
@BlueRedTeam
Medium
Pwning 3CX Phone Management Backends from the Internet
After an unplanned journey with Microsoft Exchange the month before, I started to look for new interesting vulnerability research targets…
#Red_Team
Alias identity manager for Red Teams, OSINT collectors, journalists, and privacy-conscious people
https://github.com/mattreduce/sockdrawer
@BlueRedTeam
Alias identity manager for Red Teams, OSINT collectors, journalists, and privacy-conscious people
https://github.com/mattreduce/sockdrawer
@BlueRedTeam
GitHub
GitHub - srcmtd/sockdrawer: Alias identity manager for Red Teams, OSINT collectors, journalists, and privacy-conscious people
Alias identity manager for Red Teams, OSINT collectors, journalists, and privacy-conscious people - srcmtd/sockdrawer
#Blue_Team
1. Open Source Security Guide
https://github.com/mikeroyal/Open-Source-Security-Guide
2. Suricata Open Ruleset
https://github.com/ptresearch/AttackDetection
@BlueRedTeam
1. Open Source Security Guide
https://github.com/mikeroyal/Open-Source-Security-Guide
2. Suricata Open Ruleset
https://github.com/ptresearch/AttackDetection
@BlueRedTeam
GitHub
GitHub - mikeroyal/Open-Source-Security-Guide: Open Source Security Guide. Learn all about Security Standards (FIPS, CIS, FedRAMP…
Open Source Security Guide. Learn all about Security Standards (FIPS, CIS, FedRAMP, FISMA, etc.), Frameworks, Threat Models, Encryption, and Benchmarks. - GitHub - mikeroyal/Open-Source-Security-G...
#Red_Team
Kubernetes Attack Path
Part 1 - Discovery & Initial Access
https://medium.com/swlh/kubernetes-attack-path-part-1-discovery-initial-access-771365e21b58
Part 2 - Post Initial Access
https://medium.com/swlh/kubernetes-attack-path-part-2-post-initial-access-1e27aabda36d
@BlueRedTeam
Kubernetes Attack Path
Part 1 - Discovery & Initial Access
https://medium.com/swlh/kubernetes-attack-path-part-1-discovery-initial-access-771365e21b58
Part 2 - Post Initial Access
https://medium.com/swlh/kubernetes-attack-path-part-2-post-initial-access-1e27aabda36d
@BlueRedTeam
Medium
[Kubernetes] Attack Path (Part 1) — Discovery & Initial Access
Intro
#CVE-2022
A Safer PoC for CVE-2022-22965 (Spring4Shell)
https://github.com/colincowie/Safer_PoC_CVE-2022-22965
@BlueRedTeam
A Safer PoC for CVE-2022-22965 (Spring4Shell)
https://github.com/colincowie/Safer_PoC_CVE-2022-22965
@BlueRedTeam
GitHub
GitHub - colincowie/Safer_PoC_CVE-2022-22965: A Safer PoC for CVE-2022-22965 (Spring4Shell)
A Safer PoC for CVE-2022-22965 (Spring4Shell). Contribute to colincowie/Safer_PoC_CVE-2022-22965 development by creating an account on GitHub.