#exploit
1. PHP filter_var shenanigans
https://pwning.systems/posts/php_filter_var_shenanigans
2. RTLO Injection URI Spoofing:
WhatsApp, iMessage, Instagram, Facebook Messenger. CVE-2020-20093, CVE-2020-20094, CVE-2020-20095, CVE-2020-20096
https://sick.codes/sick-2022-40
@BlueRedTeam
1. PHP filter_var shenanigans
https://pwning.systems/posts/php_filter_var_shenanigans
2. RTLO Injection URI Spoofing:
WhatsApp, iMessage, Instagram, Facebook Messenger. CVE-2020-20093, CVE-2020-20094, CVE-2020-20095, CVE-2020-20096
https://sick.codes/sick-2022-40
@BlueRedTeam
pwning.systems
PHP filter_var shenanigans
It is likely that we have all seen PHP filters that prevent us from encountering vulnerabilities. Here in this blog post, I'll walk you through my thought process for bypassing a filter by looking for a bug in the filter itself in order to reach a bug!
#Red_Team
Account Manipulation
https://github.com/redcanaryco/atomic-red-team/blob/master/atomics/T1098/T1098.md
@BlueRedTeam
Account Manipulation
https://github.com/redcanaryco/atomic-red-team/blob/master/atomics/T1098/T1098.md
@BlueRedTeam
GitHub
atomic-red-team/atomics/T1098/T1098.md at master · redcanaryco/atomic-red-team
Small and highly portable detection tests based on MITRE's ATT&CK. - redcanaryco/atomic-red-team
#Red_Team
Red Team deployment tool for UFSIT.
https://github.com/coledmcmullen/red-team-deployment
@BlueRedTeam
Red Team deployment tool for UFSIT.
https://github.com/coledmcmullen/red-team-deployment
@BlueRedTeam
GitHub
GitHub - coledmcmullen/red-team-deployment: Red Team deployment tool for UFSIT.
Red Team deployment tool for UFSIT. Contribute to coledmcmullen/red-team-deployment development by creating an account on GitHub.
#Red_Team
Red Team Suite Key Management & Utility Software
https://github.com/Tech-Slayers/RTS-Encryption-Manager
@BlueRedTeam
Red Team Suite Key Management & Utility Software
https://github.com/Tech-Slayers/RTS-Encryption-Manager
@BlueRedTeam
GitHub
GitHub - Tech-Slayers/RTS-Encryption-Manager: Red Team Suite Key Management & Utility Software
Red Team Suite Key Management & Utility Software. Contribute to Tech-Slayers/RTS-Encryption-Manager development by creating an account on GitHub.
👍2
#Cobalt_Strike
Cobalt Strike noscript for ScareCrow payloads (EDR/AV evasion)
https://github.com/Verizon/redshell
@BlueRedTeam
Cobalt Strike noscript for ScareCrow payloads (EDR/AV evasion)
https://github.com/Verizon/redshell
@BlueRedTeam
GitHub
GitHub - Verizon/redshell: An interactive command prompt for red teaming and pentesting. Automatically pushes commands through…
An interactive command prompt for red teaming and pentesting. Automatically pushes commands through SOCKS4/5 proxies via proxychains. Optional Cobalt Strike integration pulls beacon SOCKS4/5 proxie...
👍1
#Red_Team
AzureRT - A Powershell module implementing various Azure Red Team tactics
https://github.com/mgeeky/AzureRT
@BlueRedTeam
AzureRT - A Powershell module implementing various Azure Red Team tactics
https://github.com/mgeeky/AzureRT
@BlueRedTeam
GitHub
GitHub - mgeeky/AzureRT: AzureRT - A Powershell module implementing various Azure Red Team tactics
AzureRT - A Powershell module implementing various Azure Red Team tactics - mgeeky/AzureRT
Comparison_MS_Def_v3.pdf
296.2 KB
#Blue_Team
Ultimate Comparison of Microsoft Defender for Endpoint Features by Operating System. v.3.0, 2022.
]-> https://campbell.scot/march-22-defender-for-endpoint-feature-comparison
@BlueRedTeam
Ultimate Comparison of Microsoft Defender for Endpoint Features by Operating System. v.3.0, 2022.
]-> https://campbell.scot/march-22-defender-for-endpoint-feature-comparison
@BlueRedTeam
#CVE-2022
Spring Cloud Gateway RCE - CVE-2022-22947
https://github.com/sagaryadav8742/springcloudRCE
@BlueRedTeam
Spring Cloud Gateway RCE - CVE-2022-22947
https://github.com/sagaryadav8742/springcloudRCE
@BlueRedTeam
GitHub
GitHub - sagaryadav8742/springcloudRCE: Spring Cloud Gateway RCE - CVE-2022-22947
Spring Cloud Gateway RCE - CVE-2022-22947 . Contribute to sagaryadav8742/springcloudRCE development by creating an account on GitHub.
#Blue_Team
Tracking WMI Activity with PSGumshoe
https://www.darkoperator.com/blog/2022/3/27/tracking-wmi-activity-with-psgumshoe
https://github.com/PSGumshoe/PSGumshoe
@BlueRedTeam
Tracking WMI Activity with PSGumshoe
https://www.darkoperator.com/blog/2022/3/27/tracking-wmi-activity-with-psgumshoe
https://github.com/PSGumshoe/PSGumshoe
@BlueRedTeam
Shell is Only the Beginning
Tracking WMI Activity with PSGumshoe
WMI (Windows Management Instrumentation) is the Microsoft implementation of the Web-Based Enterprise Management (WBEM) and Common Information Model (CIM) standards from the Distributed Management Task Force (DMTF). This allows for a unified way…
#Red_Team
1. Pwning 3CX Phone Management Backends from the Internet
https://medium.com/@frycos/pwning-3cx-phone-management-backends-from-the-internet-d0096339dd88
2. Local Privilege Escalation Attack via Razer Synapse Installer (CVE-2021-44226)
https://blog.syss.com/posts/razer-lpe-attack
@BlueRedTeam
1. Pwning 3CX Phone Management Backends from the Internet
https://medium.com/@frycos/pwning-3cx-phone-management-backends-from-the-internet-d0096339dd88
2. Local Privilege Escalation Attack via Razer Synapse Installer (CVE-2021-44226)
https://blog.syss.com/posts/razer-lpe-attack
@BlueRedTeam
Medium
Pwning 3CX Phone Management Backends from the Internet
After an unplanned journey with Microsoft Exchange the month before, I started to look for new interesting vulnerability research targets…
#Red_Team
Alias identity manager for Red Teams, OSINT collectors, journalists, and privacy-conscious people
https://github.com/mattreduce/sockdrawer
@BlueRedTeam
Alias identity manager for Red Teams, OSINT collectors, journalists, and privacy-conscious people
https://github.com/mattreduce/sockdrawer
@BlueRedTeam
GitHub
GitHub - srcmtd/sockdrawer: Alias identity manager for Red Teams, OSINT collectors, journalists, and privacy-conscious people
Alias identity manager for Red Teams, OSINT collectors, journalists, and privacy-conscious people - srcmtd/sockdrawer
#Blue_Team
1. Open Source Security Guide
https://github.com/mikeroyal/Open-Source-Security-Guide
2. Suricata Open Ruleset
https://github.com/ptresearch/AttackDetection
@BlueRedTeam
1. Open Source Security Guide
https://github.com/mikeroyal/Open-Source-Security-Guide
2. Suricata Open Ruleset
https://github.com/ptresearch/AttackDetection
@BlueRedTeam
GitHub
GitHub - mikeroyal/Open-Source-Security-Guide: Open Source Security Guide. Learn all about Security Standards (FIPS, CIS, FedRAMP…
Open Source Security Guide. Learn all about Security Standards (FIPS, CIS, FedRAMP, FISMA, etc.), Frameworks, Threat Models, Encryption, and Benchmarks. - GitHub - mikeroyal/Open-Source-Security-G...
#Red_Team
Kubernetes Attack Path
Part 1 - Discovery & Initial Access
https://medium.com/swlh/kubernetes-attack-path-part-1-discovery-initial-access-771365e21b58
Part 2 - Post Initial Access
https://medium.com/swlh/kubernetes-attack-path-part-2-post-initial-access-1e27aabda36d
@BlueRedTeam
Kubernetes Attack Path
Part 1 - Discovery & Initial Access
https://medium.com/swlh/kubernetes-attack-path-part-1-discovery-initial-access-771365e21b58
Part 2 - Post Initial Access
https://medium.com/swlh/kubernetes-attack-path-part-2-post-initial-access-1e27aabda36d
@BlueRedTeam
Medium
[Kubernetes] Attack Path (Part 1) — Discovery & Initial Access
Intro
#CVE-2022
A Safer PoC for CVE-2022-22965 (Spring4Shell)
https://github.com/colincowie/Safer_PoC_CVE-2022-22965
@BlueRedTeam
A Safer PoC for CVE-2022-22965 (Spring4Shell)
https://github.com/colincowie/Safer_PoC_CVE-2022-22965
@BlueRedTeam
GitHub
GitHub - colincowie/Safer_PoC_CVE-2022-22965: A Safer PoC for CVE-2022-22965 (Spring4Shell)
A Safer PoC for CVE-2022-22965 (Spring4Shell). Contribute to colincowie/Safer_PoC_CVE-2022-22965 development by creating an account on GitHub.
Spring4Shell Proof Of Concept/Information CVE-2022-22965
https://github.com/BobTheShoplifter/Spring4Shell-POC
#CVE
@BlackSeaHackBot
https://github.com/BobTheShoplifter/Spring4Shell-POC
#CVE
@BlackSeaHackBot
GitHub
GitHub - BobTheShoplifter/Spring4Shell-POC: Spring4Shell Proof Of Concept/And vulnerable application CVE-2022-22965
Spring4Shell Proof Of Concept/And vulnerable application CVE-2022-22965 - BobTheShoplifter/Spring4Shell-POC
👍1
#CVE-2022
Spring4Shell Proof Of Concept/Information CVE-2022-22965
https://github.com/BobTheShoplifter/Spring4Shell-POC
@BlueRedTeam
Spring4Shell Proof Of Concept/Information CVE-2022-22965
https://github.com/BobTheShoplifter/Spring4Shell-POC
@BlueRedTeam
GitHub
GitHub - BobTheShoplifter/Spring4Shell-POC: Spring4Shell Proof Of Concept/And vulnerable application CVE-2022-22965
Spring4Shell Proof Of Concept/And vulnerable application CVE-2022-22965 - BobTheShoplifter/Spring4Shell-POC
#CVE-2022
Dockerized Spring4Shell (CVE-2022-22965) PoC application and exploit
https://github.com/reznok/Spring4Shell-POC
#CVE
@BlueRedTeam
Dockerized Spring4Shell (CVE-2022-22965) PoC application and exploit
https://github.com/reznok/Spring4Shell-POC
#CVE
@BlueRedTeam
GitHub
GitHub - reznok/Spring4Shell-POC: Dockerized Spring4Shell (CVE-2022-22965) PoC application and exploit
Dockerized Spring4Shell (CVE-2022-22965) PoC application and exploit - reznok/Spring4Shell-POC
#CVE-2022
CVE-2022-22965 poc including reverse-shell support
https://github.com/viniciuspereiras/CVE-2022-22965-poc
#CVE
@BlueRedTeam
CVE-2022-22965 poc including reverse-shell support
https://github.com/viniciuspereiras/CVE-2022-22965-poc
#CVE
@BlueRedTeam
GitHub
GitHub - viniciuspereiras/CVE-2022-22965-poc: CVE-2022-22965 poc including reverse-shell support
CVE-2022-22965 poc including reverse-shell support - viniciuspereiras/CVE-2022-22965-poc
#CVE-2022
This includes CVE-2022-22963, a Spring SpEL / Expression Resource Access Vulnerability, as well as CVE-2022-22965, the spring-webmvc/spring-webflux RCE termed \"SpringShell\".
https://github.com/kh4sh3i/Spring-CVE
@BlueRedTeam
This includes CVE-2022-22963, a Spring SpEL / Expression Resource Access Vulnerability, as well as CVE-2022-22965, the spring-webmvc/spring-webflux RCE termed \"SpringShell\".
https://github.com/kh4sh3i/Spring-CVE
@BlueRedTeam
GitHub
GitHub - kh4sh3i/Spring-CVE: This includes CVE-2022-22963, a Spring SpEL / Expression Resource Access Vulnerability, as well as…
This includes CVE-2022-22963, a Spring SpEL / Expression Resource Access Vulnerability, as well as CVE-2022-22965, the spring-webmvc/spring-webflux RCE termed "SpringShell". - kh4...
#CVE-2022
Spring4Shell - Spring Core RCE - CVE-2022-22965
https://github.com/mebibite/springhound
@BlueRedTeam
Spring4Shell - Spring Core RCE - CVE-2022-22965
https://github.com/mebibite/springhound
@BlueRedTeam
GitHub
GitHub - mebibite/springhound: Created after the disclosure of CVE-2022-22965 and CVE-2022-22963. Bash noscript that detects Spring…
Created after the disclosure of CVE-2022-22965 and CVE-2022-22963. Bash noscript that detects Spring Framework occurrences in your projects and systems, allowing you to get insight on versions used. ...