#Red_Team
AzureRT - A Powershell module implementing various Azure Red Team tactics
https://github.com/mgeeky/AzureRT
@BlueRedTeam
AzureRT - A Powershell module implementing various Azure Red Team tactics
https://github.com/mgeeky/AzureRT
@BlueRedTeam
GitHub
GitHub - mgeeky/AzureRT: AzureRT - A Powershell module implementing various Azure Red Team tactics
AzureRT - A Powershell module implementing various Azure Red Team tactics - mgeeky/AzureRT
Comparison_MS_Def_v3.pdf
296.2 KB
#Blue_Team
Ultimate Comparison of Microsoft Defender for Endpoint Features by Operating System. v.3.0, 2022.
]-> https://campbell.scot/march-22-defender-for-endpoint-feature-comparison
@BlueRedTeam
Ultimate Comparison of Microsoft Defender for Endpoint Features by Operating System. v.3.0, 2022.
]-> https://campbell.scot/march-22-defender-for-endpoint-feature-comparison
@BlueRedTeam
#CVE-2022
Spring Cloud Gateway RCE - CVE-2022-22947
https://github.com/sagaryadav8742/springcloudRCE
@BlueRedTeam
Spring Cloud Gateway RCE - CVE-2022-22947
https://github.com/sagaryadav8742/springcloudRCE
@BlueRedTeam
GitHub
GitHub - sagaryadav8742/springcloudRCE: Spring Cloud Gateway RCE - CVE-2022-22947
Spring Cloud Gateway RCE - CVE-2022-22947 . Contribute to sagaryadav8742/springcloudRCE development by creating an account on GitHub.
#Blue_Team
Tracking WMI Activity with PSGumshoe
https://www.darkoperator.com/blog/2022/3/27/tracking-wmi-activity-with-psgumshoe
https://github.com/PSGumshoe/PSGumshoe
@BlueRedTeam
Tracking WMI Activity with PSGumshoe
https://www.darkoperator.com/blog/2022/3/27/tracking-wmi-activity-with-psgumshoe
https://github.com/PSGumshoe/PSGumshoe
@BlueRedTeam
Shell is Only the Beginning
Tracking WMI Activity with PSGumshoe
WMI (Windows Management Instrumentation) is the Microsoft implementation of the Web-Based Enterprise Management (WBEM) and Common Information Model (CIM) standards from the Distributed Management Task Force (DMTF). This allows for a unified way…
#Red_Team
1. Pwning 3CX Phone Management Backends from the Internet
https://medium.com/@frycos/pwning-3cx-phone-management-backends-from-the-internet-d0096339dd88
2. Local Privilege Escalation Attack via Razer Synapse Installer (CVE-2021-44226)
https://blog.syss.com/posts/razer-lpe-attack
@BlueRedTeam
1. Pwning 3CX Phone Management Backends from the Internet
https://medium.com/@frycos/pwning-3cx-phone-management-backends-from-the-internet-d0096339dd88
2. Local Privilege Escalation Attack via Razer Synapse Installer (CVE-2021-44226)
https://blog.syss.com/posts/razer-lpe-attack
@BlueRedTeam
Medium
Pwning 3CX Phone Management Backends from the Internet
After an unplanned journey with Microsoft Exchange the month before, I started to look for new interesting vulnerability research targets…
#Red_Team
Alias identity manager for Red Teams, OSINT collectors, journalists, and privacy-conscious people
https://github.com/mattreduce/sockdrawer
@BlueRedTeam
Alias identity manager for Red Teams, OSINT collectors, journalists, and privacy-conscious people
https://github.com/mattreduce/sockdrawer
@BlueRedTeam
GitHub
GitHub - srcmtd/sockdrawer: Alias identity manager for Red Teams, OSINT collectors, journalists, and privacy-conscious people
Alias identity manager for Red Teams, OSINT collectors, journalists, and privacy-conscious people - srcmtd/sockdrawer
#Blue_Team
1. Open Source Security Guide
https://github.com/mikeroyal/Open-Source-Security-Guide
2. Suricata Open Ruleset
https://github.com/ptresearch/AttackDetection
@BlueRedTeam
1. Open Source Security Guide
https://github.com/mikeroyal/Open-Source-Security-Guide
2. Suricata Open Ruleset
https://github.com/ptresearch/AttackDetection
@BlueRedTeam
GitHub
GitHub - mikeroyal/Open-Source-Security-Guide: Open Source Security Guide. Learn all about Security Standards (FIPS, CIS, FedRAMP…
Open Source Security Guide. Learn all about Security Standards (FIPS, CIS, FedRAMP, FISMA, etc.), Frameworks, Threat Models, Encryption, and Benchmarks. - GitHub - mikeroyal/Open-Source-Security-G...
#Red_Team
Kubernetes Attack Path
Part 1 - Discovery & Initial Access
https://medium.com/swlh/kubernetes-attack-path-part-1-discovery-initial-access-771365e21b58
Part 2 - Post Initial Access
https://medium.com/swlh/kubernetes-attack-path-part-2-post-initial-access-1e27aabda36d
@BlueRedTeam
Kubernetes Attack Path
Part 1 - Discovery & Initial Access
https://medium.com/swlh/kubernetes-attack-path-part-1-discovery-initial-access-771365e21b58
Part 2 - Post Initial Access
https://medium.com/swlh/kubernetes-attack-path-part-2-post-initial-access-1e27aabda36d
@BlueRedTeam
Medium
[Kubernetes] Attack Path (Part 1) — Discovery & Initial Access
Intro
#CVE-2022
A Safer PoC for CVE-2022-22965 (Spring4Shell)
https://github.com/colincowie/Safer_PoC_CVE-2022-22965
@BlueRedTeam
A Safer PoC for CVE-2022-22965 (Spring4Shell)
https://github.com/colincowie/Safer_PoC_CVE-2022-22965
@BlueRedTeam
GitHub
GitHub - colincowie/Safer_PoC_CVE-2022-22965: A Safer PoC for CVE-2022-22965 (Spring4Shell)
A Safer PoC for CVE-2022-22965 (Spring4Shell). Contribute to colincowie/Safer_PoC_CVE-2022-22965 development by creating an account on GitHub.
Spring4Shell Proof Of Concept/Information CVE-2022-22965
https://github.com/BobTheShoplifter/Spring4Shell-POC
#CVE
@BlackSeaHackBot
https://github.com/BobTheShoplifter/Spring4Shell-POC
#CVE
@BlackSeaHackBot
GitHub
GitHub - BobTheShoplifter/Spring4Shell-POC: Spring4Shell Proof Of Concept/And vulnerable application CVE-2022-22965
Spring4Shell Proof Of Concept/And vulnerable application CVE-2022-22965 - BobTheShoplifter/Spring4Shell-POC
👍1
#CVE-2022
Spring4Shell Proof Of Concept/Information CVE-2022-22965
https://github.com/BobTheShoplifter/Spring4Shell-POC
@BlueRedTeam
Spring4Shell Proof Of Concept/Information CVE-2022-22965
https://github.com/BobTheShoplifter/Spring4Shell-POC
@BlueRedTeam
GitHub
GitHub - BobTheShoplifter/Spring4Shell-POC: Spring4Shell Proof Of Concept/And vulnerable application CVE-2022-22965
Spring4Shell Proof Of Concept/And vulnerable application CVE-2022-22965 - BobTheShoplifter/Spring4Shell-POC
#CVE-2022
Dockerized Spring4Shell (CVE-2022-22965) PoC application and exploit
https://github.com/reznok/Spring4Shell-POC
#CVE
@BlueRedTeam
Dockerized Spring4Shell (CVE-2022-22965) PoC application and exploit
https://github.com/reznok/Spring4Shell-POC
#CVE
@BlueRedTeam
GitHub
GitHub - reznok/Spring4Shell-POC: Dockerized Spring4Shell (CVE-2022-22965) PoC application and exploit
Dockerized Spring4Shell (CVE-2022-22965) PoC application and exploit - reznok/Spring4Shell-POC
#CVE-2022
CVE-2022-22965 poc including reverse-shell support
https://github.com/viniciuspereiras/CVE-2022-22965-poc
#CVE
@BlueRedTeam
CVE-2022-22965 poc including reverse-shell support
https://github.com/viniciuspereiras/CVE-2022-22965-poc
#CVE
@BlueRedTeam
GitHub
GitHub - viniciuspereiras/CVE-2022-22965-poc: CVE-2022-22965 poc including reverse-shell support
CVE-2022-22965 poc including reverse-shell support - viniciuspereiras/CVE-2022-22965-poc
#CVE-2022
This includes CVE-2022-22963, a Spring SpEL / Expression Resource Access Vulnerability, as well as CVE-2022-22965, the spring-webmvc/spring-webflux RCE termed \"SpringShell\".
https://github.com/kh4sh3i/Spring-CVE
@BlueRedTeam
This includes CVE-2022-22963, a Spring SpEL / Expression Resource Access Vulnerability, as well as CVE-2022-22965, the spring-webmvc/spring-webflux RCE termed \"SpringShell\".
https://github.com/kh4sh3i/Spring-CVE
@BlueRedTeam
GitHub
GitHub - kh4sh3i/Spring-CVE: This includes CVE-2022-22963, a Spring SpEL / Expression Resource Access Vulnerability, as well as…
This includes CVE-2022-22963, a Spring SpEL / Expression Resource Access Vulnerability, as well as CVE-2022-22965, the spring-webmvc/spring-webflux RCE termed "SpringShell". - kh4...
#CVE-2022
Spring4Shell - Spring Core RCE - CVE-2022-22965
https://github.com/mebibite/springhound
@BlueRedTeam
Spring4Shell - Spring Core RCE - CVE-2022-22965
https://github.com/mebibite/springhound
@BlueRedTeam
GitHub
GitHub - mebibite/springhound: Created after the disclosure of CVE-2022-22965 and CVE-2022-22963. Bash noscript that detects Spring…
Created after the disclosure of CVE-2022-22965 and CVE-2022-22963. Bash noscript that detects Spring Framework occurrences in your projects and systems, allowing you to get insight on versions used. ...
#CVE-2022
Python Script for exploiting CVE-2022-22965
https://github.com/0xbughunter/Spring4Shell-Exploit-PoC-
@BlueRedTeam
Python Script for exploiting CVE-2022-22965
https://github.com/0xbughunter/Spring4Shell-Exploit-PoC-
@BlueRedTeam
#Bypass
DDoS Attack Panel includes CloudFlare Bypass (UAM, CAPTCHA, BFM, etc..)
https://github.com/HyukIsBack/KARMA-DDoS
@BlueRedTeam
DDoS Attack Panel includes CloudFlare Bypass (UAM, CAPTCHA, BFM, etc..)
https://github.com/HyukIsBack/KARMA-DDoS
@BlueRedTeam
GitHub
GitHub - HyukIsBack/KARMA-DDoS: DDoS Script (DDoS Panel) with Multiple Bypass ( Cloudflare UAM,CAPTCHA,BFM,NOSEC / DDoS Guard /…
DDoS Script (DDoS Panel) with Multiple Bypass ( Cloudflare UAM,CAPTCHA,BFM,NOSEC / DDoS Guard / Google Shield / V Shield / Amazon / etc.. ) - HyukIsBack/KARMA-DDoS
👍2
#Red_Team
Collection(-BIGGEST-) of
malware, ransomware, RATs, botnets, stealers, etc.
https://github.com/Red-Laboratory/Malware-collection
@BlueRedTeam
Collection(-BIGGEST-) of
malware, ransomware, RATs, botnets, stealers, etc.
https://github.com/Red-Laboratory/Malware-collection
@BlueRedTeam
#CVE-2022
Spring-Cloud-Gateway-CVE-2022-22947
https://github.com/talentsec/Spring-Cloud-Gateway-CVE-2022-22947
@BlueRedTeam
Spring-Cloud-Gateway-CVE-2022-22947
https://github.com/talentsec/Spring-Cloud-Gateway-CVE-2022-22947
@BlueRedTeam
GitHub
GitHub - talentsec/Spring-Cloud-Gateway-CVE-2022-22947: Spring-Cloud-Gateway-CVE-2022-22947
Spring-Cloud-Gateway-CVE-2022-22947. Contribute to talentsec/Spring-Cloud-Gateway-CVE-2022-22947 development by creating an account on GitHub.