#Bypass
A Disk Lower Filter driver to support BypassIO on windows 11 client based operating system.
https://github.com/RaahulDev/ByPassIo
@BlueRedTeam
A Disk Lower Filter driver to support BypassIO on windows 11 client based operating system.
https://github.com/RaahulDev/ByPassIo
@BlueRedTeam
#Bypass
Bypass the LanSchool Chrome extension when it blocks websites.
https://github.com/ChickenHacker12/lanschool-web-bypass
@BlueRedTeam
Bypass the LanSchool Chrome extension when it blocks websites.
https://github.com/ChickenHacker12/lanschool-web-bypass
@BlueRedTeam
GitHub
GitHub - ChickenHacker12/lanschool-web-bypass: Bypass the LanSchool Chrome extension when it blocks websites.
Bypass the LanSchool Chrome extension when it blocks websites. - ChickenHacker12/lanschool-web-bypass
#Bypass
BloodyAv is Custom Shell Code loader to Bypass Av and Edr.
https://github.com/MRNIKO1/BloodyAv
@BlueRedTeam
BloodyAv is Custom Shell Code loader to Bypass Av and Edr.
https://github.com/MRNIKO1/BloodyAv
@BlueRedTeam
#exploit
1. 2 Click RCE in Evernote Android
https://hackerone.com/reports/1377748
2. CVE-2022-22965:
Spring Framework RCE
https://spring.io/blog/2022/03/31/spring-framework-rce-early-announcement
]-> https://github.com/DDuarte/springshell-rce-poc
@BlueRedTeam
1. 2 Click RCE in Evernote Android
https://hackerone.com/reports/1377748
2. CVE-2022-22965:
Spring Framework RCE
https://spring.io/blog/2022/03/31/spring-framework-rce-early-announcement
]-> https://github.com/DDuarte/springshell-rce-poc
@BlueRedTeam
HackerOne
Evernote disclosed on HackerOne: 2 click Remote Code execution in...
This vulnerability is similar to my previous reported vulnerability #1362313 , in here also weakness is path transversal vulnerability which helps me to acheive code execution but the root cause...
#tools
A super fast & customisable port scanner, based on Masscan & NMap
https://github.com/nullt3r/jfscan
@BlueRedTeam
A super fast & customisable port scanner, based on Masscan & NMap
https://github.com/nullt3r/jfscan
@BlueRedTeam
GitHub
GitHub - nullt3r/jfscan: JF⚡can - Super fast port scanning & service discovery using Masscan and Nmap. Scan large networks with…
JF⚡can - Super fast port scanning & service discovery using Masscan and Nmap. Scan large networks with Masscan and use Nmap's noscripting abilities to discover information about servi...
#Red_Team
1. ImpressCMS: from unauthenticated SQL injection to RCE
https://karmainsecurity.com/impresscms-from-unauthenticated-sqli-to-rce
2. Ruby Deserialization - Gadget on Rails
https://github.com/httpvoid/writeups/blob/main/Ruby-deserialization-gadget-on-rails.md
3. Inject Secrets to Pods Using Vault Agent
https://devopscube.com/vault-agent-injector-tutorial
@BlueRedTeam
1. ImpressCMS: from unauthenticated SQL injection to RCE
https://karmainsecurity.com/impresscms-from-unauthenticated-sqli-to-rce
2. Ruby Deserialization - Gadget on Rails
https://github.com/httpvoid/writeups/blob/main/Ruby-deserialization-gadget-on-rails.md
3. Inject Secrets to Pods Using Vault Agent
https://devopscube.com/vault-agent-injector-tutorial
@BlueRedTeam
GitHub
writeups/Ruby-deserialization-gadget-on-rails.md at main · httpvoid/writeups
Contribute to httpvoid/writeups development by creating an account on GitHub.
#Blue_Team
1. Detecting Rogue RDP
https://blog.thickmints.dev/mintsights/detecting-rogue-rdp
2. Debugging the undebuggable and finding a CVE in MS Defender for Endpoint
https://medium.com/falconforce/debugging-the-undebuggable-and-finding-a-cve-in-microsoft-defender-for-endpoint-ce36f50bb31
@BlueRedTeam
1. Detecting Rogue RDP
https://blog.thickmints.dev/mintsights/detecting-rogue-rdp
2. Debugging the undebuggable and finding a CVE in MS Defender for Endpoint
https://medium.com/falconforce/debugging-the-undebuggable-and-finding-a-cve-in-microsoft-defender-for-endpoint-ce36f50bb31
@BlueRedTeam
#Red_Team
A testing Red Team Infrastructure created with Docker
https://github.com/DFlavian/Red-Team-Infrastructure
@BlueRedTeam
A testing Red Team Infrastructure created with Docker
https://github.com/DFlavian/Red-Team-Infrastructure
@BlueRedTeam
GitHub
GitHub - DFlavian/Red-Team-Infrastructure: A testing Red Team Infrastructure created with Docker
A testing Red Team Infrastructure created with Docker - DFlavian/Red-Team-Infrastructure
#Red_Team
Repositorio donde subiré herramientas que he ido desarrollando en mi Tercero de Carrera orientadas sobre todo para utilizarlas en un posible ejercicio de Red Team.
https://github.com/Hexix23/RedTeamTools
@BlueRedTeam
Repositorio donde subiré herramientas que he ido desarrollando en mi Tercero de Carrera orientadas sobre todo para utilizarlas en un posible ejercicio de Red Team.
https://github.com/Hexix23/RedTeamTools
@BlueRedTeam
GitHub
GitHub - Hexix23/RedTeamTools: Repository where I will be uploading tools that I have been developing during the degree, oriented…
Repository where I will be uploading tools that I have been developing during the degree, oriented above all, to be used during a Red Team exercise, CTFs, etc. - GitHub - Hexix23/RedTeamTools: Repo...
#CVE-2022
Spring Framework RCE via Data Binding on JDK 9+ / spring4shell / CVE-2022-22965
https://github.com/me2nuk/CVE-2022-22965
@BlueRedTeam
Spring Framework RCE via Data Binding on JDK 9+ / spring4shell / CVE-2022-22965
https://github.com/me2nuk/CVE-2022-22965
@BlueRedTeam
GitHub
GitHub - me2nuk/CVE-2022-22965: Spring Framework RCE via Data Binding on JDK 9+ / spring4shell / CVE-2022-22965
Spring Framework RCE via Data Binding on JDK 9+ / spring4shell / CVE-2022-22965 - me2nuk/CVE-2022-22965
#Red_Team
Combining techniques to defeat Windows Defender and default Applocker rules
https://kymb0.github.io/malwaredev-bypass-av-xml
@BlueRedTeam
Combining techniques to defeat Windows Defender and default Applocker rules
https://kymb0.github.io/malwaredev-bypass-av-xml
@BlueRedTeam
kymBlog
Combining techniques to defeat Windows Defender and default Applocker rules
Using techniques taught in Sektor7’s RED TEAM Operator: Malware Development Essentials
#CVE-2022
Nmap Spring4Shell NSE noscript for Spring Boot RCE (CVE-2022-22965)
https://github.com/gpiechnik2/nmap-spring4shell
@BlueRedTeam
Nmap Spring4Shell NSE noscript for Spring Boot RCE (CVE-2022-22965)
https://github.com/gpiechnik2/nmap-spring4shell
@BlueRedTeam
GitHub
GitHub - gpiechnik2/nmap-spring4shell: Nmap Spring4Shell NSE noscript for Spring Boot RCE (CVE-2022-22965)
Nmap Spring4Shell NSE noscript for Spring Boot RCE (CVE-2022-22965) - GitHub - gpiechnik2/nmap-spring4shell: Nmap Spring4Shell NSE noscript for Spring Boot RCE (CVE-2022-22965)
#CVE-2022
PowerShell port of CVE-2022-22965 vulnerability check by colincowie.
https://github.com/daniel0x00/Invoke-CVE-2022-22965-SafeCheck
@BlueRedTeam
PowerShell port of CVE-2022-22965 vulnerability check by colincowie.
https://github.com/daniel0x00/Invoke-CVE-2022-22965-SafeCheck
@BlueRedTeam
GitHub
GitHub - daniel0x00/Invoke-CVE-2022-22965-SafeCheck: PowerShell port of CVE-2022-22965 vulnerability check by colincowie.
PowerShell port of CVE-2022-22965 vulnerability check by colincowie. - daniel0x00/Invoke-CVE-2022-22965-SafeCheck
#CVE-2022
Vulnerability scanner for Spring4Shell (CVE-2022-22965)
https://github.com/fracturelabs/go-scan-spring
@BlueRedTeam
Vulnerability scanner for Spring4Shell (CVE-2022-22965)
https://github.com/fracturelabs/go-scan-spring
@BlueRedTeam
GitHub
GitHub - fracturelabs/go-scan-spring: Vulnerability scanner for Spring4Shell (CVE-2022-22965)
Vulnerability scanner for Spring4Shell (CVE-2022-22965) - fracturelabs/go-scan-spring
#Red_Team
Log Poisoning - Inject payloads in logs
https://infosecwriteups.com/log-poisoning-inject-payloads-in-logs-e7f1fa338f2f
@BlueRedTeam
Log Poisoning - Inject payloads in logs
https://infosecwriteups.com/log-poisoning-inject-payloads-in-logs-e7f1fa338f2f
@BlueRedTeam
Medium
Log Poisoning — Inject payloads in logs
Logs… These are the files, in which all the activities on a server are stored. These are used for monitoring, troubleshooting, fixing bugs…