#tools
A super fast & customisable port scanner, based on Masscan & NMap
https://github.com/nullt3r/jfscan
@BlueRedTeam
A super fast & customisable port scanner, based on Masscan & NMap
https://github.com/nullt3r/jfscan
@BlueRedTeam
GitHub
GitHub - nullt3r/jfscan: JF⚡can - Super fast port scanning & service discovery using Masscan and Nmap. Scan large networks with…
JF⚡can - Super fast port scanning & service discovery using Masscan and Nmap. Scan large networks with Masscan and use Nmap's noscripting abilities to discover information about servi...
#Red_Team
1. ImpressCMS: from unauthenticated SQL injection to RCE
https://karmainsecurity.com/impresscms-from-unauthenticated-sqli-to-rce
2. Ruby Deserialization - Gadget on Rails
https://github.com/httpvoid/writeups/blob/main/Ruby-deserialization-gadget-on-rails.md
3. Inject Secrets to Pods Using Vault Agent
https://devopscube.com/vault-agent-injector-tutorial
@BlueRedTeam
1. ImpressCMS: from unauthenticated SQL injection to RCE
https://karmainsecurity.com/impresscms-from-unauthenticated-sqli-to-rce
2. Ruby Deserialization - Gadget on Rails
https://github.com/httpvoid/writeups/blob/main/Ruby-deserialization-gadget-on-rails.md
3. Inject Secrets to Pods Using Vault Agent
https://devopscube.com/vault-agent-injector-tutorial
@BlueRedTeam
GitHub
writeups/Ruby-deserialization-gadget-on-rails.md at main · httpvoid/writeups
Contribute to httpvoid/writeups development by creating an account on GitHub.
#Blue_Team
1. Detecting Rogue RDP
https://blog.thickmints.dev/mintsights/detecting-rogue-rdp
2. Debugging the undebuggable and finding a CVE in MS Defender for Endpoint
https://medium.com/falconforce/debugging-the-undebuggable-and-finding-a-cve-in-microsoft-defender-for-endpoint-ce36f50bb31
@BlueRedTeam
1. Detecting Rogue RDP
https://blog.thickmints.dev/mintsights/detecting-rogue-rdp
2. Debugging the undebuggable and finding a CVE in MS Defender for Endpoint
https://medium.com/falconforce/debugging-the-undebuggable-and-finding-a-cve-in-microsoft-defender-for-endpoint-ce36f50bb31
@BlueRedTeam
#Red_Team
A testing Red Team Infrastructure created with Docker
https://github.com/DFlavian/Red-Team-Infrastructure
@BlueRedTeam
A testing Red Team Infrastructure created with Docker
https://github.com/DFlavian/Red-Team-Infrastructure
@BlueRedTeam
GitHub
GitHub - DFlavian/Red-Team-Infrastructure: A testing Red Team Infrastructure created with Docker
A testing Red Team Infrastructure created with Docker - DFlavian/Red-Team-Infrastructure
#Red_Team
Repositorio donde subiré herramientas que he ido desarrollando en mi Tercero de Carrera orientadas sobre todo para utilizarlas en un posible ejercicio de Red Team.
https://github.com/Hexix23/RedTeamTools
@BlueRedTeam
Repositorio donde subiré herramientas que he ido desarrollando en mi Tercero de Carrera orientadas sobre todo para utilizarlas en un posible ejercicio de Red Team.
https://github.com/Hexix23/RedTeamTools
@BlueRedTeam
GitHub
GitHub - Hexix23/RedTeamTools: Repository where I will be uploading tools that I have been developing during the degree, oriented…
Repository where I will be uploading tools that I have been developing during the degree, oriented above all, to be used during a Red Team exercise, CTFs, etc. - GitHub - Hexix23/RedTeamTools: Repo...
#CVE-2022
Spring Framework RCE via Data Binding on JDK 9+ / spring4shell / CVE-2022-22965
https://github.com/me2nuk/CVE-2022-22965
@BlueRedTeam
Spring Framework RCE via Data Binding on JDK 9+ / spring4shell / CVE-2022-22965
https://github.com/me2nuk/CVE-2022-22965
@BlueRedTeam
GitHub
GitHub - me2nuk/CVE-2022-22965: Spring Framework RCE via Data Binding on JDK 9+ / spring4shell / CVE-2022-22965
Spring Framework RCE via Data Binding on JDK 9+ / spring4shell / CVE-2022-22965 - me2nuk/CVE-2022-22965
#Red_Team
Combining techniques to defeat Windows Defender and default Applocker rules
https://kymb0.github.io/malwaredev-bypass-av-xml
@BlueRedTeam
Combining techniques to defeat Windows Defender and default Applocker rules
https://kymb0.github.io/malwaredev-bypass-av-xml
@BlueRedTeam
kymBlog
Combining techniques to defeat Windows Defender and default Applocker rules
Using techniques taught in Sektor7’s RED TEAM Operator: Malware Development Essentials
#CVE-2022
Nmap Spring4Shell NSE noscript for Spring Boot RCE (CVE-2022-22965)
https://github.com/gpiechnik2/nmap-spring4shell
@BlueRedTeam
Nmap Spring4Shell NSE noscript for Spring Boot RCE (CVE-2022-22965)
https://github.com/gpiechnik2/nmap-spring4shell
@BlueRedTeam
GitHub
GitHub - gpiechnik2/nmap-spring4shell: Nmap Spring4Shell NSE noscript for Spring Boot RCE (CVE-2022-22965)
Nmap Spring4Shell NSE noscript for Spring Boot RCE (CVE-2022-22965) - GitHub - gpiechnik2/nmap-spring4shell: Nmap Spring4Shell NSE noscript for Spring Boot RCE (CVE-2022-22965)
#CVE-2022
PowerShell port of CVE-2022-22965 vulnerability check by colincowie.
https://github.com/daniel0x00/Invoke-CVE-2022-22965-SafeCheck
@BlueRedTeam
PowerShell port of CVE-2022-22965 vulnerability check by colincowie.
https://github.com/daniel0x00/Invoke-CVE-2022-22965-SafeCheck
@BlueRedTeam
GitHub
GitHub - daniel0x00/Invoke-CVE-2022-22965-SafeCheck: PowerShell port of CVE-2022-22965 vulnerability check by colincowie.
PowerShell port of CVE-2022-22965 vulnerability check by colincowie. - daniel0x00/Invoke-CVE-2022-22965-SafeCheck
#CVE-2022
Vulnerability scanner for Spring4Shell (CVE-2022-22965)
https://github.com/fracturelabs/go-scan-spring
@BlueRedTeam
Vulnerability scanner for Spring4Shell (CVE-2022-22965)
https://github.com/fracturelabs/go-scan-spring
@BlueRedTeam
GitHub
GitHub - fracturelabs/go-scan-spring: Vulnerability scanner for Spring4Shell (CVE-2022-22965)
Vulnerability scanner for Spring4Shell (CVE-2022-22965) - fracturelabs/go-scan-spring
#Red_Team
Log Poisoning - Inject payloads in logs
https://infosecwriteups.com/log-poisoning-inject-payloads-in-logs-e7f1fa338f2f
@BlueRedTeam
Log Poisoning - Inject payloads in logs
https://infosecwriteups.com/log-poisoning-inject-payloads-in-logs-e7f1fa338f2f
@BlueRedTeam
Medium
Log Poisoning — Inject payloads in logs
Logs… These are the files, in which all the activities on a server are stored. These are used for monitoring, troubleshooting, fixing bugs…
#Red_Team
Process Injection via Component Object Model (COM) IRundown::DoCallback()
https://www.mdsec.co.uk/2022/04/process-injection-via-component-object-model-com-irundowndocallback
@BlueRedTeam
Process Injection via Component Object Model (COM) IRundown::DoCallback()
https://www.mdsec.co.uk/2022/04/process-injection-via-component-object-model-com-irundowndocallback
@BlueRedTeam
MDSec
Process Injection via Component Object Model (COM) IRundown::DoCallback() - MDSec
Introduction The MDSec red team are continually performing research in to new and innovative techniques for code injection enabling us to integrate them in to tools used for our red...
👍1
#Red_Team
Counter Terrorism Unit and Red Team for United States of America and Alliijng Countries for Foreign Embargos.
https://github.com/capaomega/Reticulating-Documenting-Splines
@BlueRedTeam
Counter Terrorism Unit and Red Team for United States of America and Alliijng Countries for Foreign Embargos.
https://github.com/capaomega/Reticulating-Documenting-Splines
@BlueRedTeam
GitHub
capaomega/Reticulating-Documenting-Splines
Counter Terrorism Unit and Red Team for United States of America and Alliijng Countries for Foreign Embargos. - capaomega/Reticulating-Documenting-Splines
#CVE-2022
Spring Framework RCE (CVE-2022-22965) Nmap (NSE) Checker (Non-Intrusive)
https://github.com/alt3kx/CVE-2022-22965
@BlueRedTeam
Spring Framework RCE (CVE-2022-22965) Nmap (NSE) Checker (Non-Intrusive)
https://github.com/alt3kx/CVE-2022-22965
@BlueRedTeam
GitHub
GitHub - alt3kx/CVE-2022-22965: Spring Framework RCE (CVE-2022-22965) Nmap (NSE) Checker (Non-Intrusive)
Spring Framework RCE (CVE-2022-22965) Nmap (NSE) Checker (Non-Intrusive) - alt3kx/CVE-2022-22965