#Red_Team
Log Poisoning - Inject payloads in logs
https://infosecwriteups.com/log-poisoning-inject-payloads-in-logs-e7f1fa338f2f
@BlueRedTeam
Log Poisoning - Inject payloads in logs
https://infosecwriteups.com/log-poisoning-inject-payloads-in-logs-e7f1fa338f2f
@BlueRedTeam
Medium
Log Poisoning — Inject payloads in logs
Logs… These are the files, in which all the activities on a server are stored. These are used for monitoring, troubleshooting, fixing bugs…
#Red_Team
Process Injection via Component Object Model (COM) IRundown::DoCallback()
https://www.mdsec.co.uk/2022/04/process-injection-via-component-object-model-com-irundowndocallback
@BlueRedTeam
Process Injection via Component Object Model (COM) IRundown::DoCallback()
https://www.mdsec.co.uk/2022/04/process-injection-via-component-object-model-com-irundowndocallback
@BlueRedTeam
MDSec
Process Injection via Component Object Model (COM) IRundown::DoCallback() - MDSec
Introduction The MDSec red team are continually performing research in to new and innovative techniques for code injection enabling us to integrate them in to tools used for our red...
👍1
#Red_Team
Counter Terrorism Unit and Red Team for United States of America and Alliijng Countries for Foreign Embargos.
https://github.com/capaomega/Reticulating-Documenting-Splines
@BlueRedTeam
Counter Terrorism Unit and Red Team for United States of America and Alliijng Countries for Foreign Embargos.
https://github.com/capaomega/Reticulating-Documenting-Splines
@BlueRedTeam
GitHub
capaomega/Reticulating-Documenting-Splines
Counter Terrorism Unit and Red Team for United States of America and Alliijng Countries for Foreign Embargos. - capaomega/Reticulating-Documenting-Splines
#CVE-2022
Spring Framework RCE (CVE-2022-22965) Nmap (NSE) Checker (Non-Intrusive)
https://github.com/alt3kx/CVE-2022-22965
@BlueRedTeam
Spring Framework RCE (CVE-2022-22965) Nmap (NSE) Checker (Non-Intrusive)
https://github.com/alt3kx/CVE-2022-22965
@BlueRedTeam
GitHub
GitHub - alt3kx/CVE-2022-22965: Spring Framework RCE (CVE-2022-22965) Nmap (NSE) Checker (Non-Intrusive)
Spring Framework RCE (CVE-2022-22965) Nmap (NSE) Checker (Non-Intrusive) - alt3kx/CVE-2022-22965
#exploit
CVE-2022-25372:
Local Privilege Escalation in Pritunl VPN Client
https://rhinosecuritylabs.com/penetration-testing/cve-2022-25372-local-privilege-escalation-in-pritunl-vpn-client
@BlueRedTeam
CVE-2022-25372:
Local Privilege Escalation in Pritunl VPN Client
https://rhinosecuritylabs.com/penetration-testing/cve-2022-25372-local-privilege-escalation-in-pritunl-vpn-client
@BlueRedTeam
Rhino Security Labs
CVE-2022-25372: Local Privilege Escalation in Pritunl VPN Client
The Pritunl VPN Client service is vulnerable to an arbitrary file write as SYSTEM on Windows.
#Blue_Team
1. Detecting malicious artifacts using an ETW consumer in kernel mode
https://www.countercraftsec.com/blog/post/detecting-malicious-artifacts-using-an-etw-consumer-in-kernel-mode
2. A curated checklist of 300+ tips for protecting digital security and privacy
https://github.com/Lissy93/personal-security-checklist
@BlueRedTeam
1. Detecting malicious artifacts using an ETW consumer in kernel mode
https://www.countercraftsec.com/blog/post/detecting-malicious-artifacts-using-an-etw-consumer-in-kernel-mode
2. A curated checklist of 300+ tips for protecting digital security and privacy
https://github.com/Lissy93/personal-security-checklist
@BlueRedTeam
CounterCraft
Detecting Malicious Artifacts Using an ETW Consumer in Kernel Mode
Post-exploitation tooling is becoming increasingly sophisticated and often evades detection by EDRs, meaning sometimes we will not be able to detect when an attacker is able to load his code into memory. Here's a way to detect artifacts that are already loaded…
#Cobalt_Strike
A spin-off research project. Cobalt Strike x Notion collab 2022
https://github.com/HuskyHacks/CobaltNotion
@BlueRedTeam
A spin-off research project. Cobalt Strike x Notion collab 2022
https://github.com/HuskyHacks/CobaltNotion
@BlueRedTeam
GitHub
GitHub - HuskyHacks/CobaltNotion: A spin-off research project. Cobalt Strike x Notion collab 2022
A spin-off research project. Cobalt Strike x Notion collab 2022 - HuskyHacks/CobaltNotion
👍1
#Red_Team
Red Team Service Center Blazor
https://github.com/paulveillard/cybersecurity-red-team
@BlueRedTeam
Red Team Service Center Blazor
https://github.com/paulveillard/cybersecurity-red-team
@BlueRedTeam
GitHub
GitHub - paulveillard/cybersecurity-red-team: An ongoing & curated collection of awesome software best practices and techniques…
An ongoing & curated collection of awesome software best practices and techniques, libraries and frameworks, E-books and videos, websites, blog posts, links to github Repositories, technica...
#Cobalt_Strike
Indicator Of Compromise (IOCs) for Bumblebee & Cobalt Strike
https://github.com/sarventhar/Bumblebee-and-Cobalt-Strike.
@BlueRedTeam
Indicator Of Compromise (IOCs) for Bumblebee & Cobalt Strike
https://github.com/sarventhar/Bumblebee-and-Cobalt-Strike.
@BlueRedTeam
#Cobalt_Strike
Indicator Of Compromise (IOCs) for Bumblebee & Cobalt Strike
https://github.com/sarventhar/Bumblebee-Cobalt-Strike
@BlueRedTeam
Indicator Of Compromise (IOCs) for Bumblebee & Cobalt Strike
https://github.com/sarventhar/Bumblebee-Cobalt-Strike
@BlueRedTeam
GitHub
GitHub - sarventhar/Bumblebee-Cobalt-Strike: Indicator Of Compromise (IOCs) for Bumblebee & Cobalt Strike
Indicator Of Compromise (IOCs) for Bumblebee & Cobalt Strike - GitHub - sarventhar/Bumblebee-Cobalt-Strike: Indicator Of Compromise (IOCs) for Bumblebee & Cobalt Strike
#Red_Team
Tampering With ForcePoint One DLP EndPoint
https://mrd0x.com/tampering-with-forcepoint-dlp
@BlueRedTeam
Tampering With ForcePoint One DLP EndPoint
https://mrd0x.com/tampering-with-forcepoint-dlp
@BlueRedTeam
Mrd0X
Security Research | mr.d0x
Providing security research and red team techniques
👍2
#Blue_Team
Malicious Registry Timestamp Manipulation Technique: Detecting Registry Timestomping
https://www.inversecos.com/2022/04/malicious-registry-timestamp.html
@BlueRedTeam
Malicious Registry Timestamp Manipulation Technique: Detecting Registry Timestomping
https://www.inversecos.com/2022/04/malicious-registry-timestamp.html
@BlueRedTeam
Inversecos
Malicious Registry Timestamp Manipulation Technique: Detecting Registry Timestomping
NetworkAttackMap
This is a medium level view of what internal network offensive operations look like largely from a directory services and connected services perspective. It is designed to help defenders and pentesters think about threats, vulnerabilites, vectors and scopes.
https://github.com/PwnDefend/NetworkAttackMap
@BlueRedTeam
This is a medium level view of what internal network offensive operations look like largely from a directory services and connected services perspective. It is designed to help defenders and pentesters think about threats, vulnerabilites, vectors and scopes.
https://github.com/PwnDefend/NetworkAttackMap
@BlueRedTeam
GitHub
GitHub - PwnDefend/NetworkAttackMap
Contribute to PwnDefend/NetworkAttackMap development by creating an account on GitHub.
Media is too big
VIEW IN TELEGRAM
#Red_Team
"Red team: pentest with two contractors at the same time"
Language : Russian
#Video #Pentest
@BlueRedTeam
"Red team: pentest with two contractors at the same time"
Language : Russian
#Video #Pentest
@BlueRedTeam
#tools
Tool and technique to punch holes through firewalls/NATs where both clients and server can be behind separate NATs without any 3rd party involvement. Pwnat uses a newly developed technique, exploiting a property of NAT translation tables, with no 3rd party, port forwarding, DMZ, router administrative requirements, STUN/TURN/UPnP/ICE
https://github.com/samyk/pwnat
@BlueRedTeam
Tool and technique to punch holes through firewalls/NATs where both clients and server can be behind separate NATs without any 3rd party involvement. Pwnat uses a newly developed technique, exploiting a property of NAT translation tables, with no 3rd party, port forwarding, DMZ, router administrative requirements, STUN/TURN/UPnP/ICE
https://github.com/samyk/pwnat
@BlueRedTeam
GitHub
GitHub - samyk/pwnat: The only tool/technique to punch holes through firewalls/NATs where multiple clients & server can be behind…
The only tool/technique to punch holes through firewalls/NATs where multiple clients & server can be behind separate NATs without any 3rd party involvement. Pwnat is a newly developed techn...
🔥2
#Red_Team
1. HTB: Overflow
https://0xdf.gitlab.io/2022/04/09/htb-overflow.html
2. Exploiting CVE-2022-0778, a bug in OpenSSL vis-à-vis WebRTC platforms
https://www.rtcsec.com/article/exploiting-cve-2022-0778-in-openssl-vs-webrtc-platforms
@BlueRedTeam
1. HTB: Overflow
https://0xdf.gitlab.io/2022/04/09/htb-overflow.html
2. Exploiting CVE-2022-0778, a bug in OpenSSL vis-à-vis WebRTC platforms
https://www.rtcsec.com/article/exploiting-cve-2022-0778-in-openssl-vs-webrtc-platforms
@BlueRedTeam
0xdf hacks stuff
HTB: Overflow
Overflow starts with a padding oracle attack on a cookie for a website. I’ll get to do some need cookie analysis before employing padbuster to decrypt the cookie and forge a new admin one. As admin, I get access to a logs panel with an SQL injection, where…