#Red_Team
Process Injection via Component Object Model (COM) IRundown::DoCallback()
https://www.mdsec.co.uk/2022/04/process-injection-via-component-object-model-com-irundowndocallback
@BlueRedTeam
Process Injection via Component Object Model (COM) IRundown::DoCallback()
https://www.mdsec.co.uk/2022/04/process-injection-via-component-object-model-com-irundowndocallback
@BlueRedTeam
MDSec
Process Injection via Component Object Model (COM) IRundown::DoCallback() - MDSec
Introduction The MDSec red team are continually performing research in to new and innovative techniques for code injection enabling us to integrate them in to tools used for our red...
👍1
#Red_Team
Counter Terrorism Unit and Red Team for United States of America and Alliijng Countries for Foreign Embargos.
https://github.com/capaomega/Reticulating-Documenting-Splines
@BlueRedTeam
Counter Terrorism Unit and Red Team for United States of America and Alliijng Countries for Foreign Embargos.
https://github.com/capaomega/Reticulating-Documenting-Splines
@BlueRedTeam
GitHub
capaomega/Reticulating-Documenting-Splines
Counter Terrorism Unit and Red Team for United States of America and Alliijng Countries for Foreign Embargos. - capaomega/Reticulating-Documenting-Splines
#CVE-2022
Spring Framework RCE (CVE-2022-22965) Nmap (NSE) Checker (Non-Intrusive)
https://github.com/alt3kx/CVE-2022-22965
@BlueRedTeam
Spring Framework RCE (CVE-2022-22965) Nmap (NSE) Checker (Non-Intrusive)
https://github.com/alt3kx/CVE-2022-22965
@BlueRedTeam
GitHub
GitHub - alt3kx/CVE-2022-22965: Spring Framework RCE (CVE-2022-22965) Nmap (NSE) Checker (Non-Intrusive)
Spring Framework RCE (CVE-2022-22965) Nmap (NSE) Checker (Non-Intrusive) - alt3kx/CVE-2022-22965
#exploit
CVE-2022-25372:
Local Privilege Escalation in Pritunl VPN Client
https://rhinosecuritylabs.com/penetration-testing/cve-2022-25372-local-privilege-escalation-in-pritunl-vpn-client
@BlueRedTeam
CVE-2022-25372:
Local Privilege Escalation in Pritunl VPN Client
https://rhinosecuritylabs.com/penetration-testing/cve-2022-25372-local-privilege-escalation-in-pritunl-vpn-client
@BlueRedTeam
Rhino Security Labs
CVE-2022-25372: Local Privilege Escalation in Pritunl VPN Client
The Pritunl VPN Client service is vulnerable to an arbitrary file write as SYSTEM on Windows.
#Blue_Team
1. Detecting malicious artifacts using an ETW consumer in kernel mode
https://www.countercraftsec.com/blog/post/detecting-malicious-artifacts-using-an-etw-consumer-in-kernel-mode
2. A curated checklist of 300+ tips for protecting digital security and privacy
https://github.com/Lissy93/personal-security-checklist
@BlueRedTeam
1. Detecting malicious artifacts using an ETW consumer in kernel mode
https://www.countercraftsec.com/blog/post/detecting-malicious-artifacts-using-an-etw-consumer-in-kernel-mode
2. A curated checklist of 300+ tips for protecting digital security and privacy
https://github.com/Lissy93/personal-security-checklist
@BlueRedTeam
CounterCraft
Detecting Malicious Artifacts Using an ETW Consumer in Kernel Mode
Post-exploitation tooling is becoming increasingly sophisticated and often evades detection by EDRs, meaning sometimes we will not be able to detect when an attacker is able to load his code into memory. Here's a way to detect artifacts that are already loaded…
#Cobalt_Strike
A spin-off research project. Cobalt Strike x Notion collab 2022
https://github.com/HuskyHacks/CobaltNotion
@BlueRedTeam
A spin-off research project. Cobalt Strike x Notion collab 2022
https://github.com/HuskyHacks/CobaltNotion
@BlueRedTeam
GitHub
GitHub - HuskyHacks/CobaltNotion: A spin-off research project. Cobalt Strike x Notion collab 2022
A spin-off research project. Cobalt Strike x Notion collab 2022 - HuskyHacks/CobaltNotion
👍1
#Red_Team
Red Team Service Center Blazor
https://github.com/paulveillard/cybersecurity-red-team
@BlueRedTeam
Red Team Service Center Blazor
https://github.com/paulveillard/cybersecurity-red-team
@BlueRedTeam
GitHub
GitHub - paulveillard/cybersecurity-red-team: An ongoing & curated collection of awesome software best practices and techniques…
An ongoing & curated collection of awesome software best practices and techniques, libraries and frameworks, E-books and videos, websites, blog posts, links to github Repositories, technica...
#Cobalt_Strike
Indicator Of Compromise (IOCs) for Bumblebee & Cobalt Strike
https://github.com/sarventhar/Bumblebee-and-Cobalt-Strike.
@BlueRedTeam
Indicator Of Compromise (IOCs) for Bumblebee & Cobalt Strike
https://github.com/sarventhar/Bumblebee-and-Cobalt-Strike.
@BlueRedTeam
#Cobalt_Strike
Indicator Of Compromise (IOCs) for Bumblebee & Cobalt Strike
https://github.com/sarventhar/Bumblebee-Cobalt-Strike
@BlueRedTeam
Indicator Of Compromise (IOCs) for Bumblebee & Cobalt Strike
https://github.com/sarventhar/Bumblebee-Cobalt-Strike
@BlueRedTeam
GitHub
GitHub - sarventhar/Bumblebee-Cobalt-Strike: Indicator Of Compromise (IOCs) for Bumblebee & Cobalt Strike
Indicator Of Compromise (IOCs) for Bumblebee & Cobalt Strike - GitHub - sarventhar/Bumblebee-Cobalt-Strike: Indicator Of Compromise (IOCs) for Bumblebee & Cobalt Strike
#Red_Team
Tampering With ForcePoint One DLP EndPoint
https://mrd0x.com/tampering-with-forcepoint-dlp
@BlueRedTeam
Tampering With ForcePoint One DLP EndPoint
https://mrd0x.com/tampering-with-forcepoint-dlp
@BlueRedTeam
Mrd0X
Security Research | mr.d0x
Providing security research and red team techniques
👍2
#Blue_Team
Malicious Registry Timestamp Manipulation Technique: Detecting Registry Timestomping
https://www.inversecos.com/2022/04/malicious-registry-timestamp.html
@BlueRedTeam
Malicious Registry Timestamp Manipulation Technique: Detecting Registry Timestomping
https://www.inversecos.com/2022/04/malicious-registry-timestamp.html
@BlueRedTeam
Inversecos
Malicious Registry Timestamp Manipulation Technique: Detecting Registry Timestomping
NetworkAttackMap
This is a medium level view of what internal network offensive operations look like largely from a directory services and connected services perspective. It is designed to help defenders and pentesters think about threats, vulnerabilites, vectors and scopes.
https://github.com/PwnDefend/NetworkAttackMap
@BlueRedTeam
This is a medium level view of what internal network offensive operations look like largely from a directory services and connected services perspective. It is designed to help defenders and pentesters think about threats, vulnerabilites, vectors and scopes.
https://github.com/PwnDefend/NetworkAttackMap
@BlueRedTeam
GitHub
GitHub - PwnDefend/NetworkAttackMap
Contribute to PwnDefend/NetworkAttackMap development by creating an account on GitHub.
Media is too big
VIEW IN TELEGRAM
#Red_Team
"Red team: pentest with two contractors at the same time"
Language : Russian
#Video #Pentest
@BlueRedTeam
"Red team: pentest with two contractors at the same time"
Language : Russian
#Video #Pentest
@BlueRedTeam
#tools
Tool and technique to punch holes through firewalls/NATs where both clients and server can be behind separate NATs without any 3rd party involvement. Pwnat uses a newly developed technique, exploiting a property of NAT translation tables, with no 3rd party, port forwarding, DMZ, router administrative requirements, STUN/TURN/UPnP/ICE
https://github.com/samyk/pwnat
@BlueRedTeam
Tool and technique to punch holes through firewalls/NATs where both clients and server can be behind separate NATs without any 3rd party involvement. Pwnat uses a newly developed technique, exploiting a property of NAT translation tables, with no 3rd party, port forwarding, DMZ, router administrative requirements, STUN/TURN/UPnP/ICE
https://github.com/samyk/pwnat
@BlueRedTeam
GitHub
GitHub - samyk/pwnat: The only tool/technique to punch holes through firewalls/NATs where multiple clients & server can be behind…
The only tool/technique to punch holes through firewalls/NATs where multiple clients & server can be behind separate NATs without any 3rd party involvement. Pwnat is a newly developed techn...
🔥2
#Red_Team
1. HTB: Overflow
https://0xdf.gitlab.io/2022/04/09/htb-overflow.html
2. Exploiting CVE-2022-0778, a bug in OpenSSL vis-à-vis WebRTC platforms
https://www.rtcsec.com/article/exploiting-cve-2022-0778-in-openssl-vs-webrtc-platforms
@BlueRedTeam
1. HTB: Overflow
https://0xdf.gitlab.io/2022/04/09/htb-overflow.html
2. Exploiting CVE-2022-0778, a bug in OpenSSL vis-à-vis WebRTC platforms
https://www.rtcsec.com/article/exploiting-cve-2022-0778-in-openssl-vs-webrtc-platforms
@BlueRedTeam
0xdf hacks stuff
HTB: Overflow
Overflow starts with a padding oracle attack on a cookie for a website. I’ll get to do some need cookie analysis before employing padbuster to decrypt the cookie and forge a new admin one. As admin, I get access to a logs panel with an SQL injection, where…
#tools
#Red_Team
1. Quickly discover exposed hosts on the internet using multiple search engine
https://github.com/projectdiscovery/uncover
2. A hacking tool (Reverse shell) based on python-3
https://github.com/JosephFrankFir/Rxploit
@BlueRedTeam
#Red_Team
1. Quickly discover exposed hosts on the internet using multiple search engine
https://github.com/projectdiscovery/uncover
2. A hacking tool (Reverse shell) based on python-3
https://github.com/JosephFrankFir/Rxploit
@BlueRedTeam
GitHub
GitHub - projectdiscovery/uncover: Quickly discover exposed hosts on the internet using multiple search engines.
Quickly discover exposed hosts on the internet using multiple search engines. - projectdiscovery/uncover
👍1
#Blue_Team
1. Firewall analysis: A portable graph based approach
https://diablohorn.com/2022/04/09/firewall-analysis-a-portable-graph-based-approach
2. Analyzing the Exploitation of Spring4Shell Vulnerability (CVE-2022-22965) in Weaponizing and Executing the Mirai Botnet Malware
https://www.trendmicro.com/en_us/research/22/d/cve-2022-22965-analyzing-the-exploitation-of-spring4shell-vulner.html
@BlueRedTeam
1. Firewall analysis: A portable graph based approach
https://diablohorn.com/2022/04/09/firewall-analysis-a-portable-graph-based-approach
2. Analyzing the Exploitation of Spring4Shell Vulnerability (CVE-2022-22965) in Weaponizing and Executing the Mirai Botnet Malware
https://www.trendmicro.com/en_us/research/22/d/cve-2022-22965-analyzing-the-exploitation-of-spring4shell-vulner.html
@BlueRedTeam
DiabloHorn
Firewall analysis: A portable graph based approach
Sometimes you are asked to perform a firewall analysis to determine if the configuration can be improved upon to reduce the ability for an attacker to move laterally through the network or identify…
#CVE-2022
CVE-2022-22954 is a server-side template injection vulnerability in the VMware Workspace ONE Access and Identity Manager
https://github.com/Vulnmachines/VMWare_CVE-2022-22954
@BlueRedTeam
CVE-2022-22954 is a server-side template injection vulnerability in the VMware Workspace ONE Access and Identity Manager
https://github.com/Vulnmachines/VMWare_CVE-2022-22954
@BlueRedTeam
GitHub
GitHub - Vulnmachines/VMWare_CVE-2022-22954: CVE-2022-22954 is a server-side template injection vulnerability in the VMware Workspace…
CVE-2022-22954 is a server-side template injection vulnerability in the VMware Workspace ONE Access and Identity Manager - Vulnmachines/VMWare_CVE-2022-22954