#CVE-2022
CVE-2022-22954 VMware Workspace ONE Access freemarker SSTI 漏洞 命令执行、批量检测脚本
https://github.com/bewhale/CVE-2022-22954
@BlueRedTeam
CVE-2022-22954 VMware Workspace ONE Access freemarker SSTI 漏洞 命令执行、批量检测脚本
https://github.com/bewhale/CVE-2022-22954
@BlueRedTeam
GitHub
GitHub - bewhale/CVE-2022-22954: CVE-2022-22954 VMware Workspace ONE Access freemarker SSTI 漏洞 命令执行、批量检测脚本、文件写入
CVE-2022-22954 VMware Workspace ONE Access freemarker SSTI 漏洞 命令执行、批量检测脚本、文件写入 - bewhale/CVE-2022-22954
#Red_Team
Polymorphic code obfuscator for use in Red Team operations
https://github.com/maltek-labs/Malcode-Obfuscator
@IotPenetrationTesting
Polymorphic code obfuscator for use in Red Team operations
https://github.com/maltek-labs/Malcode-Obfuscator
@IotPenetrationTesting
GitHub
GitHub - maltek-labs/Malcode-Obfuscator: Polymorphic code obfuscator for use in Red Team operations
Polymorphic code obfuscator for use in Red Team operations - maltek-labs/Malcode-Obfuscator
#Blue_Team
Building Blue Team Home Lab
Part 1 - Introduction
https://facyber.me/posts/blue-team-lab-guide-part-1
Part 2 - Network Topology
https://facyber.me/posts/blue-team-lab-guide-part-2
Part 3 - Deploying a firewall
https://facyber.me/posts/blue-team-lab-guide-part-3
@BlueRedTeam
Building Blue Team Home Lab
Part 1 - Introduction
https://facyber.me/posts/blue-team-lab-guide-part-1
Part 2 - Network Topology
https://facyber.me/posts/blue-team-lab-guide-part-2
Part 3 - Deploying a firewall
https://facyber.me/posts/blue-team-lab-guide-part-3
@BlueRedTeam
facyber
Building Blue Team Home Lab Part 1 - Introduction
For quite some time I have desired to create my own home lab dedicated to Blue Team. I also had the same desire to create one for Red Team but, it always ended up in having a single Kali Linux and maybe 1 or 2 machines, because I was always learning on online…
#Threat_Research
#SCADA_Security
APT Cyber Tools Targeting ICS/SCADA Devices
https://www.cisa.gov/uscert/ncas/alerts/aa22-103a
@BlueRedTeam
#SCADA_Security
APT Cyber Tools Targeting ICS/SCADA Devices
https://www.cisa.gov/uscert/ncas/alerts/aa22-103a
@BlueRedTeam
👍2
#exploit
Exploiting XSS with Javanoscript/JPEG Polyglot
https://systemweakness.com/exploiting-xss-with-javanoscript-jpeg-polyglot-4cff06f8201a
@BlueRedTeam
Exploiting XSS with Javanoscript/JPEG Polyglot
https://systemweakness.com/exploiting-xss-with-javanoscript-jpeg-polyglot-4cff06f8201a
@BlueRedTeam
Medium
Exploiting XSS with Javanoscript/JPEG Polyglot
What is a polyglot?
#CVE-2022
Proof of Concept for exploiting VMware CVE-2022-22954
https://github.com/tyleraharrison/VMware-CVE-2022-22954-Command-Injector
@BlueRedTeam
Proof of Concept for exploiting VMware CVE-2022-22954
https://github.com/tyleraharrison/VMware-CVE-2022-22954-Command-Injector
@BlueRedTeam
GitHub
GitHub - tyleraharrison/VMware-CVE-2022-22954-Command-Injector: Proof of Concept for exploiting VMware CVE-2022-22954
Proof of Concept for exploiting VMware CVE-2022-22954 - GitHub - tyleraharrison/VMware-CVE-2022-22954-Command-Injector: Proof of Concept for exploiting VMware CVE-2022-22954
Network Attack and Defense
The author is a senior in cybersecurity and is about to pursue a postgraduate study in a certain institution of the Chinese Academy of Sciences. He is very interested in cybersecurity and CTF. The fields of study include but are not limited to system security, red team attack and defense, etc. This repository will record his own growth process and careful attention to detail. Organize and study the collected materials. Welcome pr! These materials have basically been seen or are being studied by themselves~ They will give their own understanding of the materials, so they have relatively good reference value!
https://github.com/tangzichengcc/The_Growth_Path_Of_A_Pwner
@BlueRedTeam
The author is a senior in cybersecurity and is about to pursue a postgraduate study in a certain institution of the Chinese Academy of Sciences. He is very interested in cybersecurity and CTF. The fields of study include but are not limited to system security, red team attack and defense, etc. This repository will record his own growth process and careful attention to detail. Organize and study the collected materials. Welcome pr! These materials have basically been seen or are being studied by themselves~ They will give their own understanding of the materials, so they have relatively good reference value!
https://github.com/tangzichengcc/The_Growth_Path_Of_A_Pwner
@BlueRedTeam
GitHub
GitHub - tangzichengcc/The_Growth_Path_Of_A_CTFer_And_Pwner: 作者目前在中科院某所攻读研究生,对网络安全,CTF非常感兴趣.学习的领域包括但不限于PWN、系统安全、红队攻防等. 这个仓库会记…
作者目前在中科院某所攻读研究生,对网络安全,CTF非常感兴趣.学习的领域包括但不限于PWN、系统安全、红队攻防等. 这个仓库会记录自己的成长历程以及学习过程中整理的资料. - GitHub - tangzichengcc/The_Growth_Path_Of_A_CTFer_And_Pwner: 作者目前在中科院某所攻读研究生,对网络安全,CTF非常感兴趣.学习的领域包括但不限于PWN、系...
#Pentest
"Architect's Kung Fu" tutorial collection, article collection includes paradigm programming, microservices, essential algorithms, security attack and defense, assembly, crawler, reverse engineering, penetration testing...
https://github.com/xiaomiwujiecao/KongFuOfArchitect
@BlueRedTeam
"Architect's Kung Fu" tutorial collection, article collection includes paradigm programming, microservices, essential algorithms, security attack and defense, assembly, crawler, reverse engineering, penetration testing...
https://github.com/xiaomiwujiecao/KongFuOfArchitect
@BlueRedTeam
GitHub
GitHub - program-spiritual/KongFuOfArchitect: (Updating!) Architect's Kung Fu tutorial collection Article collection contains paradigm…
(Updating!) Architect's Kung Fu tutorial collection Article collection contains paradigm programming microservices essential algorithms Security attack Assembly Crawler Reverse penetration ...
#CVE-2022
Spring Cloud Gateway Actuator API SpEL Code Injection (CVE-2022-22947)
https://github.com/twseptian/cve-2022-22947
@BlueRedTeam
Spring Cloud Gateway Actuator API SpEL Code Injection (CVE-2022-22947)
https://github.com/twseptian/cve-2022-22947
@BlueRedTeam
GitHub
GitHub - twseptian/cve-2022-22947: Spring Cloud Gateway Actuator API SpEL Code Injection (CVE-2022-22947)
Spring Cloud Gateway Actuator API SpEL Code Injection (CVE-2022-22947) - twseptian/cve-2022-22947
#CVE-2022
spring-cloud / spring-cloud-function,spring.cloud.function.routing-expression,RCE,0day,0-day,POC,EXP,CVE-2022-22963
https://github.com/hktalent/spring-spel-0day-poc
@BlueRedTeam
spring-cloud / spring-cloud-function,spring.cloud.function.routing-expression,RCE,0day,0-day,POC,EXP,CVE-2022-22963
https://github.com/hktalent/spring-spel-0day-poc
@BlueRedTeam
GitHub
GitHub - hktalent/spring-spel-0day-poc: spring-cloud / spring-cloud-function,spring.cloud.function.routing-expression,RCE,0day…
spring-cloud / spring-cloud-function,spring.cloud.function.routing-expression,RCE,0day,0-day,POC,EXP,CVE-2022-22963 - hktalent/spring-spel-0day-poc
#exploit
+ CVE-2022-28345:
Signal client for iOS < 5.33.2 are vulnerable to RTLO Injection URI Spoofing using malicious URLs
https://sick.codes/sick-2022-42
+ CVE-2021-1782:
an iOS in-the-wild vulnerability in vouchers
https://googleprojectzero.blogspot.com/2022/04/cve-2021-1782-ios-in-wild-vulnerability.html
@BlueRedTeam
+ CVE-2022-28345:
Signal client for iOS < 5.33.2 are vulnerable to RTLO Injection URI Spoofing using malicious URLs
https://sick.codes/sick-2022-42
+ CVE-2021-1782:
an iOS in-the-wild vulnerability in vouchers
https://googleprojectzero.blogspot.com/2022/04/cve-2021-1782-ios-in-wild-vulnerability.html
@BlueRedTeam
Sick.Codes
CVE-2022-28345 – Signal client for iOS version 5.33.2 and below are vulnerable to RTLO Injection URI Spoofing using malicious URLs…
Title CVE-2022-28345 – Signal client for iOS version 5.33.2 and below are vulnerable to RTLO Injection URI Spoofing using malicious URLs such as gepj.net/selif#/moc.elpmaxe which would appear as example.com/#files/ten.jpeg CVE ID CVE-2022-28345 CVSS Score…
#CVE-2022
CVE-2022-22954 VMware Workspace ONE Access free marker SSTI
https://github.com/MLX15/CVE-2022-22954
@BlueRedTeam
CVE-2022-22954 VMware Workspace ONE Access free marker SSTI
https://github.com/MLX15/CVE-2022-22954
@BlueRedTeam
GitHub
GitHub - MLX15/CVE-2022-22954: CVE-2022-22954 VMware Workspace ONE Access free marker SSTI
CVE-2022-22954 VMware Workspace ONE Access free marker SSTI - MLX15/CVE-2022-22954
Exploiting a double-edged SSRF for server and client-side impact
https://www.yassineaboukir.com/blog/exploiting-a-double-edged-SSRF-for-server-and-client-side-impact
@BlueRedTeam
https://www.yassineaboukir.com/blog/exploiting-a-double-edged-SSRF-for-server-and-client-side-impact
@BlueRedTeam
Yassine Aboukir
Exploiting a double-edged SSRF for server and client-side impact
Just like a knife with two cutting edges, this is a story of a double-edged Server-Side Request Forgery (SSRF) vulnerability which was successfully exploited to achieve and demonstrate both server and client-side security impact which is not very common to…
#Red_Team
Red Teaming Toolkit
A collection of open source and commercial tools that aid in red team operations. This post will help you during red team engagement.
Contents
— Reconnaissance
— Weaponization
— Delivery
— Command and Control
— Lateral Movement
— Establish Foothold
— Escalate Privileges
— Data Exfiltration
— Misc
— References
https://renatoborbolla.medium.com/red-teaming-adversary-simulation-toolkit-da89b20cb5ea
@BlueRedTeam
Red Teaming Toolkit
A collection of open source and commercial tools that aid in red team operations. This post will help you during red team engagement.
Contents
— Reconnaissance
— Weaponization
— Delivery
— Command and Control
— Lateral Movement
— Establish Foothold
— Escalate Privileges
— Data Exfiltration
— Misc
— References
https://renatoborbolla.medium.com/red-teaming-adversary-simulation-toolkit-da89b20cb5ea
@BlueRedTeam
Medium
Red Teaming/Adversary Simulation Toolkit
Organizations are having a hard time detecting new tactics and techniques employed by cyber criminals looking to breach their defenses…
#exploit
+ CVE-2022-26809:
Weakness in a core Windows 7/10/Server2019/2022 component (RPC)
https://github.com/XmasSnow/CVE-2022-26809-RCE
+ CVE-2022-29072:
7-Zip <21.07 on Windows allows privilege escalation and command execution when a file with the .7z extension is dragged to the Help>Contents area (0-day)
https://github.com/kagancapar/CVE-2022-29072
@BlueRedTeam
+ CVE-2022-26809:
Weakness in a core Windows 7/10/Server2019/2022 component (RPC)
https://github.com/XmasSnow/CVE-2022-26809-RCE
+ CVE-2022-29072:
7-Zip <21.07 on Windows allows privilege escalation and command execution when a file with the .7z extension is dragged to the Help>Contents area (0-day)
https://github.com/kagancapar/CVE-2022-29072
@BlueRedTeam