#Red_Team
1. In-Process Patchless AMSI Bypass
https://ethicalchaos.dev/2022/04/17/in-process-patchless-amsi-bypass
2. Analyzing Palo Alto Cortex XDR and finding ways to bypass it
https://mrd0x.com/cortex-xdr-analysis-and-bypass
@BlueRedTeam
1. In-Process Patchless AMSI Bypass
https://ethicalchaos.dev/2022/04/17/in-process-patchless-amsi-bypass
2. Analyzing Palo Alto Cortex XDR and finding ways to bypass it
https://mrd0x.com/cortex-xdr-analysis-and-bypass
@BlueRedTeam
Ethical Chaos
In-Process Patchless AMSI Bypass - Ethical Chaos
Some of you may remember my patchless AMSI bypass article and how it was used inside SharpBlock to bypass AMSI on the child process that SharpBlock spawns. This is all well a good when up against client environments that are not too sensitive to the fork…
#Red_Team
A Detailed Guide on HTML Smuggling
https://www.hackingarticles.in/a-detailed-guide-on-html-smuggling
@BlueRedTeam
A Detailed Guide on HTML Smuggling
https://www.hackingarticles.in/a-detailed-guide-on-html-smuggling
@BlueRedTeam
Hacking Articles
A Detailed Guide on HTML Smuggling
Learn how HTML Smuggling bypasses firewalls using JS blobs and payloads, with live noscripts, attack demos, and mitigation steps.
#Red_Team
+ Persisting XSS With IFrame Traps
https://www.trustedsec.com/blog/persisting-xss-with-iframe-traps
+ The all-in-one Red Team extension for Web Pentester
https://github.com/LasCC/Hack-Tools
@BlueRedTeam
+ Persisting XSS With IFrame Traps
https://www.trustedsec.com/blog/persisting-xss-with-iframe-traps
+ The all-in-one Red Team extension for Web Pentester
https://github.com/LasCC/Hack-Tools
@BlueRedTeam
TrustedSec
Persisting XSS With IFrame Traps
It may be a reflected XSS vulnerability where we've tricked our user into clicking a link, but when they land on the page where we were able to inject our…
#exploit
+ bluez: malicious USB devices can steal Bluetooth link keys over HCI using fake BD_ADDR, plus bluetoothd double-free
https://bugs.chromium.org/p/project-zero/issues/detail?id=2256
+ CVE-2022-0995:
Linux: watch_queue filter OOB write (and other bugs)
https://bugs.chromium.org/p/project-zero/issues/detail?id=2274
@BlueRedTeam
+ bluez: malicious USB devices can steal Bluetooth link keys over HCI using fake BD_ADDR, plus bluetoothd double-free
https://bugs.chromium.org/p/project-zero/issues/detail?id=2256
+ CVE-2022-0995:
Linux: watch_queue filter OOB write (and other bugs)
https://bugs.chromium.org/p/project-zero/issues/detail?id=2274
@BlueRedTeam
#CVE-2022
CVE-2022-21449 Proof of Concept demonstrating its usage with a vulnerable client and a malicious TLS server
https://github.com/khalednassar/CVE-2022-21449-TLS-PoC
@BlueRedTeam
CVE-2022-21449 Proof of Concept demonstrating its usage with a vulnerable client and a malicious TLS server
https://github.com/khalednassar/CVE-2022-21449-TLS-PoC
@BlueRedTeam
GitHub
GitHub - notkmhn/CVE-2022-21449-TLS-PoC: CVE-2022-21449 Proof of Concept demonstrating its usage with a client running on a vulnerable…
CVE-2022-21449 Proof of Concept demonstrating its usage with a client running on a vulnerable Java version and a malicious TLS server - notkmhn/CVE-2022-21449-TLS-PoC
#CVE-2022
This repository contains a PoC for remote code execution CVE-2022-26809
https://github.com/DESC0N0C1D0/CVE-2022-26809-RCE
@BlueRedTeam
This repository contains a PoC for remote code execution CVE-2022-26809
https://github.com/DESC0N0C1D0/CVE-2022-26809-RCE
@BlueRedTeam
MISP (core software) - Open Source Threat Intelligence and Sharing Platform
https://github.com/MISP/MISP
@BlueRedTeam
https://github.com/MISP/MISP
@BlueRedTeam
GitHub
GitHub - MISP/MISP: MISP (core software) - Open Source Threat Intelligence and Sharing Platform
MISP (core software) - Open Source Threat Intelligence and Sharing Platform - MISP/MISP
#exploit
+ CVE-2022-21449:
"Psychic Signatures"
PoC demonstrating its usage with a vulnerable client and a malicious TLS server
https://github.com/khalednassar/CVE-2022-21449-TLS-PoC
+ CVE-2022-21449:
Exploitation and Sample Vulnerable Application of the JWT Null Signature Vulnerability
https://github.com/DataDog/security-labs-pocs/tree/main/proof-of-concept-exploits/jwt-null-signature-vulnerable-app
@BlueRedTeam
+ CVE-2022-21449:
"Psychic Signatures"
PoC demonstrating its usage with a vulnerable client and a malicious TLS server
https://github.com/khalednassar/CVE-2022-21449-TLS-PoC
+ CVE-2022-21449:
Exploitation and Sample Vulnerable Application of the JWT Null Signature Vulnerability
https://github.com/DataDog/security-labs-pocs/tree/main/proof-of-concept-exploits/jwt-null-signature-vulnerable-app
@BlueRedTeam
GitHub
GitHub - notkmhn/CVE-2022-21449-TLS-PoC: CVE-2022-21449 Proof of Concept demonstrating its usage with a client running on a vulnerable…
CVE-2022-21449 Proof of Concept demonstrating its usage with a client running on a vulnerable Java version and a malicious TLS server - notkmhn/CVE-2022-21449-TLS-PoC
#Red_Team
+ Adventures with KernelCallbackTable Injection
https://captmeelo.com/redteam/maldev/2022/04/21/kernelcallbacktable-injection.html
+ Exploiting Security Checks on Bind Mount
https://tbhaxor.com/exploit-docker-firewall-bind-mount-security
@BlueRedTeam
+ Adventures with KernelCallbackTable Injection
https://captmeelo.com/redteam/maldev/2022/04/21/kernelcallbacktable-injection.html
+ Exploiting Security Checks on Bind Mount
https://tbhaxor.com/exploit-docker-firewall-bind-mount-security
@BlueRedTeam
Hack.Learn.Share
Adventures with KernelCallbackTable Injection
A walkthrough on how I made KernelCallbackTable process injection work according to what I wanted.
#Cobalt_Strike
A collection of tools which integrate with Cobalt Strike (and possibly other C2 frameworks) through BOF and reflective DLL loading techniques.
https://github.com/outflanknl/C2-Tool-Collection
@BlueRedTeam
A collection of tools which integrate with Cobalt Strike (and possibly other C2 frameworks) through BOF and reflective DLL loading techniques.
https://github.com/outflanknl/C2-Tool-Collection
@BlueRedTeam
GitHub
GitHub - outflanknl/C2-Tool-Collection: A collection of tools which integrate with Cobalt Strike (and possibly other C2 frameworks)…
A collection of tools which integrate with Cobalt Strike (and possibly other C2 frameworks) through BOF and reflective DLL loading techniques. - outflanknl/C2-Tool-Collection
#Red_Team
Red Team Toolkit is an Open-Source Django Offensive Web-App which is keeping the useful offensive tools used in the red-teaming together.
https://github.com/Johnrhume/UPDATE-Redivivus-Inc..-aa
@BlueRedTeam
Red Team Toolkit is an Open-Source Django Offensive Web-App which is keeping the useful offensive tools used in the red-teaming together.
https://github.com/Johnrhume/UPDATE-Redivivus-Inc..-aa
@BlueRedTeam
#exploit
+ CVE-2022-29464:
WSO2 RCE exploit and writeup
https://github.com/hakivvi/CVE-2022-29464
+ Cronos - Windows 10/11 x64 ring 0 rootkit
https://github.com/XaFF-XaFF/Cronos-Rootkit
@BlueRedTeam
+ CVE-2022-29464:
WSO2 RCE exploit and writeup
https://github.com/hakivvi/CVE-2022-29464
+ Cronos - Windows 10/11 x64 ring 0 rootkit
https://github.com/XaFF-XaFF/Cronos-Rootkit
@BlueRedTeam
GitHub
GitHub - hakivvi/CVE-2022-29464: WSO2 RCE (CVE-2022-29464) exploit and writeup.
WSO2 RCE (CVE-2022-29464) exploit and writeup. Contribute to hakivvi/CVE-2022-29464 development by creating an account on GitHub.