#Red_Team
+ Adventures with KernelCallbackTable Injection
https://captmeelo.com/redteam/maldev/2022/04/21/kernelcallbacktable-injection.html
+ Exploiting Security Checks on Bind Mount
https://tbhaxor.com/exploit-docker-firewall-bind-mount-security
@BlueRedTeam
+ Adventures with KernelCallbackTable Injection
https://captmeelo.com/redteam/maldev/2022/04/21/kernelcallbacktable-injection.html
+ Exploiting Security Checks on Bind Mount
https://tbhaxor.com/exploit-docker-firewall-bind-mount-security
@BlueRedTeam
Hack.Learn.Share
Adventures with KernelCallbackTable Injection
A walkthrough on how I made KernelCallbackTable process injection work according to what I wanted.
#Cobalt_Strike
A collection of tools which integrate with Cobalt Strike (and possibly other C2 frameworks) through BOF and reflective DLL loading techniques.
https://github.com/outflanknl/C2-Tool-Collection
@BlueRedTeam
A collection of tools which integrate with Cobalt Strike (and possibly other C2 frameworks) through BOF and reflective DLL loading techniques.
https://github.com/outflanknl/C2-Tool-Collection
@BlueRedTeam
GitHub
GitHub - outflanknl/C2-Tool-Collection: A collection of tools which integrate with Cobalt Strike (and possibly other C2 frameworks)…
A collection of tools which integrate with Cobalt Strike (and possibly other C2 frameworks) through BOF and reflective DLL loading techniques. - outflanknl/C2-Tool-Collection
#Red_Team
Red Team Toolkit is an Open-Source Django Offensive Web-App which is keeping the useful offensive tools used in the red-teaming together.
https://github.com/Johnrhume/UPDATE-Redivivus-Inc..-aa
@BlueRedTeam
Red Team Toolkit is an Open-Source Django Offensive Web-App which is keeping the useful offensive tools used in the red-teaming together.
https://github.com/Johnrhume/UPDATE-Redivivus-Inc..-aa
@BlueRedTeam
#exploit
+ CVE-2022-29464:
WSO2 RCE exploit and writeup
https://github.com/hakivvi/CVE-2022-29464
+ Cronos - Windows 10/11 x64 ring 0 rootkit
https://github.com/XaFF-XaFF/Cronos-Rootkit
@BlueRedTeam
+ CVE-2022-29464:
WSO2 RCE exploit and writeup
https://github.com/hakivvi/CVE-2022-29464
+ Cronos - Windows 10/11 x64 ring 0 rootkit
https://github.com/XaFF-XaFF/Cronos-Rootkit
@BlueRedTeam
GitHub
GitHub - hakivvi/CVE-2022-29464: WSO2 RCE (CVE-2022-29464) exploit and writeup.
WSO2 RCE (CVE-2022-29464) exploit and writeup. Contribute to hakivvi/CVE-2022-29464 development by creating an account on GitHub.
#Blue_Team
The Threat Hunting In Rapid Iterations (THIRI) Jupyter notebook is designed as a research aide to let you rapidly prototype threat hunting rules
https://github.com/mandiant/thiri-notebook
@BlueRedTeam
The Threat Hunting In Rapid Iterations (THIRI) Jupyter notebook is designed as a research aide to let you rapidly prototype threat hunting rules
https://github.com/mandiant/thiri-notebook
@BlueRedTeam
GitHub
GitHub - mandiant/thiri-notebook: The Threat Hunting In Rapid Iterations (THIRI) Jupyter notebook is designed as a research aide…
The Threat Hunting In Rapid Iterations (THIRI) Jupyter notebook is designed as a research aide to let you rapidly prototype threat hunting rules. - mandiant/thiri-notebook
#CVE-2022
WSOB is a python created to exploit the new vulnerability on WSO2 assigned as CVE-2022-29464.
https://github.com/oppsec/WSOB
@BlueRedTeam
WSOB is a python created to exploit the new vulnerability on WSO2 assigned as CVE-2022-29464.
https://github.com/oppsec/WSOB
@BlueRedTeam
GitHub
GitHub - 000pp/WSOB: 😭 WSOB is a python tool created to exploit the new vulnerability on WSO2 assigned as CVE-2022-29464.
😭 WSOB is a python tool created to exploit the new vulnerability on WSO2 assigned as CVE-2022-29464. - 000pp/WSOB
#Red_Team
+ Moodle Stored XSS and blind SSRF possible via feedback answer text
https://r0.haxors.org/posts?id=20
+ Privilege Escalation to SYSTEM in AWS VPN Client (CVE-2022-25165)
https://rhinosecuritylabs.com/aws/cve-2022-25165-aws-vpn-client
@BlueRedTeam
+ Moodle Stored XSS and blind SSRF possible via feedback answer text
https://r0.haxors.org/posts?id=20
+ Privilege Escalation to SYSTEM in AWS VPN Client (CVE-2022-25165)
https://rhinosecuritylabs.com/aws/cve-2022-25165-aws-vpn-client
@BlueRedTeam
Rhino Security Labs
CVE-2022-25165: Privilege Escalation to SYSTEM in AWS VPN Client
The AWS VPN Client application is affected by an arbitrary file write as SYSTEM, which can lead to privilege escalation.
#EmergencyResponse
This project integrates the excellent offensive and defensive tool projects of the whole network, including automatic utilization, subdomain, sensitive directory, port and other scanning, major middleware, cms vulnerability exploitation tools and emergency response materials.
https://github.com/guchangan1/-
@BlueRedTeam
This project integrates the excellent offensive and defensive tool projects of the whole network, including automatic utilization, subdomain, sensitive directory, port and other scanning, major middleware, cms vulnerability exploitation tools and emergency response materials.
https://github.com/guchangan1/-
@BlueRedTeam
GitHub
GitHub - guchangan1/All-Defense-Tool: 本项目集成了全网优秀的攻防武器工具项目,包含自动化利用,子域名、目录扫描、端口扫描等信息收集工具,各大中间件、cms漏洞利用工具,爆破工具、内网横向及免杀、社工钓鱼以及应急响应等资料。
本项目集成了全网优秀的攻防武器工具项目,包含自动化利用,子域名、目录扫描、端口扫描等信息收集工具,各大中间件、cms漏洞利用工具,爆破工具、内网横向及免杀、社工钓鱼以及应急响应等资料。 - GitHub - guchangan1/All-Defense-Tool: 本项目集成了全网优秀的攻防武器工具项目,包含自动化利用,子域名、目录扫描、端口扫描等信息收集工具,各大中间件、cms漏洞利用工具...
👍3👎1