#tools
#Blue_Team
Determine whether a given video sequence has been manipulated or synthetically generated
https://github.com/chinmaynehate/DFSpot-Deepfake-Recognition
@BlueRedTeam
#Blue_Team
Determine whether a given video sequence has been manipulated or synthetically generated
https://github.com/chinmaynehate/DFSpot-Deepfake-Recognition
@BlueRedTeam
GitHub
GitHub - chinmaynehate/DFSpot-Deepfake-Recognition: Determine whether a given video sequence has been manipulated or synthetically…
Determine whether a given video sequence has been manipulated or synthetically generated - chinmaynehate/DFSpot-Deepfake-Recognition
#Red_Team
Method for extracting credentials in Windows
Can't retrieve credentials via DPAPI or Mimikatz? Don't worry, Microsoft has taken care of you. Just use
to retrieve all stored passwords on a host, be it the target server, FTP, or Chrome passwords, Microsoft has you covered.
@BlueRedTeam
Method for extracting credentials in Windows
Can't retrieve credentials via DPAPI or Mimikatz? Don't worry, Microsoft has taken care of you. Just use
rundll32 keymgr.dll, KRShowKeyMgrto retrieve all stored passwords on a host, be it the target server, FTP, or Chrome passwords, Microsoft has you covered.
@BlueRedTeam
#tools
#Blue_Team
Tool and library to check cryptographic public keys for known vulnerabilities
https://github.com/badkeys/badkeys
@BlueRedTeam
#Blue_Team
Tool and library to check cryptographic public keys for known vulnerabilities
https://github.com/badkeys/badkeys
@BlueRedTeam
GitHub
GitHub - badkeys/badkeys: Tool to find common vulnerabilities in cryptographic public keys
Tool to find common vulnerabilities in cryptographic public keys - badkeys/badkeys
#Red_Team
This is a project based on a Red Team - Blue Team Exercise
https://github.com/skyeskyeskye/Project-2
@BlueRedTeam
This is a project based on a Red Team - Blue Team Exercise
https://github.com/skyeskyeskye/Project-2
@BlueRedTeam
GitHub
GitHub - skyeskyeskye/Project-2: This is a project based on a Red Team - Blue Team Exercise
This is a project based on a Red Team - Blue Team Exercise - GitHub - skyeskyeskye/Project-2: This is a project based on a Red Team - Blue Team Exercise
#Offensive
Engineering antivirus evasion
Part 1:
https://blog.scrt.ch/2020/06/19/engineering-antivirus-evasion
]-> C/C++ source obfuscator for antivirus bypass:
https://github.com/scrt/avcleaner
Part 2:
C/C++ source obfuscator for antivirus bypass
https://blog.scrt.ch/2020/07/15/engineering-antivirus-evasion-part-ii
]-> PoC: https://github.com/scrt/avcleaner
Part 3:
https://blog.scrt.ch/2022/04/19/3432
@BlueRedTeam
Engineering antivirus evasion
Part 1:
https://blog.scrt.ch/2020/06/19/engineering-antivirus-evasion
]-> C/C++ source obfuscator for antivirus bypass:
https://github.com/scrt/avcleaner
Part 2:
C/C++ source obfuscator for antivirus bypass
https://blog.scrt.ch/2020/07/15/engineering-antivirus-evasion-part-ii
]-> PoC: https://github.com/scrt/avcleaner
Part 3:
https://blog.scrt.ch/2022/04/19/3432
@BlueRedTeam
GitHub
GitHub - scrt/avcleaner: C/C++ source obfuscator for antivirus bypass
C/C++ source obfuscator for antivirus bypass. Contribute to scrt/avcleaner development by creating an account on GitHub.
#exploit
+ CVE-2021-26887:
Group Policy Folder Redirection
https://decoder.cloud/2022/04/27/group-policy-folder-redirection-cve-2021-26887
+ kernel r/w exploit for iOS 15.0 - 15.1.1
https://github.com/potmdehex/multicast_bytecopy
@BlueRedTeam
+ CVE-2021-26887:
Group Policy Folder Redirection
https://decoder.cloud/2022/04/27/group-policy-folder-redirection-cve-2021-26887
+ kernel r/w exploit for iOS 15.0 - 15.1.1
https://github.com/potmdehex/multicast_bytecopy
@BlueRedTeam
Decoder's Blog
Group Policy Folder Redirection CVE-2021-26887
Two years ago (march 2020), I found this sort of “vulnerability” in Folder Redirection policy and reported it to MSRC. They acknowledged it with CVE-2021-26887 even if they did not real…
#Red_Team
Bypassing EDR real-time injection detection logic
https://blog.redbluepurple.io/offensive-research/bypassing-injection-detection
@BlueRedTeam
Bypassing EDR real-time injection detection logic
https://blog.redbluepurple.io/offensive-research/bypassing-injection-detection
@BlueRedTeam
#Cobalt_Strike
A work in progress of constructing a minimal http(s) beacon for Cobalt Strike.
https://github.com/SecIdiot/minbeacon
@BlueRedTeam
A work in progress of constructing a minimal http(s) beacon for Cobalt Strike.
https://github.com/SecIdiot/minbeacon
@BlueRedTeam
#Red_Team
This is a project based on a Red Team - Blue Team Exercise
https://github.com/NetSPI/ESC
@BlueRedTeam
This is a project based on a Red Team - Blue Team Exercise
https://github.com/NetSPI/ESC
@BlueRedTeam
GitHub
GitHub - NetSPI/ESC: Evil SQL Client (ESC) is an interactive .NET SQL console client with enhanced SQL Server discovery, access…
Evil SQL Client (ESC) is an interactive .NET SQL console client with enhanced SQL Server discovery, access, and data exfiltration features. While ESC can be a handy SQL Client for daily tasks, it w...
#Red_Team
+ A blueprint for evading industry leading endpoint protection in 2022
https://vanmieghem.io/blueprint-for-evading-edr-in-2022
+ Reconnaissance
https://dhiyaneshgeek.github.io/red/teaming/2022/04/28/reconnaissance-red-teaming
@BlueRedTeam
+ A blueprint for evading industry leading endpoint protection in 2022
https://vanmieghem.io/blueprint-for-evading-edr-in-2022
+ Reconnaissance
https://dhiyaneshgeek.github.io/red/teaming/2022/04/28/reconnaissance-red-teaming
@BlueRedTeam
Vincent Van Mieghem
A blueprint for evading industry leading endpoint protection in 2022
Bypassing CrowdStrike and Microsoft Defender for Endpoint
#Cobalt_Strike
A work in progress of constructing a minimal http(s) beacon for Cobalt Strike.
https://github.com/surgicalmittens/minbeacon
@BlueRedTeam
A work in progress of constructing a minimal http(s) beacon for Cobalt Strike.
https://github.com/surgicalmittens/minbeacon
@BlueRedTeam
#Red_Team
Windows Events Attack Samples
https://github.com/sbousseaden/EVTX-ATTACK-SAMPLES
@BlueRedTeam
Windows Events Attack Samples
https://github.com/sbousseaden/EVTX-ATTACK-SAMPLES
@BlueRedTeam
GitHub
GitHub - sbousseaden/EVTX-ATTACK-SAMPLES: Windows Events Attack Samples
Windows Events Attack Samples. Contribute to sbousseaden/EVTX-ATTACK-SAMPLES development by creating an account on GitHub.
#LAPSUS$:
Recent techniques, tactics and procedures
https://research.nccgroup.com/2022/04/28/lapsus-recent-techniques-tactics-and-procedures
@BlueRedTeam
Recent techniques, tactics and procedures
https://research.nccgroup.com/2022/04/28/lapsus-recent-techniques-tactics-and-procedures
@BlueRedTeam
Nccgroup
Cyber Security Research
Cutting-edge cyber security research from NCC Group. Find public reports, technical advisories, analyses, & other novel insights from our global experts.
#Red_Team
+Pwning a Server using Markdown: Escalating a bug in a vulnerable markdown parser to exploit LFI and get RCE
https://blog.dixitaditya.com/pwning-a-server-using-markdown
+ Wormable Cross-Site Scripting Vulnerability affecting Rarible’s NFT Marketplace
https://palisade.consulting/blog/rarible-vulnerability
@BlueRedTeam
+Pwning a Server using Markdown: Escalating a bug in a vulnerable markdown parser to exploit LFI and get RCE
https://blog.dixitaditya.com/pwning-a-server-using-markdown
+ Wormable Cross-Site Scripting Vulnerability affecting Rarible’s NFT Marketplace
https://palisade.consulting/blog/rarible-vulnerability
@BlueRedTeam
All Things Security
Pwning a Server using Markdown
Escalating a bug in a vulnerable markdown parser to exploit LFI and get RCE
👍1