#Cobalt_Strike
A work in progress of constructing a minimal http(s) beacon for Cobalt Strike.
https://github.com/surgicalmittens/minbeacon
@BlueRedTeam
A work in progress of constructing a minimal http(s) beacon for Cobalt Strike.
https://github.com/surgicalmittens/minbeacon
@BlueRedTeam
#Red_Team
Windows Events Attack Samples
https://github.com/sbousseaden/EVTX-ATTACK-SAMPLES
@BlueRedTeam
Windows Events Attack Samples
https://github.com/sbousseaden/EVTX-ATTACK-SAMPLES
@BlueRedTeam
GitHub
GitHub - sbousseaden/EVTX-ATTACK-SAMPLES: Windows Events Attack Samples
Windows Events Attack Samples. Contribute to sbousseaden/EVTX-ATTACK-SAMPLES development by creating an account on GitHub.
#LAPSUS$:
Recent techniques, tactics and procedures
https://research.nccgroup.com/2022/04/28/lapsus-recent-techniques-tactics-and-procedures
@BlueRedTeam
Recent techniques, tactics and procedures
https://research.nccgroup.com/2022/04/28/lapsus-recent-techniques-tactics-and-procedures
@BlueRedTeam
Nccgroup
Cyber Security Research
Cutting-edge cyber security research from NCC Group. Find public reports, technical advisories, analyses, & other novel insights from our global experts.
#Red_Team
+Pwning a Server using Markdown: Escalating a bug in a vulnerable markdown parser to exploit LFI and get RCE
https://blog.dixitaditya.com/pwning-a-server-using-markdown
+ Wormable Cross-Site Scripting Vulnerability affecting Rarible’s NFT Marketplace
https://palisade.consulting/blog/rarible-vulnerability
@BlueRedTeam
+Pwning a Server using Markdown: Escalating a bug in a vulnerable markdown parser to exploit LFI and get RCE
https://blog.dixitaditya.com/pwning-a-server-using-markdown
+ Wormable Cross-Site Scripting Vulnerability affecting Rarible’s NFT Marketplace
https://palisade.consulting/blog/rarible-vulnerability
@BlueRedTeam
All Things Security
Pwning a Server using Markdown
Escalating a bug in a vulnerable markdown parser to exploit LFI and get RCE
👍1
#Blue_Team
AppArmor Basics for Sysadmins
https://tbhaxor.com/apparmor-basics-for-sysadmins
@BlueRedTeam
AppArmor Basics for Sysadmins
https://tbhaxor.com/apparmor-basics-for-sysadmins
@BlueRedTeam
tbhaxor's Blog
AppArmor Basics for Sysadmins
AppArmor is a very old kernel-level program resource confining technology that can be used to enforce the access controls and log the violations for further incident response. In this series get a detailed walkthrough on getting familiar with AppArmor
#Red_Team
Cybersecurity blog. Red Team, pentest, malware analysis and dev
https://github.com/Johnrhume/...Redivivus-Inc.
@BlueRedTeam
Cybersecurity blog. Red Team, pentest, malware analysis and dev
https://github.com/Johnrhume/...Redivivus-Inc.
@BlueRedTeam
#Red_Team
Tools for Active Directory Red Teaming (outdated)
https://github.com/michaelyamout/ad-red-team
@BlueRedTeam
Tools for Active Directory Red Teaming (outdated)
https://github.com/michaelyamout/ad-red-team
@BlueRedTeam
GitHub
GitHub - michaelyamout/ad-red-team: Tools for Active Directory Red Teaming (outdated)
Tools for Active Directory Red Teaming (outdated). Contribute to michaelyamout/ad-red-team development by creating an account on GitHub.
#Red_Team
Breakout from the Seccomp Unconfined Container
https://tbhaxor.com/breakout-from-seccomp-confined-container
@BlueRedTeam
Breakout from the Seccomp Unconfined Container
https://tbhaxor.com/breakout-from-seccomp-confined-container
@BlueRedTeam
#Blue_Team
+ Open Source Package Analysis
https://github.com/ossf/package-analysis
+ Detecting VSTO Office Files with ExifTool
https://isc.sans.edu/forums/diary/Detecting+VSTO+Office+Files+With+ExifTool/28604
@BlueRedTeam
+ Open Source Package Analysis
https://github.com/ossf/package-analysis
+ Detecting VSTO Office Files with ExifTool
https://isc.sans.edu/forums/diary/Detecting+VSTO+Office+Files+With+ExifTool/28604
@BlueRedTeam
GitHub
GitHub - ossf/package-analysis: Open Source Package Analysis
Open Source Package Analysis. Contribute to ossf/package-analysis development by creating an account on GitHub.
#Red_Team
Red Team vs. Blue Team scenario in which you play the role of both pentester and SOC analyst.
https://github.com/simysingh/RedTeam-vs-BlueTeam
@BlueRedTeam
Red Team vs. Blue Team scenario in which you play the role of both pentester and SOC analyst.
https://github.com/simysingh/RedTeam-vs-BlueTeam
@BlueRedTeam
GitHub
GitHub - simysingh/RedTeam-vs-BlueTeam: Red Team vs. Blue Team scenario in which you play the role of both pentester and SOC analyst.
Red Team vs. Blue Team scenario in which you play the role of both pentester and SOC analyst. - simysingh/RedTeam-vs-BlueTeam
#Red_Team
+ OSripper - AV evading OSX Backdoor and Crypter Framework
https://github.com/SubGlitch1/OSRipper
+ GatewayBleeding - Tools for attacks on FHRP domains
https://github.com/necreas1ng/GatewayBleeding
@BlueRedTeam
+ OSripper - AV evading OSX Backdoor and Crypter Framework
https://github.com/SubGlitch1/OSRipper
+ GatewayBleeding - Tools for attacks on FHRP domains
https://github.com/necreas1ng/GatewayBleeding
@BlueRedTeam
GitHub
GitHub - NoahOksuz/OSRipper: AV evading cross platform Backdoor and Crypter Framework with a integrated lightweight webUI
AV evading cross platform Backdoor and Crypter Framework with a integrated lightweight webUI - NoahOksuz/OSRipper
#Red_Team
BloodHound Inner Workings & Limitations: User Rights Enumeration Through SAMR & GPOLocalGroup
https://blog.compass-security.com/2022/05/bloodhound-inner-workings-part-1
@BlueRedTeam
BloodHound Inner Workings & Limitations: User Rights Enumeration Through SAMR & GPOLocalGroup
https://blog.compass-security.com/2022/05/bloodhound-inner-workings-part-1
@BlueRedTeam
#Blue_Team
Scheduled Task Tampering
https://labs.f-secure.com/blog/scheduled-task-tampering
@BlueRedTeam
Scheduled Task Tampering
https://labs.f-secure.com/blog/scheduled-task-tampering
@BlueRedTeam
#exploit
+ CVE-2022-1388:
BIG-IP F5 iControl REST vulnerability
https://github.com/numanturle/CVE-2022-1388
+ CVE-2022-1040:
Auth bypass and RCE in webmin portal of Sophos Firewall
https://github.com/cve-hunter/CVE-2022-1040-sophos-rce
@BlueRedTeam
+ CVE-2022-1388:
BIG-IP F5 iControl REST vulnerability
https://github.com/numanturle/CVE-2022-1388
+ CVE-2022-1040:
Auth bypass and RCE in webmin portal of Sophos Firewall
https://github.com/cve-hunter/CVE-2022-1040-sophos-rce
@BlueRedTeam
GitHub
GitHub - numanturle/CVE-2022-1388: K23605346: BIG-IP iControl REST vulnerability CVE-2022-1388
K23605346: BIG-IP iControl REST vulnerability CVE-2022-1388 - numanturle/CVE-2022-1388
#exploit
Hacking a Bank by Finding a 0day in DotCMS
https://blog.assetnote.io/2022/05/03/hacking-a-bank-using-dotcms-rce
@BlueRedTeam
Hacking a Bank by Finding a 0day in DotCMS
https://blog.assetnote.io/2022/05/03/hacking-a-bank-using-dotcms-rce
@BlueRedTeam
#tools
#Red_Team
+ AD CS: weaponizing the ESC7 attack
https://www.tarlogic.com/blog/ad-cs-esc7-attack
+ An other No-Fix LPE, NTLMRelay2Self over HTTP (Webdav)
https://github.com/med0x2e/NTLMRelay2Self
+ Tools for performing attacks on EIGRP domains
https://github.com/necreas1ng/EIGRPWN
@BlueRedTeam
#Red_Team
+ AD CS: weaponizing the ESC7 attack
https://www.tarlogic.com/blog/ad-cs-esc7-attack
+ An other No-Fix LPE, NTLMRelay2Self over HTTP (Webdav)
https://github.com/med0x2e/NTLMRelay2Self
+ Tools for performing attacks on EIGRP domains
https://github.com/necreas1ng/EIGRPWN
@BlueRedTeam
Tarlogic Security
AD CS: weaponizing the ESC7 attack
Research and tooling development around the ESC7 attack at Active Directory Certificate Services (AD CS) for Red Team operations