#tools
#Red_Team
MalSCCM - tool allows you to abuse local/remote SCCM servers to deploy malicious applications to hosts they manage
https://github.com/nettitude/MalSCCM
]-> https://labs.nettitude.com/blog/introducing-malsccm
@BlueRedTeam
#Red_Team
MalSCCM - tool allows you to abuse local/remote SCCM servers to deploy malicious applications to hosts they manage
https://github.com/nettitude/MalSCCM
]-> https://labs.nettitude.com/blog/introducing-malsccm
@BlueRedTeam
GitHub
GitHub - nettitude/MalSCCM
Contribute to nettitude/MalSCCM development by creating an account on GitHub.
Scheduled Task Tampering
In this post we will explore two approaches that can be used to achieve the same result: create or modify a scheduled task and execute it, without generating the relevant telemetry. First, we will explore how direct registry manipulation could be used to create or modify tasks and how this did not generate the usual entries in the eventlog. Finally, an alternative route based on tampering with the Task Scheduler ETW will be presented that will completely suppress most of logging related to the Task Scheduler.
https://labs.f-secure.com/blog/scheduled-task-tampering/
@BlueRedTeam
In this post we will explore two approaches that can be used to achieve the same result: create or modify a scheduled task and execute it, without generating the relevant telemetry. First, we will explore how direct registry manipulation could be used to create or modify tasks and how this did not generate the usual entries in the eventlog. Finally, an alternative route based on tampering with the Task Scheduler ETW will be presented that will completely suppress most of logging related to the Task Scheduler.
https://labs.f-secure.com/blog/scheduled-task-tampering/
@BlueRedTeam
#CVE-2022
PoC for CVE-2022-1388_F5_BIG-IP
https://github.com/sherlocksecurity/CVE-2022-1388_F5_BIG-IP
@BlueRedTeam
PoC for CVE-2022-1388_F5_BIG-IP
https://github.com/sherlocksecurity/CVE-2022-1388_F5_BIG-IP
@BlueRedTeam
GitHub
GitHub - sherlocksecurity/CVE-2022-1388-Exploit-POC: PoC for CVE-2022-1388_F5_BIG-IP
PoC for CVE-2022-1388_F5_BIG-IP. Contribute to sherlocksecurity/CVE-2022-1388-Exploit-POC development by creating an account on GitHub.
👍1
#CVE-2022
K23605346: BIG-IP iControl REST vulnerability CVE-2022-1388
https://github.com/numanturle/CVE-2022-1388
@BlueRedTeam
K23605346: BIG-IP iControl REST vulnerability CVE-2022-1388
https://github.com/numanturle/CVE-2022-1388
@BlueRedTeam
GitHub
GitHub - numanturle/CVE-2022-1388: K23605346: BIG-IP iControl REST vulnerability CVE-2022-1388
K23605346: BIG-IP iControl REST vulnerability CVE-2022-1388 - numanturle/CVE-2022-1388
👍1
#CVE-2022
PoC for CVE-2022-1388_F5_BIG-IP
https://github.com/sherlocksecurity/CVE-2022-1388_F5_BIG-IP_RCE
@BlueRedTeam
PoC for CVE-2022-1388_F5_BIG-IP
https://github.com/sherlocksecurity/CVE-2022-1388_F5_BIG-IP_RCE
@BlueRedTeam
GitHub
GitHub - sherlocksecurity/CVE-2022-1388-Exploit-POC: PoC for CVE-2022-1388_F5_BIG-IP
PoC for CVE-2022-1388_F5_BIG-IP. Contribute to sherlocksecurity/CVE-2022-1388-Exploit-POC development by creating an account on GitHub.
#CVE-2022
CVE-2022-1388 F5 Big IP unauth remote code execution
https://github.com/Vulnmachines/F5-Big-IP-CVE-2022-1388
@BlueRedTeam
CVE-2022-1388 F5 Big IP unauth remote code execution
https://github.com/Vulnmachines/F5-Big-IP-CVE-2022-1388
@BlueRedTeam
GitHub
GitHub - Vulnmachines/F5-Big-IP-CVE-2022-1388: CVE-2022-1388 F5 Big IP unauth remote code execution
CVE-2022-1388 F5 Big IP unauth remote code execution - Vulnmachines/F5-Big-IP-CVE-2022-1388
#Cobalt_Strike
pyCobaltHound is an Aggressor noscript extension for Cobalt Strike which aims to provide a deep integration between Cobalt Strike and Bloodhound.
https://github.com/NVISOsecurity/pyCobaltHound
@BlueRedTeam
pyCobaltHound is an Aggressor noscript extension for Cobalt Strike which aims to provide a deep integration between Cobalt Strike and Bloodhound.
https://github.com/NVISOsecurity/pyCobaltHound
@BlueRedTeam
GitHub
GitHub - NVISOsecurity/pyCobaltHound: pyCobaltHound is an Aggressor noscript extension for Cobalt Strike which aims to provide a…
pyCobaltHound is an Aggressor noscript extension for Cobalt Strike which aims to provide a deep integration between Cobalt Strike and Bloodhound. - GitHub - NVISOsecurity/pyCobaltHound: pyCobaltHoun...
❤6
#Cobalt_Strike
ShellCode Loader for MSF and Cobalt Strike
https://github.com/LDrakura/ShellCodeLoader
@BlueRedTeam
ShellCode Loader for MSF and Cobalt Strike
https://github.com/LDrakura/ShellCodeLoader
@BlueRedTeam
GitHub
GitHub - LDrakura/ShellCodeLoader: ShellCode Loader for MSF and Cobalt Strike
ShellCode Loader for MSF and Cobalt Strike. Contribute to LDrakura/ShellCodeLoader development by creating an account on GitHub.
#CVE-2022
F5 BIG-IP RCE exploitation (CVE-2022-1388)
https://github.com/alt3kx/CVE-2022-1388_PoC
@BlueRedTeam
F5 BIG-IP RCE exploitation (CVE-2022-1388)
https://github.com/alt3kx/CVE-2022-1388_PoC
@BlueRedTeam
GitHub
GitHub - alt3kx/CVE-2022-1388_PoC: F5 BIG-IP RCE exploitation (CVE-2022-1388)
F5 BIG-IP RCE exploitation (CVE-2022-1388). Contribute to alt3kx/CVE-2022-1388_PoC development by creating an account on GitHub.
#CVE-2022
CVE-2022-26809 is a vulnerability in Remote Procedure Call Runtime
https://github.com/ExploitPwner/CVE-2022-26809-RCE-POC
@BlueRedTeam
CVE-2022-26809 is a vulnerability in Remote Procedure Call Runtime
https://github.com/ExploitPwner/CVE-2022-26809-RCE-POC
@BlueRedTeam
#Red_Team
+ Abusing HTTP hop-by-hop request headers
https://nathandavison.com/blog/abusing-http-hop-by-hop-request-headers
+ A collection of GCP IAM privilege escalation methods
https://github.com/RhinoSecurityLabs/GCP-IAM-Privilege-Escalation
@BlueRedTeam
+ Abusing HTTP hop-by-hop request headers
https://nathandavison.com/blog/abusing-http-hop-by-hop-request-headers
+ A collection of GCP IAM privilege escalation methods
https://github.com/RhinoSecurityLabs/GCP-IAM-Privilege-Escalation
@BlueRedTeam
GitHub
GitHub - RhinoSecurityLabs/GCP-IAM-Privilege-Escalation: A collection of GCP IAM privilege escalation methods documented by the…
A collection of GCP IAM privilege escalation methods documented by the Rhino Security Labs team. - RhinoSecurityLabs/GCP-IAM-Privilege-Escalation
#CVE-2022
[Reserved For CVE-2022-29554]
https://github.com/ComparedArray/printix-CVE-2022-29554
@BlueRedTeam
[Reserved For CVE-2022-29554]
https://github.com/ComparedArray/printix-CVE-2022-29554
@BlueRedTeam
GitHub
GitHub - ComparedArray/printix-CVE-2022-29554: A "Mishandling of Input to API" or "Exposed Dangerous Method or Function" vulnerability…
A "Mishandling of Input to API" or "Exposed Dangerous Method or Function" vulnerability in PrintixService.exe, in Kofax Printix's "Printix Secur...
#CVE-2022
BIG-IP iCONTROL REST AUTH BYPASS RCE POC CVE-2022-1388
https://github.com/TomArni680/CVE-2022-1388-POC
@BlueRedTeam
BIG-IP iCONTROL REST AUTH BYPASS RCE POC CVE-2022-1388
https://github.com/TomArni680/CVE-2022-1388-POC
@BlueRedTeam
#CVE-2022
A Test API for testing the POC against CVE-2022-1388
https://github.com/bandit92/CVE2022-1388_TestAPI
@BlueRedTeam
A Test API for testing the POC against CVE-2022-1388
https://github.com/bandit92/CVE2022-1388_TestAPI
@BlueRedTeam
GitHub
GitHub - bandit92/CVE2022-1388_TestAPI: A Test API for testing the POC against CVE-2022-1388
A Test API for testing the POC against CVE-2022-1388 - bandit92/CVE2022-1388_TestAPI
#Red_Team
Red Teaming and Penetration Testing Checklist, Cheatsheet, Clicknoscript
https://github.com/ibr0wse/RedTeam-PenTest-Cheatsheet-Checklist
@BlueRedTeam
Red Teaming and Penetration Testing Checklist, Cheatsheet, Clicknoscript
https://github.com/ibr0wse/RedTeam-PenTest-Cheatsheet-Checklist
@BlueRedTeam
GitHub
GitHub - ibr0wse/RedTeam-PenTest-Cheatsheet-Checklist: Red Teaming and Penetration Testing Checklist, Cheatsheet, Clicknoscript
Red Teaming and Penetration Testing Checklist, Cheatsheet, Clicknoscript - ibr0wse/RedTeam-PenTest-Cheatsheet-Checklist