#CVE-2022
CVE-2022-26809 is a vulnerability in Remote Procedure Call Runtime
https://github.com/ExploitPwner/CVE-2022-26809-RCE-POC
@BlueRedTeam
CVE-2022-26809 is a vulnerability in Remote Procedure Call Runtime
https://github.com/ExploitPwner/CVE-2022-26809-RCE-POC
@BlueRedTeam
#Red_Team
+ Abusing HTTP hop-by-hop request headers
https://nathandavison.com/blog/abusing-http-hop-by-hop-request-headers
+ A collection of GCP IAM privilege escalation methods
https://github.com/RhinoSecurityLabs/GCP-IAM-Privilege-Escalation
@BlueRedTeam
+ Abusing HTTP hop-by-hop request headers
https://nathandavison.com/blog/abusing-http-hop-by-hop-request-headers
+ A collection of GCP IAM privilege escalation methods
https://github.com/RhinoSecurityLabs/GCP-IAM-Privilege-Escalation
@BlueRedTeam
GitHub
GitHub - RhinoSecurityLabs/GCP-IAM-Privilege-Escalation: A collection of GCP IAM privilege escalation methods documented by the…
A collection of GCP IAM privilege escalation methods documented by the Rhino Security Labs team. - RhinoSecurityLabs/GCP-IAM-Privilege-Escalation
#CVE-2022
[Reserved For CVE-2022-29554]
https://github.com/ComparedArray/printix-CVE-2022-29554
@BlueRedTeam
[Reserved For CVE-2022-29554]
https://github.com/ComparedArray/printix-CVE-2022-29554
@BlueRedTeam
GitHub
GitHub - ComparedArray/printix-CVE-2022-29554: A "Mishandling of Input to API" or "Exposed Dangerous Method or Function" vulnerability…
A "Mishandling of Input to API" or "Exposed Dangerous Method or Function" vulnerability in PrintixService.exe, in Kofax Printix's "Printix Secur...
#CVE-2022
BIG-IP iCONTROL REST AUTH BYPASS RCE POC CVE-2022-1388
https://github.com/TomArni680/CVE-2022-1388-POC
@BlueRedTeam
BIG-IP iCONTROL REST AUTH BYPASS RCE POC CVE-2022-1388
https://github.com/TomArni680/CVE-2022-1388-POC
@BlueRedTeam
#CVE-2022
A Test API for testing the POC against CVE-2022-1388
https://github.com/bandit92/CVE2022-1388_TestAPI
@BlueRedTeam
A Test API for testing the POC against CVE-2022-1388
https://github.com/bandit92/CVE2022-1388_TestAPI
@BlueRedTeam
GitHub
GitHub - bandit92/CVE2022-1388_TestAPI: A Test API for testing the POC against CVE-2022-1388
A Test API for testing the POC against CVE-2022-1388 - bandit92/CVE2022-1388_TestAPI
#Red_Team
Red Teaming and Penetration Testing Checklist, Cheatsheet, Clicknoscript
https://github.com/ibr0wse/RedTeam-PenTest-Cheatsheet-Checklist
@BlueRedTeam
Red Teaming and Penetration Testing Checklist, Cheatsheet, Clicknoscript
https://github.com/ibr0wse/RedTeam-PenTest-Cheatsheet-Checklist
@BlueRedTeam
GitHub
GitHub - ibr0wse/RedTeam-PenTest-Cheatsheet-Checklist: Red Teaming and Penetration Testing Checklist, Cheatsheet, Clicknoscript
Red Teaming and Penetration Testing Checklist, Cheatsheet, Clicknoscript - ibr0wse/RedTeam-PenTest-Cheatsheet-Checklist
#webshell
Automatically create user email (SMTP / WEBMAIL) on webshell
https://github.com/biulove0x/CreateEmail-SMTP-WEBMAIL
@BlueRedTeam
Automatically create user email (SMTP / WEBMAIL) on webshell
https://github.com/biulove0x/CreateEmail-SMTP-WEBMAIL
@BlueRedTeam
👍1
#Red_Team
+ Exploiting IRCTC along with few other government domains through XXE
https://systemweakness.com/exploiting-irctc-along-with-few-other-government-domains-through-xxe-cd7a9ff698
+ ServiceMove-BOF:
Lateral movement technique by abusing Windows Perception Simulation Service
https://github.com/netero1010/ServiceMove-BOF
+ Protected Process Light (PPL) Attack
https://paper.seebug.org/1892/
@BlueRedTeam
+ Exploiting IRCTC along with few other government domains through XXE
https://systemweakness.com/exploiting-irctc-along-with-few-other-government-domains-through-xxe-cd7a9ff698
+ ServiceMove-BOF:
Lateral movement technique by abusing Windows Perception Simulation Service
https://github.com/netero1010/ServiceMove-BOF
+ Protected Process Light (PPL) Attack
https://paper.seebug.org/1892/
@BlueRedTeam
Medium
Exploiting IRCTC along with few other government domains through XXE
In this blog, I would be giving an Insight about XXE(XML External Entity) injection and a practical attack case study where I did…
#Blue_Team
Prioritizing ATT&CK Techniques
https://medium.com/mitre-engenuity/where-to-begin-prioritizing-att-ck-techniques-c535b50983f4
]-> Top ATT&CK Techniques - calculator:
https://top-attack-techniques.mitre-engenuity.org
]-> Methodology:
https://top-attack-techniques.mitre-engenuity.org/methodology
@BlueRedTeam
Prioritizing ATT&CK Techniques
https://medium.com/mitre-engenuity/where-to-begin-prioritizing-att-ck-techniques-c535b50983f4
]-> Top ATT&CK Techniques - calculator:
https://top-attack-techniques.mitre-engenuity.org
]-> Methodology:
https://top-attack-techniques.mitre-engenuity.org/methodology
@BlueRedTeam
Medium
Where to begin? Prioritizing ATT&CK Techniques
Written by Mike Cunningham, Alexia Crumpton, Jon Baker, and Ingrid Skoog.
#Red_Team
I worked on a Red Team vs. Blue Team scenario in which I played the role of both penetration tester and SOC analyst.
https://github.com/Johnrhume/Redivivus-Inc.-e
@BlueRedTeam
I worked on a Red Team vs. Blue Team scenario in which I played the role of both penetration tester and SOC analyst.
https://github.com/Johnrhume/Redivivus-Inc.-e
@BlueRedTeam
#Red_Team
C2X-HTTP - C2/Post-Exploitation Tool For Red Teaming and Ethical Hacking [on HTTP(S)]
https://github.com/739156041qqx/nxenon7
@BlueRedTeam
C2X-HTTP - C2/Post-Exploitation Tool For Red Teaming and Ethical Hacking [on HTTP(S)]
https://github.com/739156041qqx/nxenon7
@BlueRedTeam
#Blue_Team
Evicting the Adversary:
Guidance to kick out an active attacker in your environment
https://www.huntress.com/blog/evicting-the-adversary
@BlueRedTeam
Evicting the Adversary:
Guidance to kick out an active attacker in your environment
https://www.huntress.com/blog/evicting-the-adversary
@BlueRedTeam
Huntress
Evicting the Adversary | Huntress
This blog shows how to catch an adversary moving from machine to machine, how to terminate this movement and how to evict the adversary from your network.
#Red_Team
Anti-Reverse engineering-Framework written in Rust, to support Red Team Operators into evading detection.
https://github.com/ThottySploity/invyria
@BlueRedTeam
Anti-Reverse engineering-Framework written in Rust, to support Red Team Operators into evading detection.
https://github.com/ThottySploity/invyria
@BlueRedTeam
#Blue_Team
+ Detecting Active Directory Kerberos Attacks
https://www.splunk.com/en_us/blog/security/detecting-active-directory-kerberos-attacks-threat-research-release-march-2022.html
+ Generate Advanced YARA Rules Based on Code Reuse
https://www.intezer.com/blog/threat-hunting/yara-rules-minimize-false-positives
@BlueRedTeam
+ Detecting Active Directory Kerberos Attacks
https://www.splunk.com/en_us/blog/security/detecting-active-directory-kerberos-attacks-threat-research-release-march-2022.html
+ Generate Advanced YARA Rules Based on Code Reuse
https://www.intezer.com/blog/threat-hunting/yara-rules-minimize-false-positives
@BlueRedTeam
Splunk
Detecting Active Directory Kerberos Attacks: Threat Research Release, March 2022 | Splunk
Learn more about the Splunk Threat Research Team's new analytic story to help SOC analysts detect adversaries abusing the Kerberos protocol to attack Windows Active Directory environments
#Red_Team
A Detailed Guide on Rubeus
https://www.hackingarticles.in/a-detailed-guide-on-rubeus
]-> C# toolset for raw Kerberos interaction and abuses:
https://github.com/GhostPack/Rubeus
@BlueRedTeam
A Detailed Guide on Rubeus
https://www.hackingarticles.in/a-detailed-guide-on-rubeus
]-> C# toolset for raw Kerberos interaction and abuses:
https://github.com/GhostPack/Rubeus
@BlueRedTeam
Hacking Articles
A Detailed Guide on Rubeus
Discover Rubeus, a C# toolkit for Kerberos interaction and abuse, and its various uses in Active Directory attacks in this Guide
#Red_Team
List of tools that are commonly used in the field for Physical Security, Red Teaming, and Tactical Covert Entry.
https://github.com/0xOverflow/RedTeam-Physical-Tools
@BlueRedTeam
List of tools that are commonly used in the field for Physical Security, Red Teaming, and Tactical Covert Entry.
https://github.com/0xOverflow/RedTeam-Physical-Tools
@BlueRedTeam
GitHub
GitHub - DavidProbinsky/RedTeam-Physical-Tools: Red Team Toolkit - A curated list of tools that are commonly used in the field…
Red Team Toolkit - A curated list of tools that are commonly used in the field for Physical Security, Red Teaming, and Tactical Covert Entry. - DavidProbinsky/RedTeam-Physical-Tools
🔥2👍1
#Blue_Team
Set of EVTX samples mapped to MITRE ATT&CK tactic and techniques to measure your SIEM coverage or developed new use cases
https://github.com/mdecrevoisier/EVTX-to-MITRE-Attack
@BlueRedTeam
Set of EVTX samples mapped to MITRE ATT&CK tactic and techniques to measure your SIEM coverage or developed new use cases
https://github.com/mdecrevoisier/EVTX-to-MITRE-Attack
@BlueRedTeam
GitHub
GitHub - mdecrevoisier/EVTX-to-MITRE-Attack: Set of EVTX samples (>270) mapped to MITRE ATT&CK tactic and techniques to measure…
Set of EVTX samples (>270) mapped to MITRE ATT&CK tactic and techniques to measure your SIEM coverage or developed new use cases. - mdecrevoisier/EVTX-to-MITRE-Attack
🔥3❤2👍1