#Red_Team
Anti-Reverse engineering-Framework written in Rust, to support Red Team Operators into evading detection.
https://github.com/ThottySploity/invyria
@BlueRedTeam
Anti-Reverse engineering-Framework written in Rust, to support Red Team Operators into evading detection.
https://github.com/ThottySploity/invyria
@BlueRedTeam
#Blue_Team
+ Detecting Active Directory Kerberos Attacks
https://www.splunk.com/en_us/blog/security/detecting-active-directory-kerberos-attacks-threat-research-release-march-2022.html
+ Generate Advanced YARA Rules Based on Code Reuse
https://www.intezer.com/blog/threat-hunting/yara-rules-minimize-false-positives
@BlueRedTeam
+ Detecting Active Directory Kerberos Attacks
https://www.splunk.com/en_us/blog/security/detecting-active-directory-kerberos-attacks-threat-research-release-march-2022.html
+ Generate Advanced YARA Rules Based on Code Reuse
https://www.intezer.com/blog/threat-hunting/yara-rules-minimize-false-positives
@BlueRedTeam
Splunk
Detecting Active Directory Kerberos Attacks: Threat Research Release, March 2022 | Splunk
Learn more about the Splunk Threat Research Team's new analytic story to help SOC analysts detect adversaries abusing the Kerberos protocol to attack Windows Active Directory environments
#Red_Team
A Detailed Guide on Rubeus
https://www.hackingarticles.in/a-detailed-guide-on-rubeus
]-> C# toolset for raw Kerberos interaction and abuses:
https://github.com/GhostPack/Rubeus
@BlueRedTeam
A Detailed Guide on Rubeus
https://www.hackingarticles.in/a-detailed-guide-on-rubeus
]-> C# toolset for raw Kerberos interaction and abuses:
https://github.com/GhostPack/Rubeus
@BlueRedTeam
Hacking Articles
A Detailed Guide on Rubeus
Discover Rubeus, a C# toolkit for Kerberos interaction and abuse, and its various uses in Active Directory attacks in this Guide
#Red_Team
List of tools that are commonly used in the field for Physical Security, Red Teaming, and Tactical Covert Entry.
https://github.com/0xOverflow/RedTeam-Physical-Tools
@BlueRedTeam
List of tools that are commonly used in the field for Physical Security, Red Teaming, and Tactical Covert Entry.
https://github.com/0xOverflow/RedTeam-Physical-Tools
@BlueRedTeam
GitHub
GitHub - DavidProbinsky/RedTeam-Physical-Tools: Red Team Toolkit - A curated list of tools that are commonly used in the field…
Red Team Toolkit - A curated list of tools that are commonly used in the field for Physical Security, Red Teaming, and Tactical Covert Entry. - DavidProbinsky/RedTeam-Physical-Tools
🔥2👍1
#Blue_Team
Set of EVTX samples mapped to MITRE ATT&CK tactic and techniques to measure your SIEM coverage or developed new use cases
https://github.com/mdecrevoisier/EVTX-to-MITRE-Attack
@BlueRedTeam
Set of EVTX samples mapped to MITRE ATT&CK tactic and techniques to measure your SIEM coverage or developed new use cases
https://github.com/mdecrevoisier/EVTX-to-MITRE-Attack
@BlueRedTeam
GitHub
GitHub - mdecrevoisier/EVTX-to-MITRE-Attack: Set of EVTX samples (>270) mapped to MITRE ATT&CK tactic and techniques to measure…
Set of EVTX samples (>270) mapped to MITRE ATT&CK tactic and techniques to measure your SIEM coverage or developed new use cases. - mdecrevoisier/EVTX-to-MITRE-Attack
🔥3❤2👍1
#Red_Team
+ Bypassing OpenSSH MaxAuthTries
https://www.whiteoaksecurity.com/blog/bypassing-openssh-maxauthtries
+ Exploitation of an SSRF vulnerability against EC2 IMDSv2
https://www.yassineaboukir.com/blog/exploitation-of-an-SSRF-vulnerability-against-EC2-IMDSv2
@BlueRedTeam
+ Bypassing OpenSSH MaxAuthTries
https://www.whiteoaksecurity.com/blog/bypassing-openssh-maxauthtries
+ Exploitation of an SSRF vulnerability against EC2 IMDSv2
https://www.yassineaboukir.com/blog/exploitation-of-an-SSRF-vulnerability-against-EC2-IMDSv2
@BlueRedTeam
Cyberadvisors
Cyber Advisors - Your Cyber Security Partner
Cyber Advisors provides customizable cybersecurity solutions & services. We help deliver, implement, manage, monitor, test defenses, & strengthen systems.
#Blue_Team
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software
https://github.com/github/advisory-database
@BlueRedTeam
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software
https://github.com/github/advisory-database
@BlueRedTeam
GitHub
GitHub - github/advisory-database: Security vulnerability database inclusive of CVEs and GitHub originated security advisories…
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software. - github/advisory-database
#exploit
Exploiting a Use-After-Free for code execution in every version of Python 3
https://pwn.win/2022/05/11/python-buffered-reader.html
PoC :
https://github.com/kn32/python-buffered-reader-exploit
@BlueRedTeam
Exploiting a Use-After-Free for code execution in every version of Python 3
https://pwn.win/2022/05/11/python-buffered-reader.html
PoC :
https://github.com/kn32/python-buffered-reader-exploit
@BlueRedTeam
pwn.win
Exploiting a Use-After-Free for code execution in every version of Python 3
A while ago I was browsing the Python bug tracker, and I stumbled upon this bug - “memoryview to freed memory can cause segfault”. It was created in 2012, originally present in Python 2.7, but remains open to this day, 10 years later. This piqued my interest…
#Blue_Team
+ Zyxel RCE (CVE-2022-30525):
]-> Initial Detect
https://gist.github.com/z3r0-0t/a3bd4c0015458b018308cca3360a7e24
]-> Detects CVE-2022-30525 probing or exploitation attempts
https://github.com/xFFninja/threat_hunting/blob/main/web/cve-2022-30525.yaml
+ Script to Help You Find All Files Has Been Modified In A Range Time
https://github.com/3gbCyber/IR-Last-Write-Time
@BlueRedTeam
+ Zyxel RCE (CVE-2022-30525):
]-> Initial Detect
https://gist.github.com/z3r0-0t/a3bd4c0015458b018308cca3360a7e24
]-> Detects CVE-2022-30525 probing or exploitation attempts
https://github.com/xFFninja/threat_hunting/blob/main/web/cve-2022-30525.yaml
+ Script to Help You Find All Files Has Been Modified In A Range Time
https://github.com/3gbCyber/IR-Last-Write-Time
@BlueRedTeam
Gist
CVE-2022-30525-initial-detect.yaml
GitHub Gist: instantly share code, notes, and snippets.
🔥3
#tools
#Red_Team
+ Windows Kernel Driver in Rust aka Rusty Rootkit for Red Teamers
https://github.com/memN0ps/eagle-rs
+ HackSys Extreme Vulnerable Driver 3 - Stack Overflow + SMEP Bypass
https://linxz.tech/post/hevd/2022-05-14-hevd3-stackbufferoverflow
@BlueRedTeam
#Red_Team
+ Windows Kernel Driver in Rust aka Rusty Rootkit for Red Teamers
https://github.com/memN0ps/eagle-rs
+ HackSys Extreme Vulnerable Driver 3 - Stack Overflow + SMEP Bypass
https://linxz.tech/post/hevd/2022-05-14-hevd3-stackbufferoverflow
@BlueRedTeam
GitHub
GitHub - memN0ps/eagle-rs: Rusty Rootkit - Windows Kernel Rookit in Rust (Codename: Eagle)
Rusty Rootkit - Windows Kernel Rookit in Rust (Codename: Eagle) - memN0ps/eagle-rs
👍1
#CVE-2022
Detects attempts and successful exploitation of CVE-2022-26809
https://github.com/corelight/cve-2022-26809
@BlueRedTeam
Detects attempts and successful exploitation of CVE-2022-26809
https://github.com/corelight/cve-2022-26809
@BlueRedTeam
GitHub
GitHub - corelight/cve-2022-26809: Detects attempts and successful exploitation of CVE-2022-26809
Detects attempts and successful exploitation of CVE-2022-26809 - corelight/cve-2022-26809
#Red_Team
Rapid Deployment Infrastructure for Red Teaming and Penetration Testing
https://github.com/Adastra-thw/KrakenRdi
@BlueRedTeam
Rapid Deployment Infrastructure for Red Teaming and Penetration Testing
https://github.com/Adastra-thw/KrakenRdi
@BlueRedTeam
GitHub
GitHub - Adastra-thw/KrakenRdi: Rapid Deployment Infrastructure for Red Teaming and Penetration Testing
Rapid Deployment Infrastructure for Red Teaming and Penetration Testing - Adastra-thw/KrakenRdi
#Red_Team
+ Bypassing WAF to Weaponize a Stored XSS
https://infosecwriteups.com/bypassing-waf-to-weaponize-a-stored-xss-ff9963c421ee
+ Windows Kernel Driver in Rust/
Rusty Rootkit for Red Teamers
https://github.com/memN0ps/eagle-rs
@BlueRedTeam
+ Bypassing WAF to Weaponize a Stored XSS
https://infosecwriteups.com/bypassing-waf-to-weaponize-a-stored-xss-ff9963c421ee
+ Windows Kernel Driver in Rust/
Rusty Rootkit for Red Teamers
https://github.com/memN0ps/eagle-rs
@BlueRedTeam
Medium
Bypassing WAF to Weaponize a Stored XSS
While testing a bug bounty program, I’ve noticed my <u>html injection</u> payload worked while spraying it to every field that is reflected…
#tools
#Blue_Team
Malcolm - network traffic analysis tool suite for full packet capture artifacts (PCAP files) and Zeek logs
https://github.com/idaholab/Malcolm
@BlueRedTeam
#Blue_Team
Malcolm - network traffic analysis tool suite for full packet capture artifacts (PCAP files) and Zeek logs
https://github.com/idaholab/Malcolm
@BlueRedTeam
GitHub
GitHub - idaholab/Malcolm: Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture…
Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs and Suricata alerts. - idaholab/Malcolm
#Red_Team
+ Hacking Swagger-UI - from XSS to account takeovers
https://www.vidocsecurity.com/blog/hacking-swagger-ui-from-xss-to-account-takeovers
+ Stealing Google Drive OAuth tokens from Dropbox
https://blog.stazot.com/stealing-google-drive-oauth-tokens-from-dropbox
@BlueRedTeam
+ Hacking Swagger-UI - from XSS to account takeovers
https://www.vidocsecurity.com/blog/hacking-swagger-ui-from-xss-to-account-takeovers
+ Stealing Google Drive OAuth tokens from Dropbox
https://blog.stazot.com/stealing-google-drive-oauth-tokens-from-dropbox
@BlueRedTeam
Vidoc Security Lab
Hacking Swagger-UI - from XSS to account takeovers
We have reported more than 60 instances of this bug across a wide range of bug bounty programs including companies like Paypal, Atlassian, Microsoft, GitLab, Yahoo, ...
#Red_Team
Red Team vs. Blue Team (Pen-Testing) Project for the UT Austin cybersecurity bootcamp.
https://github.com/juliannatetreault/RedTeam-vs-BlueTeam-Project
@BlueRedTeam
Red Team vs. Blue Team (Pen-Testing) Project for the UT Austin cybersecurity bootcamp.
https://github.com/juliannatetreault/RedTeam-vs-BlueTeam-Project
@BlueRedTeam
GitHub
GitHub - juliannatetreault/RedTeam-vs-BlueTeam-Project: Red Team vs. Blue Team (Pen-Testing) Project for the UT Austin cybersecurity…
Red Team vs. Blue Team (Pen-Testing) Project for the UT Austin cybersecurity bootcamp. - juliannatetreault/RedTeam-vs-BlueTeam-Project
👍3
#Red_Team
Venom is a collaborative C2 framework used by Red Team operators. providing an interactive Web GUI written in Python and PowerShell.
https://github.com/J0LGER/Venom
@BlueRedTeam
Venom is a collaborative C2 framework used by Red Team operators. providing an interactive Web GUI written in Python and PowerShell.
https://github.com/J0LGER/Venom
@BlueRedTeam
GitHub
GitHub - J0LGER/Venom: Venom is a collaborative C2 framework used by Red Team operators. providing an interactive Web GUI written…
Venom is a collaborative C2 framework used by Red Team operators. providing an interactive Web GUI written in Python and PowerShell. - J0LGER/Venom