#Red_Team
+ Bypassing OpenSSH MaxAuthTries
https://www.whiteoaksecurity.com/blog/bypassing-openssh-maxauthtries
+ Exploitation of an SSRF vulnerability against EC2 IMDSv2
https://www.yassineaboukir.com/blog/exploitation-of-an-SSRF-vulnerability-against-EC2-IMDSv2
@BlueRedTeam
+ Bypassing OpenSSH MaxAuthTries
https://www.whiteoaksecurity.com/blog/bypassing-openssh-maxauthtries
+ Exploitation of an SSRF vulnerability against EC2 IMDSv2
https://www.yassineaboukir.com/blog/exploitation-of-an-SSRF-vulnerability-against-EC2-IMDSv2
@BlueRedTeam
Cyberadvisors
Cyber Advisors - Your Cyber Security Partner
Cyber Advisors provides customizable cybersecurity solutions & services. We help deliver, implement, manage, monitor, test defenses, & strengthen systems.
#Blue_Team
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software
https://github.com/github/advisory-database
@BlueRedTeam
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software
https://github.com/github/advisory-database
@BlueRedTeam
GitHub
GitHub - github/advisory-database: Security vulnerability database inclusive of CVEs and GitHub originated security advisories…
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software. - github/advisory-database
#exploit
Exploiting a Use-After-Free for code execution in every version of Python 3
https://pwn.win/2022/05/11/python-buffered-reader.html
PoC :
https://github.com/kn32/python-buffered-reader-exploit
@BlueRedTeam
Exploiting a Use-After-Free for code execution in every version of Python 3
https://pwn.win/2022/05/11/python-buffered-reader.html
PoC :
https://github.com/kn32/python-buffered-reader-exploit
@BlueRedTeam
pwn.win
Exploiting a Use-After-Free for code execution in every version of Python 3
A while ago I was browsing the Python bug tracker, and I stumbled upon this bug - “memoryview to freed memory can cause segfault”. It was created in 2012, originally present in Python 2.7, but remains open to this day, 10 years later. This piqued my interest…
#Blue_Team
+ Zyxel RCE (CVE-2022-30525):
]-> Initial Detect
https://gist.github.com/z3r0-0t/a3bd4c0015458b018308cca3360a7e24
]-> Detects CVE-2022-30525 probing or exploitation attempts
https://github.com/xFFninja/threat_hunting/blob/main/web/cve-2022-30525.yaml
+ Script to Help You Find All Files Has Been Modified In A Range Time
https://github.com/3gbCyber/IR-Last-Write-Time
@BlueRedTeam
+ Zyxel RCE (CVE-2022-30525):
]-> Initial Detect
https://gist.github.com/z3r0-0t/a3bd4c0015458b018308cca3360a7e24
]-> Detects CVE-2022-30525 probing or exploitation attempts
https://github.com/xFFninja/threat_hunting/blob/main/web/cve-2022-30525.yaml
+ Script to Help You Find All Files Has Been Modified In A Range Time
https://github.com/3gbCyber/IR-Last-Write-Time
@BlueRedTeam
Gist
CVE-2022-30525-initial-detect.yaml
GitHub Gist: instantly share code, notes, and snippets.
🔥3
#tools
#Red_Team
+ Windows Kernel Driver in Rust aka Rusty Rootkit for Red Teamers
https://github.com/memN0ps/eagle-rs
+ HackSys Extreme Vulnerable Driver 3 - Stack Overflow + SMEP Bypass
https://linxz.tech/post/hevd/2022-05-14-hevd3-stackbufferoverflow
@BlueRedTeam
#Red_Team
+ Windows Kernel Driver in Rust aka Rusty Rootkit for Red Teamers
https://github.com/memN0ps/eagle-rs
+ HackSys Extreme Vulnerable Driver 3 - Stack Overflow + SMEP Bypass
https://linxz.tech/post/hevd/2022-05-14-hevd3-stackbufferoverflow
@BlueRedTeam
GitHub
GitHub - memN0ps/eagle-rs: Rusty Rootkit - Windows Kernel Rookit in Rust (Codename: Eagle)
Rusty Rootkit - Windows Kernel Rookit in Rust (Codename: Eagle) - memN0ps/eagle-rs
👍1
#CVE-2022
Detects attempts and successful exploitation of CVE-2022-26809
https://github.com/corelight/cve-2022-26809
@BlueRedTeam
Detects attempts and successful exploitation of CVE-2022-26809
https://github.com/corelight/cve-2022-26809
@BlueRedTeam
GitHub
GitHub - corelight/cve-2022-26809: Detects attempts and successful exploitation of CVE-2022-26809
Detects attempts and successful exploitation of CVE-2022-26809 - corelight/cve-2022-26809
#Red_Team
Rapid Deployment Infrastructure for Red Teaming and Penetration Testing
https://github.com/Adastra-thw/KrakenRdi
@BlueRedTeam
Rapid Deployment Infrastructure for Red Teaming and Penetration Testing
https://github.com/Adastra-thw/KrakenRdi
@BlueRedTeam
GitHub
GitHub - Adastra-thw/KrakenRdi: Rapid Deployment Infrastructure for Red Teaming and Penetration Testing
Rapid Deployment Infrastructure for Red Teaming and Penetration Testing - Adastra-thw/KrakenRdi
#Red_Team
+ Bypassing WAF to Weaponize a Stored XSS
https://infosecwriteups.com/bypassing-waf-to-weaponize-a-stored-xss-ff9963c421ee
+ Windows Kernel Driver in Rust/
Rusty Rootkit for Red Teamers
https://github.com/memN0ps/eagle-rs
@BlueRedTeam
+ Bypassing WAF to Weaponize a Stored XSS
https://infosecwriteups.com/bypassing-waf-to-weaponize-a-stored-xss-ff9963c421ee
+ Windows Kernel Driver in Rust/
Rusty Rootkit for Red Teamers
https://github.com/memN0ps/eagle-rs
@BlueRedTeam
Medium
Bypassing WAF to Weaponize a Stored XSS
While testing a bug bounty program, I’ve noticed my <u>html injection</u> payload worked while spraying it to every field that is reflected…
#tools
#Blue_Team
Malcolm - network traffic analysis tool suite for full packet capture artifacts (PCAP files) and Zeek logs
https://github.com/idaholab/Malcolm
@BlueRedTeam
#Blue_Team
Malcolm - network traffic analysis tool suite for full packet capture artifacts (PCAP files) and Zeek logs
https://github.com/idaholab/Malcolm
@BlueRedTeam
GitHub
GitHub - idaholab/Malcolm: Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture…
Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs and Suricata alerts. - idaholab/Malcolm
#Red_Team
+ Hacking Swagger-UI - from XSS to account takeovers
https://www.vidocsecurity.com/blog/hacking-swagger-ui-from-xss-to-account-takeovers
+ Stealing Google Drive OAuth tokens from Dropbox
https://blog.stazot.com/stealing-google-drive-oauth-tokens-from-dropbox
@BlueRedTeam
+ Hacking Swagger-UI - from XSS to account takeovers
https://www.vidocsecurity.com/blog/hacking-swagger-ui-from-xss-to-account-takeovers
+ Stealing Google Drive OAuth tokens from Dropbox
https://blog.stazot.com/stealing-google-drive-oauth-tokens-from-dropbox
@BlueRedTeam
Vidoc Security Lab
Hacking Swagger-UI - from XSS to account takeovers
We have reported more than 60 instances of this bug across a wide range of bug bounty programs including companies like Paypal, Atlassian, Microsoft, GitLab, Yahoo, ...
#Red_Team
Red Team vs. Blue Team (Pen-Testing) Project for the UT Austin cybersecurity bootcamp.
https://github.com/juliannatetreault/RedTeam-vs-BlueTeam-Project
@BlueRedTeam
Red Team vs. Blue Team (Pen-Testing) Project for the UT Austin cybersecurity bootcamp.
https://github.com/juliannatetreault/RedTeam-vs-BlueTeam-Project
@BlueRedTeam
GitHub
GitHub - juliannatetreault/RedTeam-vs-BlueTeam-Project: Red Team vs. Blue Team (Pen-Testing) Project for the UT Austin cybersecurity…
Red Team vs. Blue Team (Pen-Testing) Project for the UT Austin cybersecurity bootcamp. - juliannatetreault/RedTeam-vs-BlueTeam-Project
👍3
#Red_Team
Venom is a collaborative C2 framework used by Red Team operators. providing an interactive Web GUI written in Python and PowerShell.
https://github.com/J0LGER/Venom
@BlueRedTeam
Venom is a collaborative C2 framework used by Red Team operators. providing an interactive Web GUI written in Python and PowerShell.
https://github.com/J0LGER/Venom
@BlueRedTeam
GitHub
GitHub - J0LGER/Venom: Venom is a collaborative C2 framework used by Red Team operators. providing an interactive Web GUI written…
Venom is a collaborative C2 framework used by Red Team operators. providing an interactive Web GUI written in Python and PowerShell. - J0LGER/Venom
#exploit
CVE-2022-24706:
Apache CouchDB RCE
https://github.com/sadshade/CVE-2022-24706-CouchDB-Exploit
@BlueRedTeam
CVE-2022-24706:
Apache CouchDB RCE
https://github.com/sadshade/CVE-2022-24706-CouchDB-Exploit
@BlueRedTeam
GitHub
GitHub - sadshade/CVE-2022-24706-CouchDB-Exploit: Apache CouchDB 3.2.1 - Remote Code Execution (RCE)
Apache CouchDB 3.2.1 - Remote Code Execution (RCE) - sadshade/CVE-2022-24706-CouchDB-Exploit
#tools
#Red_Team
CrimeFlare - tool for bypassing websites protected by CloudFlare WAF
https://github.com/zidansec/CloudPeler
@BlueRedTeam
#Red_Team
CrimeFlare - tool for bypassing websites protected by CloudFlare WAF
https://github.com/zidansec/CloudPeler
@BlueRedTeam
GitHub
GitHub - zidansec/CloudPeler: CrimeFlare is a useful tool for bypassing websites protected by CloudFlare WAF, with this tool you…
CrimeFlare is a useful tool for bypassing websites protected by CloudFlare WAF, with this tool you can easily see the real IP of websites that have been protected by CloudFlare. The resulting infor...
#Red_Team
Windows Kernel Driver in Rust aka Rusty Rootkit for Red Teamers
https://github.com/memN0ps/eagle-rs
@BlueRedTeam
Windows Kernel Driver in Rust aka Rusty Rootkit for Red Teamers
https://github.com/memN0ps/eagle-rs
@BlueRedTeam
GitHub
GitHub - memN0ps/eagle-rs: Rusty Rootkit - Windows Kernel Rookit in Rust (Codename: Eagle)
Rusty Rootkit - Windows Kernel Rookit in Rust (Codename: Eagle) - memN0ps/eagle-rs
#CVE-2022
CVE-2022-1388 F5 BIG-IP iControl REST Auth Bypass RCE written in Rust
https://github.com/XmasSnowISBACK/CVE-2022-1388
@BlueRedTeam
CVE-2022-1388 F5 BIG-IP iControl REST Auth Bypass RCE written in Rust
https://github.com/XmasSnowISBACK/CVE-2022-1388
@BlueRedTeam
#Blue_Team
+ Osquery-filters
https://github.com/defensivedepth/osquery-filters
+ Detects DLL dropped by Raspberry Robin
https://github.com/CD-R0M/HundredDaysofYARA/blob/main/Raspberry_Robin_DLL_MAY_2022.yar
@BlueRedTeam
+ Osquery-filters
https://github.com/defensivedepth/osquery-filters
+ Detects DLL dropped by Raspberry Robin
https://github.com/CD-R0M/HundredDaysofYARA/blob/main/Raspberry_Robin_DLL_MAY_2022.yar
@BlueRedTeam
GitHub
GitHub - defensivedepth/osquery-filters
Contribute to defensivedepth/osquery-filters development by creating an account on GitHub.
👍1