#CVE-2022
CVE-2022-1388 F5 BIG-IP iControl REST Auth Bypass RCE written in Rust
https://github.com/XmasSnowISBACK/CVE-2022-1388
@BlueRedTeam
CVE-2022-1388 F5 BIG-IP iControl REST Auth Bypass RCE written in Rust
https://github.com/XmasSnowISBACK/CVE-2022-1388
@BlueRedTeam
#Blue_Team
+ Osquery-filters
https://github.com/defensivedepth/osquery-filters
+ Detects DLL dropped by Raspberry Robin
https://github.com/CD-R0M/HundredDaysofYARA/blob/main/Raspberry_Robin_DLL_MAY_2022.yar
@BlueRedTeam
+ Osquery-filters
https://github.com/defensivedepth/osquery-filters
+ Detects DLL dropped by Raspberry Robin
https://github.com/CD-R0M/HundredDaysofYARA/blob/main/Raspberry_Robin_DLL_MAY_2022.yar
@BlueRedTeam
GitHub
GitHub - defensivedepth/osquery-filters
Contribute to defensivedepth/osquery-filters development by creating an account on GitHub.
👍1
#webshell
A webshell plugin and interactive shell for pentesting a Joomla website.
https://github.com/p0dalirius/Joomla-webshell-plugin
@BlueRedTeam
A webshell plugin and interactive shell for pentesting a Joomla website.
https://github.com/p0dalirius/Joomla-webshell-plugin
@BlueRedTeam
GitHub
GitHub - p0dalirius/Joomla-webshell-plugin: A webshell plugin and interactive shell for pentesting a Joomla website.
A webshell plugin and interactive shell for pentesting a Joomla website. - GitHub - p0dalirius/Joomla-webshell-plugin: A webshell plugin and interactive shell for pentesting a Joomla website.
#Red_Team
Tools Developed for RITSEC Red Team Recruiting
https://github.com/jabbate19/Red-Team-Recruiting
@BlueRedTeam
Tools Developed for RITSEC Red Team Recruiting
https://github.com/jabbate19/Red-Team-Recruiting
@BlueRedTeam
GitHub
GitHub - jabbate19/Red-Team-Recruiting: Tools Developed for RITSEC Red Team Recruiting
Tools Developed for RITSEC Red Team Recruiting. Contribute to jabbate19/Red-Team-Recruiting development by creating an account on GitHub.
#Red_Team
Exploit Development:
No Code Execution? No Problem! Living The Age of VBS, HVCI, and Kernel CFG
https://connormcgarr.github.io/hvci
@BlueRedTeam
Exploit Development:
No Code Execution? No Problem! Living The Age of VBS, HVCI, and Kernel CFG
https://connormcgarr.github.io/hvci
@BlueRedTeam
Connor McGarr’s Blog
Exploit Development: No Code Execution? No Problem! Living The Age of VBS, HVCI, and Kernel CFG
Dealing with Virtualization-Based Security (VBS), Hypervisor-Protected Code Integrity (HVCI), and Kernel Control Flow Guard (kCFG).
#Cobalt_Strike
CNA that interacts with a JAR file to dynamically rename GUI tabs within Cobalt Strike from a JSON file.
https://github.com/EspressoCake/DynamicTabRename
@BlueRedTeam
CNA that interacts with a JAR file to dynamically rename GUI tabs within Cobalt Strike from a JSON file.
https://github.com/EspressoCake/DynamicTabRename
@BlueRedTeam
GitHub
GitHub - EspressoCake/DynamicTabRename: CNA that interacts with a JAR file to dynamically rename GUI tabs within Cobalt Strike…
CNA that interacts with a JAR file to dynamically rename GUI tabs within Cobalt Strike from a JSON file. - EspressoCake/DynamicTabRename
#Red_Team
Azure Container Instances Distributed Operations (acido CLI) for Red Team Operations through Azure Cloud.
https://github.com/merabytes/acido
@BlueRedTeam
Azure Container Instances Distributed Operations (acido CLI) for Red Team Operations through Azure Cloud.
https://github.com/merabytes/acido
@BlueRedTeam
GitHub
GitHub - merabytes/acido: Azure Container Instances Distributed Operations (acido CLI) for Red Team Operations through Azure Cloud.
Azure Container Instances Distributed Operations (acido CLI) for Red Team Operations through Azure Cloud. - GitHub - merabytes/acido: Azure Container Instances Distributed Operations (acido CLI) f...
👍3
#Red_Team
Cybersecurity Attacks - Red Team Strategies, Published by Packt
https://github.com/PacktPublishing/Cybersecurity-Attacks---Red-Team-Strategies
@BlueRedTeam
Cybersecurity Attacks - Red Team Strategies, Published by Packt
https://github.com/PacktPublishing/Cybersecurity-Attacks---Red-Team-Strategies
@BlueRedTeam
GitHub
GitHub - PacktPublishing/Cybersecurity-Attacks---Red-Team-Strategies: Cybersecurity Attacks - Red Team Strategies, Published by…
Cybersecurity Attacks - Red Team Strategies, Published by Packt - GitHub - PacktPublishing/Cybersecurity-Attacks---Red-Team-Strategies: Cybersecurity Attacks - Red Team Strategies, Published by Packt
#Red_Team
Windows LPE via CdpSvc service
(Writeable SYSTEM path Dll Hijacking)
https://github.com/sailay1996/CdpSvcLPE
@BlueRedTeam
Windows LPE via CdpSvc service
(Writeable SYSTEM path Dll Hijacking)
https://github.com/sailay1996/CdpSvcLPE
@BlueRedTeam
GitHub
GitHub - sailay1996/CdpSvcLPE: Windows Local Privilege Escalation via CdpSvc service (Writeable SYSTEM path Dll Hijacking)
Windows Local Privilege Escalation via CdpSvc service (Writeable SYSTEM path Dll Hijacking) - sailay1996/CdpSvcLPE
#Blue_Team
+ 4 Types of Dropper Malware in Microsoft Office
& How to Detect Them
https://www.deepinstinct.com/blog/types-of-dropper-malware-in-microsoft-office
+ Hunting a Global Telecommunications Threat:
DecisiveArchitect and Its Custom Implant JustForFun
https://www.crowdstrike.com/blog/how-to-hunt-for-decisivearchitect-and-justforfun-implant
@BlueRedTeam
+ 4 Types of Dropper Malware in Microsoft Office
& How to Detect Them
https://www.deepinstinct.com/blog/types-of-dropper-malware-in-microsoft-office
+ Hunting a Global Telecommunications Threat:
DecisiveArchitect and Its Custom Implant JustForFun
https://www.crowdstrike.com/blog/how-to-hunt-for-decisivearchitect-and-justforfun-implant
@BlueRedTeam
Deep Instinct
4 Types of Dropper Malware in Microsoft Office & How to Detect Them | Deep Instinct
Read up on the newest types of dropper malware affecting Microsoft Office. Deep Instinct’s experts have put together a guide for detecting & preventing these malicious threats.
👍4
#CVE-2022
CVE-2020-5902 CVE-2021-22986 CVE-2022-1388 POC集合
https://github.com/west9b/F5-BIG-IP-POC
@BlueRedTeam
CVE-2020-5902 CVE-2021-22986 CVE-2022-1388 POC集合
https://github.com/west9b/F5-BIG-IP-POC
@BlueRedTeam
GitHub
GitHub - west9b/F5-BIG-IP-POC: CVE-2020-5902 CVE-2021-22986 CVE-2022-1388 POC集合
CVE-2020-5902 CVE-2021-22986 CVE-2022-1388 POC集合. Contribute to west9b/F5-BIG-IP-POC development by creating an account on GitHub.
#Red_Team
Playing around with Stratus Red Team (Cloud Attack simulation tool) and SumoLogic
https://github.com/sbasu7241/AWS-Threat-Simulation-and-Detection
@BlueRedTeam
Playing around with Stratus Red Team (Cloud Attack simulation tool) and SumoLogic
https://github.com/sbasu7241/AWS-Threat-Simulation-and-Detection
@BlueRedTeam
GitHub
GitHub - sbasu7241/AWS-Threat-Simulation-and-Detection: Playing around with Stratus Red Team (Cloud Attack simulation tool) and…
Playing around with Stratus Red Team (Cloud Attack simulation tool) and SumoLogic - sbasu7241/AWS-Threat-Simulation-and-Detection
👍2
#Red_Team
Playing around with Stratus Red Team (Cloud Attack simulation tool) and SumoLogic
https://github.com/MaicolRuiz01/Campeonato
@BlueRedTeam
Playing around with Stratus Red Team (Cloud Attack simulation tool) and SumoLogic
https://github.com/MaicolRuiz01/Campeonato
@BlueRedTeam
GitHub
GitHub - MaicolRuiz01/Campeonato: JAVA application that allows you to register the teams that are going to participate in a soccer…
JAVA application that allows you to register the teams that are going to participate in a soccer championship, of which you are interested in saving the team code, name and team captain, who in tur...
#Red_Team
This repository is aimed at sharing the cliff notes for performing Red Teaming of Active Directory System combined with Detection Engineering part of AD Attacks
https://github.com/MirHassanRiaz/Active-Directory-Purple-Teaming
@BlueRedTeam
This repository is aimed at sharing the cliff notes for performing Red Teaming of Active Directory System combined with Detection Engineering part of AD Attacks
https://github.com/MirHassanRiaz/Active-Directory-Purple-Teaming
@BlueRedTeam
#CVE-2022
CVE-2022-24086 and CVE-2022-24087 are an rce in adobe commerce and magento
https://github.com/TomArni680/CVE-2022-24086-MASS-RCE
@BlueRedTeam
CVE-2022-24086 and CVE-2022-24087 are an rce in adobe commerce and magento
https://github.com/TomArni680/CVE-2022-24086-MASS-RCE
@BlueRedTeam
#tools
#Blue_Team
+ Blocking ISO mounting
https://malicious.link/post/2022/blocking-iso-mounting
+ HTTP Header Browser Testing
https://github.com/hen95/HTTPHeaderBrowserTesting
+ A command line tool to search for values in memory
https://github.com/gamozolabs/mempeek
@BlueRedTeam
#Blue_Team
+ Blocking ISO mounting
https://malicious.link/post/2022/blocking-iso-mounting
+ HTTP Header Browser Testing
https://github.com/hen95/HTTPHeaderBrowserTesting
+ A command line tool to search for values in memory
https://github.com/gamozolabs/mempeek
@BlueRedTeam
My cool site
Blocking ISO mounting
Update: 10/15/2022
One of the hard parts of implementing a block like this is the concern that it will “break something”. The DFIR Report’s post on Bumblebee Round 2 has a great suggestion on how to detect legitimate (and illegitimate) use of ISO mounting…
One of the hard parts of implementing a block like this is the concern that it will “break something”. The DFIR Report’s post on Bumblebee Round 2 has a great suggestion on how to detect legitimate (and illegitimate) use of ISO mounting…