#Red_Team
Azure Container Instances Distributed Operations (acido CLI) for Red Team Operations through Azure Cloud.
https://github.com/merabytes/acido
@BlueRedTeam
Azure Container Instances Distributed Operations (acido CLI) for Red Team Operations through Azure Cloud.
https://github.com/merabytes/acido
@BlueRedTeam
GitHub
GitHub - merabytes/acido: Azure Container Instances Distributed Operations (acido CLI) for Red Team Operations through Azure Cloud.
Azure Container Instances Distributed Operations (acido CLI) for Red Team Operations through Azure Cloud. - GitHub - merabytes/acido: Azure Container Instances Distributed Operations (acido CLI) f...
👍3
#Red_Team
Cybersecurity Attacks - Red Team Strategies, Published by Packt
https://github.com/PacktPublishing/Cybersecurity-Attacks---Red-Team-Strategies
@BlueRedTeam
Cybersecurity Attacks - Red Team Strategies, Published by Packt
https://github.com/PacktPublishing/Cybersecurity-Attacks---Red-Team-Strategies
@BlueRedTeam
GitHub
GitHub - PacktPublishing/Cybersecurity-Attacks---Red-Team-Strategies: Cybersecurity Attacks - Red Team Strategies, Published by…
Cybersecurity Attacks - Red Team Strategies, Published by Packt - GitHub - PacktPublishing/Cybersecurity-Attacks---Red-Team-Strategies: Cybersecurity Attacks - Red Team Strategies, Published by Packt
#Red_Team
Windows LPE via CdpSvc service
(Writeable SYSTEM path Dll Hijacking)
https://github.com/sailay1996/CdpSvcLPE
@BlueRedTeam
Windows LPE via CdpSvc service
(Writeable SYSTEM path Dll Hijacking)
https://github.com/sailay1996/CdpSvcLPE
@BlueRedTeam
GitHub
GitHub - sailay1996/CdpSvcLPE: Windows Local Privilege Escalation via CdpSvc service (Writeable SYSTEM path Dll Hijacking)
Windows Local Privilege Escalation via CdpSvc service (Writeable SYSTEM path Dll Hijacking) - sailay1996/CdpSvcLPE
#Blue_Team
+ 4 Types of Dropper Malware in Microsoft Office
& How to Detect Them
https://www.deepinstinct.com/blog/types-of-dropper-malware-in-microsoft-office
+ Hunting a Global Telecommunications Threat:
DecisiveArchitect and Its Custom Implant JustForFun
https://www.crowdstrike.com/blog/how-to-hunt-for-decisivearchitect-and-justforfun-implant
@BlueRedTeam
+ 4 Types of Dropper Malware in Microsoft Office
& How to Detect Them
https://www.deepinstinct.com/blog/types-of-dropper-malware-in-microsoft-office
+ Hunting a Global Telecommunications Threat:
DecisiveArchitect and Its Custom Implant JustForFun
https://www.crowdstrike.com/blog/how-to-hunt-for-decisivearchitect-and-justforfun-implant
@BlueRedTeam
Deep Instinct
4 Types of Dropper Malware in Microsoft Office & How to Detect Them | Deep Instinct
Read up on the newest types of dropper malware affecting Microsoft Office. Deep Instinct’s experts have put together a guide for detecting & preventing these malicious threats.
👍4
#CVE-2022
CVE-2020-5902 CVE-2021-22986 CVE-2022-1388 POC集合
https://github.com/west9b/F5-BIG-IP-POC
@BlueRedTeam
CVE-2020-5902 CVE-2021-22986 CVE-2022-1388 POC集合
https://github.com/west9b/F5-BIG-IP-POC
@BlueRedTeam
GitHub
GitHub - west9b/F5-BIG-IP-POC: CVE-2020-5902 CVE-2021-22986 CVE-2022-1388 POC集合
CVE-2020-5902 CVE-2021-22986 CVE-2022-1388 POC集合. Contribute to west9b/F5-BIG-IP-POC development by creating an account on GitHub.
#Red_Team
Playing around with Stratus Red Team (Cloud Attack simulation tool) and SumoLogic
https://github.com/sbasu7241/AWS-Threat-Simulation-and-Detection
@BlueRedTeam
Playing around with Stratus Red Team (Cloud Attack simulation tool) and SumoLogic
https://github.com/sbasu7241/AWS-Threat-Simulation-and-Detection
@BlueRedTeam
GitHub
GitHub - sbasu7241/AWS-Threat-Simulation-and-Detection: Playing around with Stratus Red Team (Cloud Attack simulation tool) and…
Playing around with Stratus Red Team (Cloud Attack simulation tool) and SumoLogic - sbasu7241/AWS-Threat-Simulation-and-Detection
👍2
#Red_Team
Playing around with Stratus Red Team (Cloud Attack simulation tool) and SumoLogic
https://github.com/MaicolRuiz01/Campeonato
@BlueRedTeam
Playing around with Stratus Red Team (Cloud Attack simulation tool) and SumoLogic
https://github.com/MaicolRuiz01/Campeonato
@BlueRedTeam
GitHub
GitHub - MaicolRuiz01/Campeonato: JAVA application that allows you to register the teams that are going to participate in a soccer…
JAVA application that allows you to register the teams that are going to participate in a soccer championship, of which you are interested in saving the team code, name and team captain, who in tur...
#Red_Team
This repository is aimed at sharing the cliff notes for performing Red Teaming of Active Directory System combined with Detection Engineering part of AD Attacks
https://github.com/MirHassanRiaz/Active-Directory-Purple-Teaming
@BlueRedTeam
This repository is aimed at sharing the cliff notes for performing Red Teaming of Active Directory System combined with Detection Engineering part of AD Attacks
https://github.com/MirHassanRiaz/Active-Directory-Purple-Teaming
@BlueRedTeam
#CVE-2022
CVE-2022-24086 and CVE-2022-24087 are an rce in adobe commerce and magento
https://github.com/TomArni680/CVE-2022-24086-MASS-RCE
@BlueRedTeam
CVE-2022-24086 and CVE-2022-24087 are an rce in adobe commerce and magento
https://github.com/TomArni680/CVE-2022-24086-MASS-RCE
@BlueRedTeam
#tools
#Blue_Team
+ Blocking ISO mounting
https://malicious.link/post/2022/blocking-iso-mounting
+ HTTP Header Browser Testing
https://github.com/hen95/HTTPHeaderBrowserTesting
+ A command line tool to search for values in memory
https://github.com/gamozolabs/mempeek
@BlueRedTeam
#Blue_Team
+ Blocking ISO mounting
https://malicious.link/post/2022/blocking-iso-mounting
+ HTTP Header Browser Testing
https://github.com/hen95/HTTPHeaderBrowserTesting
+ A command line tool to search for values in memory
https://github.com/gamozolabs/mempeek
@BlueRedTeam
My cool site
Blocking ISO mounting
Update: 10/15/2022
One of the hard parts of implementing a block like this is the concern that it will “break something”. The DFIR Report’s post on Bumblebee Round 2 has a great suggestion on how to detect legitimate (and illegitimate) use of ISO mounting…
One of the hard parts of implementing a block like this is the concern that it will “break something”. The DFIR Report’s post on Bumblebee Round 2 has a great suggestion on how to detect legitimate (and illegitimate) use of ISO mounting…
#Red_Team
+ Takeover an account that doesn't have a Shopify ID
https://hackerone.com/reports/867513
+ RCE on Steam Client via buffer overflow in Server Info
https://hackerone.com/reports/470520
@BlueRedTeam
+ Takeover an account that doesn't have a Shopify ID
https://hackerone.com/reports/867513
+ RCE on Steam Client via buffer overflow in Server Info
https://hackerone.com/reports/470520
@BlueRedTeam
HackerOne
Shopify disclosed on HackerOne: Takeover an account that doesn't...
A report from @francisbeaudoin showed that it was possible to bypass Shopify's email verification for a small subset of Shopify user accounts. Doing so would have allowed a user to access accounts...
#Blue_Team
+ Detect Apps and Services using LDAP instead of LDAPS
https://dirteam.com/sander/2022/05/30/howto-detect-apps-and-services-using-ldap-instead-of-ldaps
+ Find secrets/passwords in container images and file systems
https://github.com/deepfence/SecretScanner
@BlueRedTeam
+ Detect Apps and Services using LDAP instead of LDAPS
https://dirteam.com/sander/2022/05/30/howto-detect-apps-and-services-using-ldap-instead-of-ldaps
+ Find secrets/passwords in container images and file systems
https://github.com/deepfence/SecretScanner
@BlueRedTeam
The things that are better left unspoken
HOWTO: Detect Apps and Services using LDAP instead of LDAPS - The things that are better left unspoken
Active Directory Domain Services (AD DS) offers many ways to integrate applications and services. Traditionally, the Lightweight Directory Access Protocol (LDAP) was used by software developers to integrate. While Kerberos-based Integrated Windows Authentication…
#Red_Team
Flexible C2 framework for Nation State Simulations in Red Team Assessments.
https://github.com/aidden-laoch/sabre
@BlueRedTeam
Flexible C2 framework for Nation State Simulations in Red Team Assessments.
https://github.com/aidden-laoch/sabre
@BlueRedTeam
#Red_Team
Enumeration and lateral movement in GCP environments
https://securityshenanigans.medium.com/enumeration-and-lateral-movement-in-gcp-environments-c3b82d342794
@BlueRedTeam
Enumeration and lateral movement in GCP environments
https://securityshenanigans.medium.com/enumeration-and-lateral-movement-in-gcp-environments-c3b82d342794
@BlueRedTeam
Medium
Enumeration and lateral movement in GCP environments
This write up is about a pentest we did in which we managed to compromise a hybrid GCP hosted infrastructure using native GCP tools for…
#CVE-2022
CVE-2022-30190 or \"Follina\" 0day proof of concept
https://github.com/rayorole/CVE-2022-30190
@BlueRedTeam
CVE-2022-30190 or \"Follina\" 0day proof of concept
https://github.com/rayorole/CVE-2022-30190
@BlueRedTeam
GitHub
GitHub - rayorole/CVE-2022-30190: CVE-2022-30190 or "Follina" 0day proof of concept
CVE-2022-30190 or "Follina" 0day proof of concept. Contribute to rayorole/CVE-2022-30190 development by creating an account on GitHub.
#tools
Rust-based high performance domain permutation generator.
A rust-based version of the popular dnsgen python utility.
ripgen is split into two main parts:
ripgen: A CLI utility that calls into ripgen_lib and uses dnsgen's transforms.
ripgen_lib: A library that allows you to create high performance permutations of domain names.
https://github.com/resyncgg/ripgen
@BlueRedTeam
Rust-based high performance domain permutation generator.
A rust-based version of the popular dnsgen python utility.
ripgen is split into two main parts:
ripgen: A CLI utility that calls into ripgen_lib and uses dnsgen's transforms.
ripgen_lib: A library that allows you to create high performance permutations of domain names.
https://github.com/resyncgg/ripgen
@BlueRedTeam
GitHub
GitHub - AlephNullSK/dnsgen: DNSGen is a powerful and flexible DNS name permutation tool designed for security researchers and…
DNSGen is a powerful and flexible DNS name permutation tool designed for security researchers and penetration testers. It generates intelligent domain name variations to assist in subdomain discove...