#CVE-2022
CVE-2020-5902 CVE-2021-22986 CVE-2022-1388 POC集合
https://github.com/west9b/F5-BIG-IP-POC
@BlueRedTeam
CVE-2020-5902 CVE-2021-22986 CVE-2022-1388 POC集合
https://github.com/west9b/F5-BIG-IP-POC
@BlueRedTeam
GitHub
GitHub - west9b/F5-BIG-IP-POC: CVE-2020-5902 CVE-2021-22986 CVE-2022-1388 POC集合
CVE-2020-5902 CVE-2021-22986 CVE-2022-1388 POC集合. Contribute to west9b/F5-BIG-IP-POC development by creating an account on GitHub.
#Red_Team
Playing around with Stratus Red Team (Cloud Attack simulation tool) and SumoLogic
https://github.com/sbasu7241/AWS-Threat-Simulation-and-Detection
@BlueRedTeam
Playing around with Stratus Red Team (Cloud Attack simulation tool) and SumoLogic
https://github.com/sbasu7241/AWS-Threat-Simulation-and-Detection
@BlueRedTeam
GitHub
GitHub - sbasu7241/AWS-Threat-Simulation-and-Detection: Playing around with Stratus Red Team (Cloud Attack simulation tool) and…
Playing around with Stratus Red Team (Cloud Attack simulation tool) and SumoLogic - sbasu7241/AWS-Threat-Simulation-and-Detection
👍2
#Red_Team
Playing around with Stratus Red Team (Cloud Attack simulation tool) and SumoLogic
https://github.com/MaicolRuiz01/Campeonato
@BlueRedTeam
Playing around with Stratus Red Team (Cloud Attack simulation tool) and SumoLogic
https://github.com/MaicolRuiz01/Campeonato
@BlueRedTeam
GitHub
GitHub - MaicolRuiz01/Campeonato: JAVA application that allows you to register the teams that are going to participate in a soccer…
JAVA application that allows you to register the teams that are going to participate in a soccer championship, of which you are interested in saving the team code, name and team captain, who in tur...
#Red_Team
This repository is aimed at sharing the cliff notes for performing Red Teaming of Active Directory System combined with Detection Engineering part of AD Attacks
https://github.com/MirHassanRiaz/Active-Directory-Purple-Teaming
@BlueRedTeam
This repository is aimed at sharing the cliff notes for performing Red Teaming of Active Directory System combined with Detection Engineering part of AD Attacks
https://github.com/MirHassanRiaz/Active-Directory-Purple-Teaming
@BlueRedTeam
#CVE-2022
CVE-2022-24086 and CVE-2022-24087 are an rce in adobe commerce and magento
https://github.com/TomArni680/CVE-2022-24086-MASS-RCE
@BlueRedTeam
CVE-2022-24086 and CVE-2022-24087 are an rce in adobe commerce and magento
https://github.com/TomArni680/CVE-2022-24086-MASS-RCE
@BlueRedTeam
#tools
#Blue_Team
+ Blocking ISO mounting
https://malicious.link/post/2022/blocking-iso-mounting
+ HTTP Header Browser Testing
https://github.com/hen95/HTTPHeaderBrowserTesting
+ A command line tool to search for values in memory
https://github.com/gamozolabs/mempeek
@BlueRedTeam
#Blue_Team
+ Blocking ISO mounting
https://malicious.link/post/2022/blocking-iso-mounting
+ HTTP Header Browser Testing
https://github.com/hen95/HTTPHeaderBrowserTesting
+ A command line tool to search for values in memory
https://github.com/gamozolabs/mempeek
@BlueRedTeam
My cool site
Blocking ISO mounting
Update: 10/15/2022
One of the hard parts of implementing a block like this is the concern that it will “break something”. The DFIR Report’s post on Bumblebee Round 2 has a great suggestion on how to detect legitimate (and illegitimate) use of ISO mounting…
One of the hard parts of implementing a block like this is the concern that it will “break something”. The DFIR Report’s post on Bumblebee Round 2 has a great suggestion on how to detect legitimate (and illegitimate) use of ISO mounting…
#Red_Team
+ Takeover an account that doesn't have a Shopify ID
https://hackerone.com/reports/867513
+ RCE on Steam Client via buffer overflow in Server Info
https://hackerone.com/reports/470520
@BlueRedTeam
+ Takeover an account that doesn't have a Shopify ID
https://hackerone.com/reports/867513
+ RCE on Steam Client via buffer overflow in Server Info
https://hackerone.com/reports/470520
@BlueRedTeam
HackerOne
Shopify disclosed on HackerOne: Takeover an account that doesn't...
A report from @francisbeaudoin showed that it was possible to bypass Shopify's email verification for a small subset of Shopify user accounts. Doing so would have allowed a user to access accounts...
#Blue_Team
+ Detect Apps and Services using LDAP instead of LDAPS
https://dirteam.com/sander/2022/05/30/howto-detect-apps-and-services-using-ldap-instead-of-ldaps
+ Find secrets/passwords in container images and file systems
https://github.com/deepfence/SecretScanner
@BlueRedTeam
+ Detect Apps and Services using LDAP instead of LDAPS
https://dirteam.com/sander/2022/05/30/howto-detect-apps-and-services-using-ldap-instead-of-ldaps
+ Find secrets/passwords in container images and file systems
https://github.com/deepfence/SecretScanner
@BlueRedTeam
The things that are better left unspoken
HOWTO: Detect Apps and Services using LDAP instead of LDAPS - The things that are better left unspoken
Active Directory Domain Services (AD DS) offers many ways to integrate applications and services. Traditionally, the Lightweight Directory Access Protocol (LDAP) was used by software developers to integrate. While Kerberos-based Integrated Windows Authentication…
#Red_Team
Flexible C2 framework for Nation State Simulations in Red Team Assessments.
https://github.com/aidden-laoch/sabre
@BlueRedTeam
Flexible C2 framework for Nation State Simulations in Red Team Assessments.
https://github.com/aidden-laoch/sabre
@BlueRedTeam
#Red_Team
Enumeration and lateral movement in GCP environments
https://securityshenanigans.medium.com/enumeration-and-lateral-movement-in-gcp-environments-c3b82d342794
@BlueRedTeam
Enumeration and lateral movement in GCP environments
https://securityshenanigans.medium.com/enumeration-and-lateral-movement-in-gcp-environments-c3b82d342794
@BlueRedTeam
Medium
Enumeration and lateral movement in GCP environments
This write up is about a pentest we did in which we managed to compromise a hybrid GCP hosted infrastructure using native GCP tools for…
#CVE-2022
CVE-2022-30190 or \"Follina\" 0day proof of concept
https://github.com/rayorole/CVE-2022-30190
@BlueRedTeam
CVE-2022-30190 or \"Follina\" 0day proof of concept
https://github.com/rayorole/CVE-2022-30190
@BlueRedTeam
GitHub
GitHub - rayorole/CVE-2022-30190: CVE-2022-30190 or "Follina" 0day proof of concept
CVE-2022-30190 or "Follina" 0day proof of concept. Contribute to rayorole/CVE-2022-30190 development by creating an account on GitHub.
#tools
Rust-based high performance domain permutation generator.
A rust-based version of the popular dnsgen python utility.
ripgen is split into two main parts:
ripgen: A CLI utility that calls into ripgen_lib and uses dnsgen's transforms.
ripgen_lib: A library that allows you to create high performance permutations of domain names.
https://github.com/resyncgg/ripgen
@BlueRedTeam
Rust-based high performance domain permutation generator.
A rust-based version of the popular dnsgen python utility.
ripgen is split into two main parts:
ripgen: A CLI utility that calls into ripgen_lib and uses dnsgen's transforms.
ripgen_lib: A library that allows you to create high performance permutations of domain names.
https://github.com/resyncgg/ripgen
@BlueRedTeam
GitHub
GitHub - AlephNullSK/dnsgen: DNSGen is a powerful and flexible DNS name permutation tool designed for security researchers and…
DNSGen is a powerful and flexible DNS name permutation tool designed for security researchers and penetration testers. It generates intelligent domain name variations to assist in subdomain discove...
#Blue_Team
+ NotSoCereal: A Deserialization exploit playground
https://github.com/NotSoSecure/NotSoCereal-Lab
+ Kernel mode WinDbg extension and PoCs for token privilege investigation
https://github.com/daem0nc0re/PrivFu#s4udelegator
@BlueRedTeam
+ NotSoCereal: A Deserialization exploit playground
https://github.com/NotSoSecure/NotSoCereal-Lab
+ Kernel mode WinDbg extension and PoCs for token privilege investigation
https://github.com/daem0nc0re/PrivFu#s4udelegator
@BlueRedTeam
GitHub
GitHub - NotSoSecure/NotSoCereal-Lab: NotSoCereal: A Deserialization exploit playground
NotSoCereal: A Deserialization exploit playground. Contribute to NotSoSecure/NotSoCereal-Lab development by creating an account on GitHub.
#Red_Team
Fricciolosa Red Team website ⚔️
https://github.com/Fricciolosa-Red-Team/fricciolosa.com
@BlueRedTeam
Fricciolosa Red Team website ⚔️
https://github.com/Fricciolosa-Red-Team/fricciolosa.com
@BlueRedTeam
GitHub
GitHub - Fricciolosa-Red-Team/fricciolosa.com: Fricciolosa Red Team website ⚔️
Fricciolosa Red Team website ⚔️. Contribute to Fricciolosa-Red-Team/fricciolosa.com development by creating an account on GitHub.
#CVE-2022
A tool written in Go that scans files & directories for the Follina exploit (CVE-2022-30190)
https://github.com/ErrorNoInternet/FollinaScanner
@BlueRedTeam
A tool written in Go that scans files & directories for the Follina exploit (CVE-2022-30190)
https://github.com/ErrorNoInternet/FollinaScanner
@BlueRedTeam
GitHub
GitHub - ErrorNoInternet/FollinaScanner: A tool written in Go that scans files & directories for the Follina exploit (CVE-2022…
A tool written in Go that scans files & directories for the Follina exploit (CVE-2022-30190) - ErrorNoInternet/FollinaScanner
#CVE-2022
Mitigates the \"Folina\"-ZeroDay (CVE-2022-30190)
https://github.com/derco0n/mitigate-folina
@BlueRedTeam
Mitigates the \"Folina\"-ZeroDay (CVE-2022-30190)
https://github.com/derco0n/mitigate-folina
@BlueRedTeam
GitHub
GitHub - derco0n/mitigate-folina: Mitigates the "Folina"-ZeroDay (CVE-2022-30190)
Mitigates the "Folina"-ZeroDay (CVE-2022-30190). Contribute to derco0n/mitigate-folina development by creating an account on GitHub.
#CVE-2022
The CVE-2022-30190-follina Workarounds Patch
https://github.com/suegdu/CVE-2022-30190-Follina-Patch
@BlueRedTeam
The CVE-2022-30190-follina Workarounds Patch
https://github.com/suegdu/CVE-2022-30190-Follina-Patch
@BlueRedTeam
GitHub
GitHub - suegdu/CVE-2022-30190-Follina-Patch: The CVE-2022-30190-follina Workarounds Patch
The CVE-2022-30190-follina Workarounds Patch. Contribute to suegdu/CVE-2022-30190-Follina-Patch development by creating an account on GitHub.