#Red_Team
Abusing GPOs: WMI Filters
https://rastamouse.me/ous-and-gpos-and-wmi-filters-oh-my
@BlueRedTeam
Abusing GPOs: WMI Filters
https://rastamouse.me/ous-and-gpos-and-wmi-filters-oh-my
@BlueRedTeam
#Blue_Team
Scanner for vulnerabilities in container images, file systems, and Git repositories, as well as for configuration issues and hard-coded secrets
https://github.com/aquasecurity/trivy
@BlueRedTeam
Scanner for vulnerabilities in container images, file systems, and Git repositories, as well as for configuration issues and hard-coded secrets
https://github.com/aquasecurity/trivy
@BlueRedTeam
GitHub
GitHub - aquasecurity/trivy: Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories…
Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more - aquasecurity/trivy
#Blue_Team
Sentinel ATT&CK aims to simplify the rapid deployment of a threat hunting capability that leverages Sysmon and MITRE ATT&CK on Azure Sentinel.
https://github.com/BlueTeamLabs/sentinel-attack
@BlueRedTeam
Sentinel ATT&CK aims to simplify the rapid deployment of a threat hunting capability that leverages Sysmon and MITRE ATT&CK on Azure Sentinel.
https://github.com/BlueTeamLabs/sentinel-attack
@BlueRedTeam
GitHub
GitHub - netevert/sentinel-attack: Tools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon…
Tools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK - netevert/sentinel-attack
#Cobalt_Strike
Cobalt Strike Malleable C2 reference profile
https://github.com/Pernat1y/cobaltstrike-malleable-c2-reference
@BlueRedTeam
Cobalt Strike Malleable C2 reference profile
https://github.com/Pernat1y/cobaltstrike-malleable-c2-reference
@BlueRedTeam
👍2
👍3
#Red_Team
+ Active Directory/Red-Team Cheat-Sheet
https://github.com/RistBS/Awesome-RedTeam-Cheatsheet
+ Windows subsystem for Linux executable
https://lolbas-project.github.io/lolbas/OtherMSBinaries/Wsl
@BlueRedTeam
+ Active Directory/Red-Team Cheat-Sheet
https://github.com/RistBS/Awesome-RedTeam-Cheatsheet
+ Windows subsystem for Linux executable
https://lolbas-project.github.io/lolbas/OtherMSBinaries/Wsl
@BlueRedTeam
GitHub
GitHub - RistBS/Awesome-RedTeam-Cheatsheet: Red Team Cheatsheet in constant expansion.
Red Team Cheatsheet in constant expansion. Contribute to RistBS/Awesome-RedTeam-Cheatsheet development by creating an account on GitHub.
#tools
#Blue_Team
PiRogue tool suite (PTS) - open-source tool suite that provides a comprehensive mobile forensic and network traffic analysis platform
https://github.com/PiRogueToolSuite
@BlueRedTeam
#Blue_Team
PiRogue tool suite (PTS) - open-source tool suite that provides a comprehensive mobile forensic and network traffic analysis platform
https://github.com/PiRogueToolSuite
@BlueRedTeam
GitHub
PTS Project
PiRogue tool suite (PTS) is an open-source tool suite that provides a comprehensive mobile forensics and digital investigation platform. - PTS Project
#Cobalt_Strike
Former attempt at creating a independent Cobalt Strike Beacon
https://github.com/SecIdiot/beacon
@BlueRedTeam
Former attempt at creating a independent Cobalt Strike Beacon
https://github.com/SecIdiot/beacon
@BlueRedTeam
#tools
#Blue_Team
System Informer - A free, powerful, multi-purpose tool that helps you monitor system resources, debug software and detect malware
https://github.com/winsiderss/systeminformer
@BlueRedTeam
#Blue_Team
System Informer - A free, powerful, multi-purpose tool that helps you monitor system resources, debug software and detect malware
https://github.com/winsiderss/systeminformer
@BlueRedTeam
GitHub
GitHub - winsiderss/systeminformer: A free, powerful, multi-purpose tool that helps you monitor system resources, debug software…
A free, powerful, multi-purpose tool that helps you monitor system resources, debug software and detect malware. Brought to you by Winsider Seminars & Solutions, Inc. @ http://www.windows-i...
#Red_Team
+ JWT attacks
https://portswigger.net/web-security/jwt
+ Bypassing CSP with dangling iframes
https://portswigger.net/research/bypassing-csp-with-dangling-iframes
@BlueRedTeam
+ JWT attacks
https://portswigger.net/web-security/jwt
+ Bypassing CSP with dangling iframes
https://portswigger.net/research/bypassing-csp-with-dangling-iframes
@BlueRedTeam
portswigger.net
JWT attacks | Web Security Academy
In this section, we'll look at how design issues and flawed handling of JSON web tokens (JWTs) can leave websites vulnerable to a variety of high-severity ...
#Red_Team
Tools & TTP's for Active Directory Red Teaming
https://github.com/forestallio/ActiveDirectoryRedTeaming
@BlueRedTeam
Tools & TTP's for Active Directory Red Teaming
https://github.com/forestallio/ActiveDirectoryRedTeaming
@BlueRedTeam
GitHub
GitHub - forestallio/ActiveDirectoryRedTeaming: Tools & TTP's for Active Directory Red Teaming
Tools & TTP's for Active Directory Red Teaming. Contribute to forestallio/ActiveDirectoryRedTeaming development by creating an account on GitHub.
#Red_Team
DriftingCloud: Zero-Day Sophos Firewall Exploitation and an Insidious Breach
https://www.volexity.com/blog/2022/06/15/driftingcloud-zero-day-sophos-firewall-exploitation-and-an-insidious-breach
@BlueRedTeam
DriftingCloud: Zero-Day Sophos Firewall Exploitation and an Insidious Breach
https://www.volexity.com/blog/2022/06/15/driftingcloud-zero-day-sophos-firewall-exploitation-and-an-insidious-breach
@BlueRedTeam
Volexity
DriftingCloud: Zero-Day Sophos Firewall Exploitation and an Insidious Breach
Volexity frequently works with individuals and organizations heavily targeted by sophisticated, motivated, and well-equipped threat actors from around the world. Some of these individuals or organizations are attacked infrequently or […]
#webshell
BlueHound is a GUI based scanner program for hunting threats on host.It supports scanning files for webshell,suspicious PE files injected in memory and CobaltStrike's beacon in memory.
https://github.com/10000Tigers/BlueHound
@BlueRedTeam
BlueHound is a GUI based scanner program for hunting threats on host.It supports scanning files for webshell,suspicious PE files injected in memory and CobaltStrike's beacon in memory.
https://github.com/10000Tigers/BlueHound
@BlueRedTeam
GitHub
GitHub - 10000Tigers/BlueHound: BlueHound is a GUI based scanner program for hunting threats on host.It supports scanning files…
BlueHound is a GUI based scanner program for hunting threats on host.It supports scanning files for webshell,suspicious PE files injected in memory and CobaltStrike's beacon in memory. - 10...
#CVE-2022
These are two Python noscripts compiled to easily and quickly apply temporary protection against the CVE-2022-30190 vulnerability (Follina)
https://github.com/SrCroqueta/CVE-2022-30190_Temporary_Fix
@BlueRedTeam
These are two Python noscripts compiled to easily and quickly apply temporary protection against the CVE-2022-30190 vulnerability (Follina)
https://github.com/SrCroqueta/CVE-2022-30190_Temporary_Fix
@BlueRedTeam
GitHub
GitHub - JotaQC/CVE-2022-30190_Temporary_Fix: These are two Python noscripts compiled to easily and quickly apply temporary protection…
These are two Python noscripts compiled to easily and quickly apply temporary protection against the CVE-2022-30190 vulnerability (Follina) - JotaQC/CVE-2022-30190_Temporary_Fix
#CVE-2022
These are the source codes of the Python noscripts to apply the temporary protection against the CVE-2022-30190 vulnerability (Follina)
https://github.com/SrCroqueta/CVE-2022-30190_Temporary_Fix_Source_Code
@BlueRedTeam
These are the source codes of the Python noscripts to apply the temporary protection against the CVE-2022-30190 vulnerability (Follina)
https://github.com/SrCroqueta/CVE-2022-30190_Temporary_Fix_Source_Code
@BlueRedTeam
GitHub
GitHub - SrCroqueta/CVE-2022-30190_Temporary_Fix_Source_Code: These are the source codes of the Python noscripts to apply the temporary…
These are the source codes of the Python noscripts to apply the temporary protection against the CVE-2022-30190 vulnerability (Follina) - GitHub - SrCroqueta/CVE-2022-30190_Temporary_Fix_Source_Code:...
#CVE-2022
CVE-2022-30136 Unauthenticated RCE in Microsoft Windows Network File System
https://github.com/oturu/Cve-2022-30136-RCE
@BlueRedTeam
CVE-2022-30136 Unauthenticated RCE in Microsoft Windows Network File System
https://github.com/oturu/Cve-2022-30136-RCE
@BlueRedTeam