#CVE-2022

A Simple bash noscript that patches the CVE-2022-0847 (dirty pipe) kernel vulnerability on Debian 11

https://github.com/ih3na/debian11-dirty_pipe-patcher

@BlueRedTeam

#CVE-2022

metasploit and python module for CVE-2022-26809 windows rpc rce via smb 445

https://github.com/Ziggy78/CVE-2022-26809-RCE

@BlueRedTeam

#Red_Team

Web Hacking and Red Teaming MindMap

https://github.com/N1arut/Pentesting-Mind-Map

@BlueRedTeam

#Red_Team
+ Trick the seclogon service to open a handle to LSASS and duplicate it before it is closed
https://github.com/helpsystems/nanodump/commit/c890da208511bacb09f91c68b935915821f4f0f0
+ Web Cache Deception Attacks
https://securitycafe.ro/2022/07/01/web-cache-deception-attacks

@BlueRedTeam

#CVE-2022

CVE-2022-29464 Exploit

https://github.com/Pasch0/WSO2RCE

@BlueRedTeam

#CVE-2022

An eBPF detection program for CVE-2022-0847

https://github.com/airbus-cert/dirtypipe-ebpf_detection

@BlueRedTeam

#Cobalt_Strike

Public variation of Titan Loader. Tweaks Cobalt Strike's behavior with Import Address Table Hooks

https://github.com/SecIdiot/TitanLdr

@BlueRedTeam

#Red_Team

​Red-Teaming-TTPs

Free Resources to Practice

https://github.com/RoseSecurity/Red-Teaming-TTPs

@BlueRedTeam

#Red_Team

Red Teaming & Active Directory Cheat Sheet

https://github.com/expl0itabl3/Redsheet

@BlueRedTeam

#Red_Team

Red Team Stuffs

https://github.com/6vr/Red-Team-Tips

@BlueRedTeam

#getshell

S2-061 getshell

https://github.com/nevermo0re/S2-061

@BlueRedTeam

#Cobalt_Strike

Cobalt Strike Beacon Object File (BOF) that uses WinStationConnect API to perform local/remote RDP session hijacking.

https://github.com/netero1010/RDPHijack-BOF

@BlueRedTeam

#Red_Team
Scripts to set up Red Team practice labs.

https://github.com/idchoppers/rtsetup

@BlueRedTeam

#Red_Team
Red Team Project Repo

https://github.com/Jarney903/Red-ProjectHub

@BlueRedTeam

#Cobalt_Strike

Cobalt Strike BOF Files with Nim!

https://github.com/byt3bl33d3r/BOF-Nim

@BlueRedTeam

#Cobalt_Strike

RDLL for Cobalt Strike beacon to silence sysmon process

https://github.com/ScriptIdiot/SysmonQuiet

@BlueRedTeam

#Cobalt_Strike

Miscellaneous Cobalt Strike Beacon Object Files

https://github.com/stufus/bofs

@BlueRedTeam

#Red_Team

A framework for visualizing data source coverage, Atomic Red Team test results, and adversary techniques coverage

https://github.com/ColeStrickler/Vizual1zer

@BlueRedTeam

#Cobalt_Strike
​BeaconNotifier-Discord

Cobalt strike CNA noscript to notify you via Discord whenever there is a new beacon.

https://github.com/ScriptIdiot/BeaconNotifier-Discord

@BlueRedTeam

PoshC2

A proxy aware C2 framework used to aid penetration testers with red teaming, post-exploitation and lateral movement.

PoshC2 is primarily written in Python3 and follows a modular format to enable users to add their own modules and tools, allowing an extendible and flexible C2 framework.

Out-of-the-box PoshC2 comes PowerShell/C# and Python2/Python3 implants with payloads written in PowerShell v2 and v4, C++ and C# source code, a variety of executables, DLLs and raw shellcode in addition to a Python2/Python3 payload. These enable C2 functionality on a wide range of devices and operating systems, including Windows, *nix and OSX.

https://github.com/nettitude/PoshC2

Documentation:
https://poshc2.readthedocs.io/en/latest/

@BlueRedTeam

#tools
#Blue_Team

Windows Registry Forensic Analysis using Chainsaw, Wazuh Agent and Sigma Rules
https://socfortress.medium.com/windows-registry-forensic-analysis-using-chainsaw-wazuh-agent-and-sigma-rules-40dbceba7201
+ Exploiting Authentication in AWS IAM Authenticator for Kubernetes
https://blog.lightspin.io/exploiting-eks-authentication-vulnerability-in-aws-iam-authenticator

@BlueRedTeam