#Cobalt_Strike
Crypt-Cobalt-Strike-Powershell
Privat crypt Cobalt Strike and powershell
https://github.com/trewisscotch/Crypt-Cobalt-Strike-Powershell
@BlueRedTeam
Crypt-Cobalt-Strike-Powershell
Privat crypt Cobalt Strike and powershell
https://github.com/trewisscotch/Crypt-Cobalt-Strike-Powershell
@BlueRedTeam
👍2
#Red_Team
Mangle is a tool that manipulates aspects of compiled executables (.exe or DLL). Mangle can remove known Indicators of Compromise (IoC) based strings and replace them with random characters, change the file by inflating the size to avoid EDRs, and can clone code-signing certs from legitimate files. In doing so, Mangle helps loaders evade on-disk and in-memory scanners.
https://github.com/optiv/Mangle
@BlueRedTeam
Mangle is a tool that manipulates aspects of compiled executables (.exe or DLL). Mangle can remove known Indicators of Compromise (IoC) based strings and replace them with random characters, change the file by inflating the size to avoid EDRs, and can clone code-signing certs from legitimate files. In doing so, Mangle helps loaders evade on-disk and in-memory scanners.
https://github.com/optiv/Mangle
@BlueRedTeam
GitHub
GitHub - optiv/Mangle: Mangle is a tool that manipulates aspects of compiled executables (.exe or DLL) to avoid detection from…
Mangle is a tool that manipulates aspects of compiled executables (.exe or DLL) to avoid detection from EDRs - optiv/Mangle
#Red_Team
A curated list of awesome search engines useful during Penetration testing, Vulnerability assessments, Red Team operations, Bug Bounty and more
https://github.com/edoardottt/awesome-hacker-search-engines
@BlueRedTeam
A curated list of awesome search engines useful during Penetration testing, Vulnerability assessments, Red Team operations, Bug Bounty and more
https://github.com/edoardottt/awesome-hacker-search-engines
@BlueRedTeam
GitHub
GitHub - edoardottt/awesome-hacker-search-engines: A curated list of awesome search engines useful during Penetration testing,…
A curated list of awesome search engines useful during Penetration testing, Vulnerability assessments, Red/Blue Team operations, Bug Bounty and more - edoardottt/awesome-hacker-search-engines
#Red_Team
SharpSniper
Often a Red Team engagement is more than just achieving Domain Admin. Some clients will want to see if specific users in the domain can be compromised, for example the CEO.
SharpSniper is a simple tool to find the IP address of these users so that you can target their box.
It requires that you have privileges to read logs on Domain Controllers.
First it queries and makes a list of Domain contollers, then search for Log-on events on any of the DCs for the user you are looking for and then reads the most recent DHCP allocated logon IP address.
https://github.com/HunnicCyber/SharpSniper
@BlueRedTeam
SharpSniper
Often a Red Team engagement is more than just achieving Domain Admin. Some clients will want to see if specific users in the domain can be compromised, for example the CEO.
SharpSniper is a simple tool to find the IP address of these users so that you can target their box.
It requires that you have privileges to read logs on Domain Controllers.
First it queries and makes a list of Domain contollers, then search for Log-on events on any of the DCs for the user you are looking for and then reads the most recent DHCP allocated logon IP address.
https://github.com/HunnicCyber/SharpSniper
@BlueRedTeam
GitHub
GitHub - HunnicCyber/SharpSniper: Find specific users in active directory via their username and logon IP address
Find specific users in active directory via their username and logon IP address - HunnicCyber/SharpSniper
👍3
#Red_Team
HacktheBox Synack Red Team Assessment Writeups | Host | Web | Mobile
https://github.com/htbpro/HacktheBox-Synack-Red-Team-Assessment-Writeups-Host-Web-Mobile
@BlueRedTeam
HacktheBox Synack Red Team Assessment Writeups | Host | Web | Mobile
https://github.com/htbpro/HacktheBox-Synack-Red-Team-Assessment-Writeups-Host-Web-Mobile
@BlueRedTeam
#Cobalt_Strike
kernel-mii
Cobalt Strike Beacon Object File foundation for kernel exploitation using CVE-2021-21551.
This is a Cobalt Strike (CS) Beacon Object File (BOF) which exploits CVE-2021-21551. It only overwrites the beacon process token with the system process token. But this BOF is mostly just a good foundation for further kernel exploitation via CS.
https://github.com/tijme/kernel-mii
@BlueRedTeam
kernel-mii
Cobalt Strike Beacon Object File foundation for kernel exploitation using CVE-2021-21551.
This is a Cobalt Strike (CS) Beacon Object File (BOF) which exploits CVE-2021-21551. It only overwrites the beacon process token with the system process token. But this BOF is mostly just a good foundation for further kernel exploitation via CS.
https://github.com/tijme/kernel-mii
@BlueRedTeam
GitHub
GitHub - tijme/kernel-mii: Cobalt Strike (CS) Beacon Object File (BOF) foundation for kernel exploitation using CVE-2021-21551.
Cobalt Strike (CS) Beacon Object File (BOF) foundation for kernel exploitation using CVE-2021-21551. - tijme/kernel-mii
#CVE-2022
CVE-2022-24500 Windows SMB Remote Code Execution Vulnerability
https://github.com/Daro1967/CVE-2022-24500-RCE
@BlueRedTeam
CVE-2022-24500 Windows SMB Remote Code Execution Vulnerability
https://github.com/Daro1967/CVE-2022-24500-RCE
@BlueRedTeam
👎1
#CVE-2022
PoC for CVE-2022-23614 (Twig sort filter code execution)
https://github.com/davwwwx/CVE-2022-23614
@BlueRedTeam
PoC for CVE-2022-23614 (Twig sort filter code execution)
https://github.com/davwwwx/CVE-2022-23614
@BlueRedTeam
GitHub
GitHub - davwwwx/CVE-2022-23614: PoC for CVE-2022-23614 (Twig sort filter code execution/sandbox bypass)
PoC for CVE-2022-23614 (Twig sort filter code execution/sandbox bypass) - davwwwx/CVE-2022-23614
👎1🥰1
#CVE-2022
Verifed Proof of Concept on CVE-2022-24086 RCE
https://github.com/Cory65/CVE-2022-24086-POC
@BlueRedTeam
Verifed Proof of Concept on CVE-2022-24086 RCE
https://github.com/Cory65/CVE-2022-24086-POC
@BlueRedTeam
#Cobalt_Strike
kernel-mii
Cobalt Strike Beacon Object File foundation for kernel exploitation using CVE-2021-21551.
This is a Cobalt Strike (CS) Beacon Object File (BOF) which exploits CVE-2021-21551. It only overwrites the beacon process token with the system process token. But this BOF is mostly just a good foundation for further kernel exploitation via CS.
https://github.com/NorthwaveSecurity/kernel-mii
@BlueRedTeam
kernel-mii
Cobalt Strike Beacon Object File foundation for kernel exploitation using CVE-2021-21551.
This is a Cobalt Strike (CS) Beacon Object File (BOF) which exploits CVE-2021-21551. It only overwrites the beacon process token with the system process token. But this BOF is mostly just a good foundation for further kernel exploitation via CS.
https://github.com/NorthwaveSecurity/kernel-mii
@BlueRedTeam
GitHub
GitHub - NorthwaveSecurity/kernel-mii: Cobalt Strike (CS) Beacon Object File (BOF) foundation for kernel exploitation using CVE…
Cobalt Strike (CS) Beacon Object File (BOF) foundation for kernel exploitation using CVE-2021-21551. - NorthwaveSecurity/kernel-mii
👍3
#Red_Team
Red Team infrastructure as code to perform local pentesting
https://github.com/N1neKitsune/_
@BlueRedTeam
Red Team infrastructure as code to perform local pentesting
https://github.com/N1neKitsune/_
@BlueRedTeam
👎5
#Red_Team
Red Team noscripts written in python
https://github.com/paulkon68/Ethical_Hacking
@BlueRedTeam
Red Team noscripts written in python
https://github.com/paulkon68/Ethical_Hacking
@BlueRedTeam
GitHub
GitHub - paulkon68/Ethical_Hacking: Red Team noscripts written in python
Red Team noscripts written in python. Contribute to paulkon68/Ethical_Hacking development by creating an account on GitHub.
#Red_Team
Weaponizing Carbon Lang for Red Team operation
https://github.com/ArchonLabs/Offensive-Carbon
@BlueRedTeam
Weaponizing Carbon Lang for Red Team operation
https://github.com/ArchonLabs/Offensive-Carbon
@BlueRedTeam
GitHub
GitHub - ArchonLabs/Offensive-Carbon: Weaponizing Carbon Lang for Red Team operation
Weaponizing Carbon Lang for Red Team operation. Contribute to ArchonLabs/Offensive-Carbon development by creating an account on GitHub.
#Red_Team
Rapid Deployment Infrastructure for Red Teaming and Penetration Testing
https://github.com/SamuNoSignal/BetterDiscord-ClearVisionThemeDOOMStyle
@BlueRedTeam
Rapid Deployment Infrastructure for Red Teaming and Penetration Testing
https://github.com/SamuNoSignal/BetterDiscord-ClearVisionThemeDOOMStyle
@BlueRedTeam
GitHub
SamuNoSignal/BetterDiscord-ClearVisionThemeDOOMStyle
Basically it's a few slight changes to the ClearVision theme found on BetterDiscord to adapt it to a DOOM background and lots of red XD. I'm going to leave it so you can download i...
#Red_Team
+ Pivoting For Pentesters
https://www.stevencampbell.info/Pivoting-for-pentesters
+ AMSI Bypass - Memory Patching
https://aidenpearce369.github.io/offsec/AMSI-Memory-Bypass
+ Meterpreter injection technique using C# that attempts to bypass WD
https://github.com/Bl4ckM1rror/ZombieThread
@BlueRedTeam
+ Pivoting For Pentesters
https://www.stevencampbell.info/Pivoting-for-pentesters
+ AMSI Bypass - Memory Patching
https://aidenpearce369.github.io/offsec/AMSI-Memory-Bypass
+ Meterpreter injection technique using C# that attempts to bypass WD
https://github.com/Bl4ckM1rror/ZombieThread
@BlueRedTeam