#Red_Team
+ Creating Processes Using System Calls
https://www.coresecurity.com/core-labs/articles/creating-processes-using-system-calls
]-> PoC: https://github.com/helpsystems/CreateProcess
+ Standalone MITM attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication
https://github.com/kgretzky/evilginx2
@BlueRedTeam
+ Creating Processes Using System Calls
https://www.coresecurity.com/core-labs/articles/creating-processes-using-system-calls
]-> PoC: https://github.com/helpsystems/CreateProcess
+ Standalone MITM attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication
https://github.com/kgretzky/evilginx2
@BlueRedTeam
GitHub
GitHub - fortra/CreateProcess: A small PoC that creates processes in Windows
A small PoC that creates processes in Windows. Contribute to fortra/CreateProcess development by creating an account on GitHub.
Which one are you interested in?
( Everyone should answer )
( Everyone should answer )
Anonymous Poll
65%
Red Team
16%
Blue Team
16%
Purple Team
3%
Other ....
🔥11👏1
#Red_Team
Contains All tools i Use For Red Team OPs in Windows Environment. NOTE: I am not the Creator Of these tools. These are the tools i use.
https://github.com/G37SYS73M/win_tool_hub
@BlueRedTeam
Contains All tools i Use For Red Team OPs in Windows Environment. NOTE: I am not the Creator Of these tools. These are the tools i use.
https://github.com/G37SYS73M/win_tool_hub
@BlueRedTeam
GitHub
GitHub - G37SYS73M/win_tool_hub: Contains All tools i Use For Red Team OPs in Windows Environment. NOTE: I am not the Creator…
Contains All tools i Use For Red Team OPs in Windows Environment. NOTE: I am not the Creator Of these tools. These are the tools i use. - G37SYS73M/win_tool_hub
🔥2👍1
#Blue_Team
+ PICT - Post-Infection Collection Toolkit
https://github.com/thomasareed/pict
+ Powershell noscript to hunt persistences implanted in Windows machines
https://github.com/last-byte/PersistenceSniper
+ PICT - Post-Infection Collection Toolkit
https://github.com/thomasareed/pict
+ Powershell noscript to hunt persistences implanted in Windows machines
https://github.com/last-byte/PersistenceSniper
GitHub
GitHub - thomasareed/pict: Post-Infection Collection Toolkit
Post-Infection Collection Toolkit. Contribute to thomasareed/pict development by creating an account on GitHub.
#Red_Team
Backdooring Office Structures
Part 1 - The Oldschool
https://mgeeky.tech/backdooring-office-structures-part-1-oldschool
Part 2 - Payload Crumbs In Custom Parts
https://mgeeky.tech/payload-crumbs-in-custom-parts
@BlueRedTeam
Backdooring Office Structures
Part 1 - The Oldschool
https://mgeeky.tech/backdooring-office-structures-part-1-oldschool
Part 2 - Payload Crumbs In Custom Parts
https://mgeeky.tech/payload-crumbs-in-custom-parts
@BlueRedTeam
👍1
#Red_Team
1. Attacking and Remediating Excessive Network Share Permissions in Active Directory Environments
https://www.netspi.com/blog/technical/network-penetration-testing/network-share-permissions-powerhuntshares
2. HInvoke and avoiding PInvoke
https://dr4k0nia.github.io/dotnet/coding/2022/08/10/HInvoke-and-avoiding-PInvoke.html
@BlueRedTeam
1. Attacking and Remediating Excessive Network Share Permissions in Active Directory Environments
https://www.netspi.com/blog/technical/network-penetration-testing/network-share-permissions-powerhuntshares
2. HInvoke and avoiding PInvoke
https://dr4k0nia.github.io/dotnet/coding/2022/08/10/HInvoke-and-avoiding-PInvoke.html
@BlueRedTeam
NetSPI
Attacking and Remediating Excessive Network Share Permissions in Active Directory Environments
Learn how to quickly inventory, attack, and remediate network shares configured with excessive permissions assigned to SMB shares in Active Directory environments.
#Blue_Team
+ How to Secure Deployments in Kubernetes
https://www.armosec.io/blog/secure-kubernetes-deployment
+ Kubernetes Security Best Practices: Definitive Guide
https://www.armosec.io/blog/kubernetes-security-best-practices
@BlueRedTeam
+ How to Secure Deployments in Kubernetes
https://www.armosec.io/blog/secure-kubernetes-deployment
+ Kubernetes Security Best Practices: Definitive Guide
https://www.armosec.io/blog/kubernetes-security-best-practices
@BlueRedTeam
ARMO
How to secure Kubernetes Deployment? | ARMO
In this blog post, we’ll explore how to secure Kubernetes deployments and applications in general
#Red_Team
Weaponizing Carbon Lang for Red Team operation
https://github.com/ArchonLabs/Offensive-Carbon
@BlueRedTeam
Weaponizing Carbon Lang for Red Team operation
https://github.com/ArchonLabs/Offensive-Carbon
@BlueRedTeam
GitHub
GitHub - ArchonLabs/Offensive-Carbon: Weaponizing Carbon Lang for Red Team operation
Weaponizing Carbon Lang for Red Team operation. Contribute to ArchonLabs/Offensive-Carbon development by creating an account on GitHub.
#Blue_Team
Detectree
A data visualisation tool for blue teams. It provides a graphical representation of detection data, which allows an analyst generate almost instant opinions about the nature of the underlying activity and to understand complex relationships between the data points.
Ultimately, this can help reduce response time, reduce alert fatigue and facilitate communication between analysts within the teams.
https://github.com/countercept/detectree
@BlueRedTeam
Detectree
A data visualisation tool for blue teams. It provides a graphical representation of detection data, which allows an analyst generate almost instant opinions about the nature of the underlying activity and to understand complex relationships between the data points.
Ultimately, this can help reduce response time, reduce alert fatigue and facilitate communication between analysts within the teams.
https://github.com/countercept/detectree
@BlueRedTeam
👍4
#Red_Team
A methodology to formulate attack paths in a quiet manner using a back-to-basics approach. Originally presented at DEFCON/Red Team Village.
https://github.com/layer8secure/The-Storfield-Methodology
@BlueRedTeam
A methodology to formulate attack paths in a quiet manner using a back-to-basics approach. Originally presented at DEFCON/Red Team Village.
https://github.com/layer8secure/The-Storfield-Methodology
@BlueRedTeam
GitHub
GitHub - layer8secure/The-Storfield-Methodology: A methodology to formulate attack paths in a quiet manner using a back-to-basics…
A methodology to formulate attack paths in a quiet manner using a back-to-basics approach. Originally presented at DEFCON/Red Team Village. - GitHub - layer8secure/The-Storfield-Methodology: A met...
👍1
#Red_Team
In this repo you will find some projects related to Red Teaming
https://github.com/pathakabhi24/RedTeam-Projects
@BlueRedTeam
In this repo you will find some projects related to Red Teaming
https://github.com/pathakabhi24/RedTeam-Projects
@BlueRedTeam
GitHub
GitHub - pathakabhi24/RedTeam-Projects: In this repo you will find some projects related to Red Teaming
In this repo you will find some projects related to Red Teaming - GitHub - pathakabhi24/RedTeam-Projects: In this repo you will find some projects related to Red Teaming
#Cobalt_Strike
Quick python utility I wrote to turn HTTP requests from burp suite into Cobalt Strike Malleable C2 profiles
https://github.com/CodeXTF2/Burp2Malleable
@BlueRedTeam
Quick python utility I wrote to turn HTTP requests from burp suite into Cobalt Strike Malleable C2 profiles
https://github.com/CodeXTF2/Burp2Malleable
@BlueRedTeam
GitHub
GitHub - CodeXTF2/Burp2Malleable: Quick python utility I wrote to turn HTTP requests from burp suite into Cobalt Strike Malleable…
Quick python utility I wrote to turn HTTP requests from burp suite into Cobalt Strike Malleable C2 profiles - CodeXTF2/Burp2Malleable
👍1
#CVE-2022
CVE-2022-24500 Windows SMB Unauthenticated Remote Code Execution Vulnerability
https://github.com/Daro1967/CVE-2022-24500-MASS-RCE
@BlueRedTeam
CVE-2022-24500 Windows SMB Unauthenticated Remote Code Execution Vulnerability
https://github.com/Daro1967/CVE-2022-24500-MASS-RCE
@BlueRedTeam
👍3👎1
#Red_Team
Laboratorio de phishing, para curso Preparación de Campañas Red Team, de una Universidad de Santiago, agosto 2022.
https://github.com/Ppamo/usach_phishing_lab_202208
@BlueRedTeam
Laboratorio de phishing, para curso Preparación de Campañas Red Team, de una Universidad de Santiago, agosto 2022.
https://github.com/Ppamo/usach_phishing_lab_202208
@BlueRedTeam
GitHub
GitHub - Ppamo/usach_phishing_lab_202208: Laboratorio de phishing, para curso Preparación de Campañas Red Team, de una Universidad…
Laboratorio de phishing, para curso Preparación de Campañas Red Team, de una Universidad de Santiago, agosto 2022. - Ppamo/usach_phishing_lab_202208
👍2
#Cobalt_Strike
An all-in-one Cobalt Strike BOF to patch, check and revert AMSI and ETW for x64 process.
https://github.com/ScriptIdiot/patchit
@BlueRedTeam
An all-in-one Cobalt Strike BOF to patch, check and revert AMSI and ETW for x64 process.
https://github.com/ScriptIdiot/patchit
@BlueRedTeam
GitHub
GitHub - ScriptIdiot/BOF-patchit: An all-in-one Cobalt Strike BOF to patch, check and revert AMSI and ETW for x64 process. Both…
An all-in-one Cobalt Strike BOF to patch, check and revert AMSI and ETW for x64 process. Both syscalls and dynamic resolve versions are available. - ScriptIdiot/BOF-patchit
#Cobalt_Strike
Cobalt Strike UDRL for memory scanner evasion.
https://github.com/kyleavery/AceLdr
@BlueRedTeam
Cobalt Strike UDRL for memory scanner evasion.
https://github.com/kyleavery/AceLdr
@BlueRedTeam
GitHub
GitHub - kyleavery/AceLdr: Cobalt Strike UDRL for memory scanner evasion.
Cobalt Strike UDRL for memory scanner evasion. Contribute to kyleavery/AceLdr development by creating an account on GitHub.