#Red_Team
Windows Privilege Escalation
Part 1 - Unquoted service paths
https://medium.com/@tinopreter/windows-privilege-escalation-1-unquoted-service-paths-975e3ea6f1e9
Part 2 - Hijacking DLLs
https://medium.com/@tinopreter/windows-privilege-escalation-2-hijacking-dlls-28505b68a978

@BlueRedTeam

#Red_Team

+ EtwSessionHijacking - Poc on blocking Procmon from monitoring network events
https://github.com/ORCx41/EtwSessionHijacking
+ Investigating .NET CLR Usage Log Tampering Techniques For EDR Evasion
https://bohops.com/2022/08/22/investigating-net-clr-usage-log-tampering-techniques-for-edr-evasion-part-2

@BlueRedTeam

🏃‍♂️ آموزش های رایگان امنیت شبکه و تست نفوذ
✅ مقالات حوزه امنیت شبکه و تست نفوذ
🔴 پکیج های آموزشی
🔰 به همراه فیلم های آموزشی رایگان

https://news.1rj.ru/str/irsecurityworld

#Red_Team #Blue_Team
MITRE ATT&CK Matrix for Kubernetes: Tactics & Techniques 

Part 1
Part 2
Part 3

@BlueRedTeam

#Red_Team
Spoofing Call Stacks To Confuse EDRs

https://labs.withsecure.com/blog/spoofing-call-stacks-to-confuse-edrs/

@BlueRedTeam

#Red_Team

Bypassing AppLocker by abusing HashInfo
https://shells.systems/post-bypassing-applocker-by-abusing-hashinfo

@BlueRedTeam

#Red_Team

+ RCE on Spip and Root-Me
https://thinkloveshare.com/hacking/rce_on_spip_and_root_me
]-> v2: https://thinkloveshare.com/hacking/rce_on_spip_and_root_me_v2
+ Guide to DLL Sideloading
https://crypt0ace.github.io/posts/DLL-Sideloading

@BlueRedTeam

#Blue_Team

Process Behaviour Anomaly Detection Using EBPF and Unsupervised-Learning Autoencoders
https://www.evilsocket.net/2022/08/15/Process-behaviour-anomaly-detection-using-eBPF-and-unsupervised-learning-Autoencoders

@BlueRedTeam

#Blue_Team

PersistenceSniper
Powershell noscript that can be used by Blue Teams, Incident Responders and System Administrators to hunt persistences implanted in Windows machines

https://github.com/last-byte/PersistenceSniper/

@BlueRedTeam

Network Penetration Testing:
The people who work in this branch have a good knowledge of infrastructure and network services and the skills and tools of penetration testing, or rather, the skills and tools of hacking to find the weaknesses and vulnerabilities of different equipment and systems. and different network services use, these people must use the latest tools and methods to be able to pass through network security mechanisms to find various network weaknesses.


You can learn these contents in our channel and have access to various resources.


@NetPentesters

Persian Channel : @NetPentester

#Red_Team

For penetration testing / Red Team / CTF / Cybersecurity / Certifications

https://github.com/CyberSecurity2045/Pentest

@BlueRedTeam

#Cobalt_Strike
A position-independent reflective loader for Cobalt Strike

https://github.com/kyleavery/AceLdr

@BlueRedTeam

#Blue_Team

Blueteam operational triage registry hunting/forensic tool.

https://github.com/theflakes/reg_hunter

@BlueRedTeam

#Red_Team

+ UAC Bypass by abusing RPC and debug objects
https://github.com/Kudaes/Elevator
+ Automated Red Team Infrastructure deployement using Docker
https://github.com/khast3x/Redcloud
+ Nmap's XML result parse and NVD's CPE correlation to search CVE
https://github.com/CoolerVoid/Vision2

@BlueRedTeam

#Red_Team

+ Abuse the node.js inspector mechanism in order to force any node.js/electron/v8 based process to execute arbitrary javanoscript code
https://github.com/evilsocket/jscythe
+ BlazingFast DoS method (updated 2022):
Newest version of a BlazingFast bypass
https://github.com/0x44F/blazingfast-dos-updated

@BlueRedTeam

#Red_Team

Bypassing Intel CET with Counterfeit Objects
https://www.offensive-security.com/offsec/bypassing-intel-cet-with-counterfeit-objects


https://gitlab.com/offensive-security/blog/COOP

@BlueRedTeam

#Red_Team

+ Bypass UAC on Windows 10/11 x64 using ms-settings DelegateExecute registry key
https://github.com/hackerhouse-opensource/MsSettingsDelegateExecute
+ UAC bypass for x64 Windows 7-11
https://github.com/zha0gongz1/iscsicpl_bypassUAC

@BlueRedTeam

#Red_Team
+ Exploits undocumented elevated COM interface ICMLuaUtil via process spoofing to edit registry then calls ColorDataProxy to trigger UAC bypass (Win7+)
https://github.com/hackerhouse-opensource/ColorDataProxyUACBypass
+ evilginx2 + gophish
https://github.com/fin3ss3g0d/evilgophish

@BlueRedTeam

#Blue_Team

Windows Security Updates for Hackers
https://blog.bitsadmin.com/blog/windows-security-updates-for-hackers
]-> Windows Exploit Suggester - Next Generation (WES-NG) - A python noscript to analyze systeminfo utility output (WinXP-11):
https://github.com/bitsadmin/wesng

@BlueRedTeam

#Blue_Team

​​PersistenceSniper

Powershell noscript that can be used by Blue Teams, Incident Responders and System Administrators to hunt persistences implanted in Windows machines. The noscript is also available on Powershell Gallery.

https://github.com/last-byte/PersistenceSniper

@BlueRedTeam

#Red_Team

​​Certipy

Certipy is an offensive tool for enumerating and abusing Active Directory Certificate Services (AD CS).

If you're not familiar with AD CS and the various domain escalation techniques, I highly recommend reading Certified Pre-Owned by Will Schroeder and Lee Christensen.

https://github.com/ly4k/Certipy

Certipy 4.0: ESC9 & ESC10, BloodHound GUI, New Authentication and Request Methods — and more!: https://research.ifcr.dk/7237d88061f7

@BlueRedTeam