#Red_Team
+ Living-Off-the-Blindspot - Operating into EDRs’ blindspot
https://www.naksyn.com/edr%20evasion/2022/09/01/operating-into-EDRs-blindspot.html
+ On Bypassing eBPF Security Monitoring
https://blog.doyensec.com/2022/10/11/ebpf-bypass-security-monitoring.html
@BlueRedTeam
+ Living-Off-the-Blindspot - Operating into EDRs’ blindspot
https://www.naksyn.com/edr%20evasion/2022/09/01/operating-into-EDRs-blindspot.html
+ On Bypassing eBPF Security Monitoring
https://blog.doyensec.com/2022/10/11/ebpf-bypass-security-monitoring.html
@BlueRedTeam
Naksyn’s blog
Living-Off-the-Blindspot - Operating into EDRs’ blindspot
Red Teaming and offensive stuff
#Red_Team
1. Pivoting Over TTLS-PAP WPA Enterprise Networks
https://tbhaxor.com/pivoting-over-ttls-pap-wifi-network
2. Active Directory data collector for BloodHound
https://github.com/OPENCYBER-FR/RustHound
@BlueRedTeam
1. Pivoting Over TTLS-PAP WPA Enterprise Networks
https://tbhaxor.com/pivoting-over-ttls-pap-wifi-network
2. Active Directory data collector for BloodHound
https://github.com/OPENCYBER-FR/RustHound
@BlueRedTeam
tbhaxor's Blog
Pivoting Over TTLS-PAP WPA Enterprise Networks
In this post, you will learn how to obtain wifi credentials for a TTLS-PAP enterprise network, connect to the network, and access LAN resources.
#Cobalt_Strike
An alternative screenshot capability for Cobalt Strike that uses WinAPI and does not perform a fork & run. Screenshot saved to disk as a file.
https://github.com/CodeXTF2/ScreenshotBOF
@BlueRedTeam
An alternative screenshot capability for Cobalt Strike that uses WinAPI and does not perform a fork & run. Screenshot saved to disk as a file.
https://github.com/CodeXTF2/ScreenshotBOF
@BlueRedTeam
GitHub
GitHub - CodeXTF2/ScreenshotBOF: An alternative screenshot capability for Cobalt Strike that uses WinAPI and does not perform a…
An alternative screenshot capability for Cobalt Strike that uses WinAPI and does not perform a fork & run. Screenshot downloaded in memory. - CodeXTF2/ScreenshotBOF
#Red_Team
Environment configuration for Red Team Cyber Security testings and tasks
https://github.com/zackjmccann/red-team-security
@BlueRedTeam
Environment configuration for Red Team Cyber Security testings and tasks
https://github.com/zackjmccann/red-team-security
@BlueRedTeam
#Red_Team
Blog about personnal research, Red Team/AD/Maldev & CTF Writeups
https://github.com/0xSV1/NorwegianPasswordSpraying
@BlueRedTeam
Blog about personnal research, Red Team/AD/Maldev & CTF Writeups
https://github.com/0xSV1/NorwegianPasswordSpraying
@BlueRedTeam
GitHub
GitHub - 0xSV1/NorwegianPasswordSpraying: A repository containing lists and different combinations of weak/default passwords (in…
A repository containing lists and different combinations of weak/default passwords (in Norwegian) typically seen during external pentests and red team assessments. Contains seasons, months and holi...
#CVE-2022
Utilities for exploiting vulnerability CVE-2022-40684 (FortiOS / FortiProxy / FortiSwitchManager - Authentication bypass on administrative interface).
https://github.com/und3sc0n0c1d0/CVE-2022-40684
@BlueRedTeam
Utilities for exploiting vulnerability CVE-2022-40684 (FortiOS / FortiProxy / FortiSwitchManager - Authentication bypass on administrative interface).
https://github.com/und3sc0n0c1d0/CVE-2022-40684
@BlueRedTeam
GitHub
GitHub - und3sc0n0c1d0/CVE-2022-40684: Utilities for exploiting vulnerability CVE-2022-40684 (FortiOS / FortiProxy / FortiSwitchManager…
Utilities for exploiting vulnerability CVE-2022-40684 (FortiOS / FortiProxy / FortiSwitchManager - Authentication bypass on administrative interface). - und3sc0n0c1d0/CVE-2022-40684
👍3
#CVE-2022
You can find a python noscript to exploit the vulnerability on Bitbucket related CVE-2022-36804.
https://github.com/khal4n1/CVE-2022-36804
@BlueRedTeam
You can find a python noscript to exploit the vulnerability on Bitbucket related CVE-2022-36804.
https://github.com/khal4n1/CVE-2022-36804
@BlueRedTeam
GitHub
GitHub - khal4n1/CVE-2022-36804: You can find a python noscript to exploit the vulnerability on Bitbucket related CVE-2022-36804.
You can find a python noscript to exploit the vulnerability on Bitbucket related CVE-2022-36804. - khal4n1/CVE-2022-36804
#Blue_Team
How to Investigate Insider Threats (Forensic Methodology)
https://www.inversecos.com/2022/10/how-to-investigate-insider-threats.html
@BlueRedTeam
How to Investigate Insider Threats (Forensic Methodology)
https://www.inversecos.com/2022/10/how-to-investigate-insider-threats.html
@BlueRedTeam
Inversecos
How to Investigate Insider Threats (Forensic Methodology)
👍4
#Red_Team
+ Redeye - Pentest operation tool
https://github.com/redeye-framework/Redeye
+ Bayanay - Python Wardriving
https://github.com/anil-yelken/wardriving
@BlueRedTeam
+ Redeye - Pentest operation tool
https://github.com/redeye-framework/Redeye
+ Bayanay - Python Wardriving
https://github.com/anil-yelken/wardriving
@BlueRedTeam
GitHub
GitHub - redeye-framework/Redeye: Redeye is a tool intended to help you manage your data during a pentest operation
Redeye is a tool intended to help you manage your data during a pentest operation - redeye-framework/Redeye
#Red_Team
RedEye is an open-source analytic tool developed by CISA and DOE’s Pacific Northwest National Laboratory to assist Red Teams with visualizing and reporting command and control activities. This tool, released in October 2022 on GitHub, allows an operator to assess and display complex data, evaluate mitigation strategies, and enable effective decision making in response to a Red Team assessment.
The tool parses logs, such as those from Cobalt Strike, and presents the data in an easily digestible format. The users can then tag and add comments to activities displayed within the tool. The operators can use the RedEye’s presentation mode to present findings and workflow to stakeholders.
https://github.com/cisagov/RedEye
@BlueRedTeam
RedEye is an open-source analytic tool developed by CISA and DOE’s Pacific Northwest National Laboratory to assist Red Teams with visualizing and reporting command and control activities. This tool, released in October 2022 on GitHub, allows an operator to assess and display complex data, evaluate mitigation strategies, and enable effective decision making in response to a Red Team assessment.
The tool parses logs, such as those from Cobalt Strike, and presents the data in an easily digestible format. The users can then tag and add comments to activities displayed within the tool. The operators can use the RedEye’s presentation mode to present findings and workflow to stakeholders.
https://github.com/cisagov/RedEye
@BlueRedTeam
GitHub
GitHub - cisagov/RedEye: RedEye is a visual analytic tool supporting Red & Blue Team operations
RedEye is a visual analytic tool supporting Red & Blue Team operations - cisagov/RedEye
#Red_Team
Template-Driven AV/EDR Evasion Framework.
Modern Penetration Testing and Red Teaming often require bypassing common AV/EDR appliances in order to execute code on a target. With time, defenses are becoming more complex and inherently more difficult to bypass consistently.
Inceptor is a tool that can help to automate a great part of this process, hopefully requiring no further effort.
Inceptor is a template-based PE packer for Windows, designed to help penetration testers and red teamers to bypass common AV and EDR solutions. Inceptor has been designed with a focus on usability, and to allow extensive user customization.
https://github.com/klezVirus/inceptor
@BlueRedTeam
Template-Driven AV/EDR Evasion Framework.
Modern Penetration Testing and Red Teaming often require bypassing common AV/EDR appliances in order to execute code on a target. With time, defenses are becoming more complex and inherently more difficult to bypass consistently.
Inceptor is a tool that can help to automate a great part of this process, hopefully requiring no further effort.
Inceptor is a template-based PE packer for Windows, designed to help penetration testers and red teamers to bypass common AV and EDR solutions. Inceptor has been designed with a focus on usability, and to allow extensive user customization.
https://github.com/klezVirus/inceptor
@BlueRedTeam
GitHub
GitHub - klezVirus/inceptor: Template-Driven AV/EDR Evasion Framework
Template-Driven AV/EDR Evasion Framework. Contribute to klezVirus/inceptor development by creating an account on GitHub.
👍3
#Red_Team
Awesome Command & Control
A collection of awesome Command & Control (C2) frameworks, tools and resources for post-exploitation and red teaming assessments.
https://github.com/tcostam/awesome-command-control
@BlueRedTeam
Awesome Command & Control
A collection of awesome Command & Control (C2) frameworks, tools and resources for post-exploitation and red teaming assessments.
https://github.com/tcostam/awesome-command-control
@BlueRedTeam
GitHub
GitHub - tcostam/awesome-command-control: A collection of awesome Command & Control (C2) frameworks, tools and resources for post…
A collection of awesome Command & Control (C2) frameworks, tools and resources for post-exploitation and red teaming assignments. - tcostam/awesome-command-control
👍2
#Purple_Team
Codecepticon is a .NET application that allows you to obfuscate C#, VBA/VB6 (macros), and PowerShell source code, and is developed for offensive security engagements such as Red/Purple Teams.
What separates Codecepticon from other obfuscators is that it targets the source code rather than the compiled executables, and was developed specifically for AV/EDR evasion
https://github.com/Accenture/Codecepticon
@BlueRedTeam
Codecepticon is a .NET application that allows you to obfuscate C#, VBA/VB6 (macros), and PowerShell source code, and is developed for offensive security engagements such as Red/Purple Teams.
What separates Codecepticon from other obfuscators is that it targets the source code rather than the compiled executables, and was developed specifically for AV/EDR evasion
https://github.com/Accenture/Codecepticon
@BlueRedTeam
GitHub
GitHub - Accenture/Codecepticon: .NET/PowerShell/VBA Offensive Security Obfuscator
.NET/PowerShell/VBA Offensive Security Obfuscator. Contribute to Accenture/Codecepticon development by creating an account on GitHub.
#Purple_Team
EDR-Test
Automating EDR Testing with reference to MITRE ATTACK via Cobalt Strike .
https://github.com/TH3xACE/EDR-Test
@BlueRedTeam
EDR-Test
Automating EDR Testing with reference to MITRE ATTACK via Cobalt Strike .
https://github.com/TH3xACE/EDR-Test
@BlueRedTeam
GitHub
GitHub - TH3xACE/EDR-Test: Automating EDR Testing with reference to MITRE ATTACK via Cobalt Strike [Purple Team].
Automating EDR Testing with reference to MITRE ATTACK via Cobalt Strike [Purple Team]. - GitHub - TH3xACE/EDR-Test: Automating EDR Testing with reference to MITRE ATTACK via Cobalt Strike [Purple ...
#Red_Team
Collection of PoC and offensive techniques used by the BlackArrow Red Team
https://github.com/blackarrowsec/redteam-research
@BlueRedTeam
Collection of PoC and offensive techniques used by the BlackArrow Red Team
https://github.com/blackarrowsec/redteam-research
@BlueRedTeam
GitHub
GitHub - blackarrowsec/redteam-research: Collection of PoC and offensive techniques used by the BlackArrow Red Team
Collection of PoC and offensive techniques used by the BlackArrow Red Team - blackarrowsec/redteam-research
#webshell
a simple webshell build in PHP 7.4 for penetration testing and educational purposes only.
https://github.com/Elliottophellia/ophellia
@BlueRedTeam
a simple webshell build in PHP 7.4 for penetration testing and educational purposes only.
https://github.com/Elliottophellia/ophellia
@BlueRedTeam
GitHub
GitHub - elliottophellia/ophellia: A cutting-edge PHP 7.4+ webshell designed for advanced penetration testing.
A cutting-edge PHP 7.4+ webshell designed for advanced penetration testing. - elliottophellia/ophellia
🔥6
#CVE-2022
TOP All bugbounty pentesting CVE-2022- POC Exp RCE example payload Things
https://github.com/privatenets/Discord-Image-Token-Password-Grabber-Exploit-Cve-2022
@BlueRedTeam
TOP All bugbounty pentesting CVE-2022- POC Exp RCE example payload Things
https://github.com/privatenets/Discord-Image-Token-Password-Grabber-Exploit-Cve-2022
@BlueRedTeam
#Red_Team
RedTeam-OffensiveSecurity
Tools & Interesting Things for RedTeam Ops
https://github.com/bigb0sss/RedTeam-OffensiveSecurity
@BlueRedTeam
RedTeam-OffensiveSecurity
Tools & Interesting Things for RedTeam Ops
https://github.com/bigb0sss/RedTeam-OffensiveSecurity
@BlueRedTeam