#CVE-2022
Escaping a Docker Container by using CVE-2016-3714 and CVE-2022-0492.
https://github.com/SgtMate/container_escape_showcase
@BlueRedTeam
Escaping a Docker Container by using CVE-2016-3714 and CVE-2022-0492.
https://github.com/SgtMate/container_escape_showcase
@BlueRedTeam
GitHub
GitHub - SgtMate/container_escape_showcase: Escaping a Docker Container for fun.
Escaping a Docker Container for fun. Contribute to SgtMate/container_escape_showcase development by creating an account on GitHub.
👍2
#Cobalt_Strike
A Cobalt Strike memory evasion loader for redteamers
https://github.com/ShadowMccc/MemoryEvasion
@BlueRedTeam
A Cobalt Strike memory evasion loader for redteamers
https://github.com/ShadowMccc/MemoryEvasion
@BlueRedTeam
GitHub
GitHub - ShadowMccc/MemoryEvasion: A Cobalt Strike memory evasion loader for redteamers
A Cobalt Strike memory evasion loader for redteamers - ShadowMccc/MemoryEvasion
❤1👍1
👎1
#CVE-2022
CVE-2022-0441 - MasterStudy LMS 2.7.6
https://github.com/SDragon1205/cve-2022-0441
@BlueRedTeam
CVE-2022-0441 - MasterStudy LMS 2.7.6
https://github.com/SDragon1205/cve-2022-0441
@BlueRedTeam
GitHub
GitHub - SDragon1205/cve-2022-0441: CVE-2022-0441 - MasterStudy LMS 2.7.6
CVE-2022-0441 - MasterStudy LMS 2.7.6. Contribute to SDragon1205/cve-2022-0441 development by creating an account on GitHub.
Donate
💰Monero Wallet :
4BEJqJ2doayRBYJwmQzp59AhsGgpm9gb7PP5uCR6zA7u9Qy8VzUzVNDitJtMVF2ALnBrRbGkuXcoLaguhL2aoeno32RUSBM
💰Monero Wallet :
4BEJqJ2doayRBYJwmQzp59AhsGgpm9gb7PP5uCR6zA7u9Qy8VzUzVNDitJtMVF2ALnBrRbGkuXcoLaguhL2aoeno32RUSBM
👍2
#CVE-2022
Operational information regarding CVE-2022-3602 and CVE-2022-3786, two vulnerabilities in OpenSSL 3
https://github.com/NCSC-NL/OpenSSL-2022
@BlueRedTeam
Operational information regarding CVE-2022-3602 and CVE-2022-3786, two vulnerabilities in OpenSSL 3
https://github.com/NCSC-NL/OpenSSL-2022
@BlueRedTeam
GitHub
GitHub - NCSC-NL/OpenSSL-2022: Operational information regarding CVE-2022-3602 and CVE-2022-3786, two vulnerabilities in OpenSSL…
Operational information regarding CVE-2022-3602 and CVE-2022-3786, two vulnerabilities in OpenSSL 3 - NCSC-NL/OpenSSL-2022
Some useful Telegram channels
@OsintBlackBox
If you are interested in OSINT, the content here will be useful for you.
@Iranian_Osint
If you are interested in OSINT, the content here will be useful for you.
@PfkGit
If you are looking for penetration testing tools, find them here.
@pfk_git
If you are looking for penetration testing tools, find them here.
@Netpentesters ( English )
If you want to become a Pinterester, join this channel.
@Netpentester (Iranian)
If you want to become a Pinterester, join this channel.
@library_Sec
The largest cyber security library in Telegram.
@BlueRedTeam
Red Team and BlueTeam specialized reference.
@Pfk_0day
Learn Cyber Security ( Free )
@OsintBlackBox
If you are interested in OSINT, the content here will be useful for you.
@Iranian_Osint
If you are interested in OSINT, the content here will be useful for you.
@PfkGit
If you are looking for penetration testing tools, find them here.
@pfk_git
If you are looking for penetration testing tools, find them here.
@Netpentesters ( English )
If you want to become a Pinterester, join this channel.
@Netpentester (Iranian)
If you want to become a Pinterester, join this channel.
@library_Sec
The largest cyber security library in Telegram.
@BlueRedTeam
Red Team and BlueTeam specialized reference.
@Pfk_0day
Learn Cyber Security ( Free )
👍1
#Red_Team
A folder to serve tools from during PT/Red Team engagements. Contains common executables and noscripts for privesc, recon, pivoting and CVE exploitation.
https://github.com/tonyarris/srv
@BlueRedTem
A folder to serve tools from during PT/Red Team engagements. Contains common executables and noscripts for privesc, recon, pivoting and CVE exploitation.
https://github.com/tonyarris/srv
@BlueRedTem
GitHub
GitHub - tonyarris/srv: A folder to serve tools from during PT/Red Team engagements. Contains common executables and noscripts for…
A folder to serve tools from during PT/Red Team engagements. Contains common executables and noscripts for privesc, recon, pivoting and CVE exploitation. - tonyarris/srv
🥰3
#Red_Team
A Golang version of the Rusty Recon Botfrom HuskyHacks' Responsible Red Teaming course.
https://github.com/An00bRektn/gopher-recon-bot
@BlueRedTeam
A Golang version of the Rusty Recon Botfrom HuskyHacks' Responsible Red Teaming course.
https://github.com/An00bRektn/gopher-recon-bot
@BlueRedTeam
GitHub
GitHub - An00bRektn/gopher-recon-bot: A Golang version of the Rusty Recon Bot from HuskyHacks' Responsible Red Teaming course.
A Golang version of the Rusty Recon Bot from HuskyHacks' Responsible Red Teaming course. - An00bRektn/gopher-recon-bot
👍3
Avoiding_Memory_Scanners.pdf
529.9 KB
#Red_Team
"Avoiding Memory Scanners: Customizing Malware to Evade YARA, PE-sieve, and More", 2022.
@BlueRedTeam
"Avoiding Memory Scanners: Customizing Malware to Evade YARA, PE-sieve, and More", 2022.
@BlueRedTeam
#Blue_Team
About Detection Engineering
https://cyb3rops.medium.com/about-detection-engineering-44d39e0755f0
@BlueRedTeam
About Detection Engineering
https://cyb3rops.medium.com/about-detection-engineering-44d39e0755f0
@BlueRedTeam
#Red_Team
+ A tool for generating fake code signing certificates or signing real ones
https://github.com/Tylous/Limelighter
+ PoC to invesitgate WMI process execution technique
https://github.com/daem0nc0re/TangledWinExec/tree/main/WmiSpawn
@BlueRedTeam
+ A tool for generating fake code signing certificates or signing real ones
https://github.com/Tylous/Limelighter
+ PoC to invesitgate WMI process execution technique
https://github.com/daem0nc0re/TangledWinExec/tree/main/WmiSpawn
@BlueRedTeam
GitHub
GitHub - Tylous/Limelighter: A tool for generating fake code signing certificates or signing real ones
A tool for generating fake code signing certificates or signing real ones - Tylous/Limelighter
❤2👍1
Some useful Telegram channels
@OsintBlackBox
If you are interested in OSINT, the content here will be useful for you.
@Iranian_Osint
If you are interested in OSINT, the content here will be useful for you.
@PfkGit
If you are looking for penetration testing tools, find them here.
@pfk_git
If you are looking for penetration testing tools, find them here.
@Netpentesters ( English )
If you want to become a Pinterester, join this channel.
@Netpentester (Iranian)
If you want to become a Pinterester, join this channel.
@Library_Sec
Library Cyber Security ( Free )
@OsintBlackBox
If you are interested in OSINT, the content here will be useful for you.
@Iranian_Osint
If you are interested in OSINT, the content here will be useful for you.
@PfkGit
If you are looking for penetration testing tools, find them here.
@pfk_git
If you are looking for penetration testing tools, find them here.
@Netpentesters ( English )
If you want to become a Pinterester, join this channel.
@Netpentester (Iranian)
If you want to become a Pinterester, join this channel.
@Library_Sec
Library Cyber Security ( Free )
👍2😁1
#Blue_Team
Sensitive Command Token
https://blog.thinkst.com/2022/09/sensitive-command-token-so-much-offense.html
@BlueRedTeam
Sensitive Command Token
https://blog.thinkst.com/2022/09/sensitive-command-token-so-much-offense.html
@BlueRedTeam
Thinkst Thoughts
Sensitive Command Token – So much offense in my defense
Introduction: Many people have pointed out that there are a handful of commands that are overwhelmingly run by attackers on compromised hosts (and seldom ever by regular users/usage). Reliably aler…
👍1
#CVE-2022
CVE-2022-39425 PoC
https://github.com/bob11vrdp/CVE-2022-39425
Detects attempts at exploitation of CVE-2022-3602, a remote code execution vulnerability in OpenSSL v 3.0.0 through v.3.0.6
https://github.com/corelight/CVE-2022-3602
@BlueRedTeam
CVE-2022-39425 PoC
https://github.com/bob11vrdp/CVE-2022-39425
Detects attempts at exploitation of CVE-2022-3602, a remote code execution vulnerability in OpenSSL v 3.0.0 through v.3.0.6
https://github.com/corelight/CVE-2022-3602
@BlueRedTeam
GitHub
GitHub - bob11vrdp/CVE-2022-39425: CVE-2022-39425 PoC
CVE-2022-39425 PoC. Contribute to bob11vrdp/CVE-2022-39425 development by creating an account on GitHub.