#CVE-2022
7-Zip CVE-2022-29072 Mitigation - CHM file - This noscript detects if the .chm file exists and removes it.
https://github.com/Phantomiman/7-Zip.chm-mitigiation
#CVE-2022
PoC for Acronis Arbitrary File Read - CVE-2022-45451
https://github.com/alfarom256/CVE-2022-45451
#webshell
webshell alfa php
https://github.com/xstro04002/alfa-shell
CVE-2022-25765 pdfkit <0.8.6 command injection.
https://github.com/shamo0/PDFkit-CMD-Injection
Get root on macOS 13.0.1 with CVE-2022-46689 (macOS equivalent of the Dirty Cow bug), using the testcase extracted from Apple's XNU source.
https://github.com/Conradoduart3/Nft-Grabber-Stealer-Exploit-Cve-2022-Steal-BlockHain-Hack-Nft
@BlueRedTeam
7-Zip CVE-2022-29072 Mitigation - CHM file - This noscript detects if the .chm file exists and removes it.
https://github.com/Phantomiman/7-Zip.chm-mitigiation
#CVE-2022
PoC for Acronis Arbitrary File Read - CVE-2022-45451
https://github.com/alfarom256/CVE-2022-45451
#webshell
webshell alfa php
https://github.com/xstro04002/alfa-shell
CVE-2022-25765 pdfkit <0.8.6 command injection.
https://github.com/shamo0/PDFkit-CMD-Injection
Get root on macOS 13.0.1 with CVE-2022-46689 (macOS equivalent of the Dirty Cow bug), using the testcase extracted from Apple's XNU source.
https://github.com/Conradoduart3/Nft-Grabber-Stealer-Exploit-Cve-2022-Steal-BlockHain-Hack-Nft
@BlueRedTeam
GitHub
GitHub - Phantomiman/7-Zip.chm-Mitigation: 7-Zip CVE-2022-29072 Mitigation - CHM file - This noscript detects if the .chm file exists…
7-Zip CVE-2022-29072 Mitigation - CHM file - This noscript detects if the .chm file exists and removes it. - Phantomiman/7-Zip.chm-Mitigation
👍2
#Red_Team
A small Aggressor noscript to help Red Teams identify foreign processes on a host machine
https://github.com/Octoberfest7/Cohab_Processes
@BlueRedTeam
A small Aggressor noscript to help Red Teams identify foreign processes on a host machine
https://github.com/Octoberfest7/Cohab_Processes
@BlueRedTeam
GitHub
GitHub - Octoberfest7/Cohab_Processes: A small Aggressor noscript to help Red Teams identify foreign processes on a host machine
A small Aggressor noscript to help Red Teams identify foreign processes on a host machine - Octoberfest7/Cohab_Processes
👍1🔥1
#CVE-2022
TOP All bugbounty pentesting CVE-2022- POC Exp RCE example payload Things
https://github.com/Live-Hack-CVE/CVE-2022-20607
TOP All bugbounty pentesting CVE-2022- POC Exp RCE example payload Things
https://github.com/Live-Hack-CVE/CVE-2022-4646
PoC for the CVE-2022-41082 Vulnerability Effecting Microsoft Exchange Servers
https://github.com/balki97/CVE-2022-41082-POC
CVE-2022-2602
https://github.com/LukeGix/CVE-2022-2602
CVE-2022-2602
https://github.com/Live-Hack-CVE/CVE-2022-4633
TOP All bugbounty pentesting CVE-2022- POC Exp RCE example payload Things
https://github.com/Live-Hack-CVE/CVE-2022-25574
CVE-2022-42046 Proof of Concept of wfshbr64.sys local privilege escalation via DKOM
https://github.com/Live-Hack-CVE/CVE-2022-36966
@BlueRedTeam
TOP All bugbounty pentesting CVE-2022- POC Exp RCE example payload Things
https://github.com/Live-Hack-CVE/CVE-2022-20607
TOP All bugbounty pentesting CVE-2022- POC Exp RCE example payload Things
https://github.com/Live-Hack-CVE/CVE-2022-4646
PoC for the CVE-2022-41082 Vulnerability Effecting Microsoft Exchange Servers
https://github.com/balki97/CVE-2022-41082-POC
CVE-2022-2602
https://github.com/LukeGix/CVE-2022-2602
CVE-2022-2602
https://github.com/Live-Hack-CVE/CVE-2022-4633
TOP All bugbounty pentesting CVE-2022- POC Exp RCE example payload Things
https://github.com/Live-Hack-CVE/CVE-2022-25574
CVE-2022-42046 Proof of Concept of wfshbr64.sys local privilege escalation via DKOM
https://github.com/Live-Hack-CVE/CVE-2022-36966
@BlueRedTeam
👍1
#Red_Team
-- FOR EDUCATIONAL USE ONLY -- Proof-of-Concept RCE for CVE-2022-1388, plus some added functionality for blue and red teams
https://github.com/vaelwolf/CVE-2022-1388
@BlueRedTeam
-- FOR EDUCATIONAL USE ONLY -- Proof-of-Concept RCE for CVE-2022-1388, plus some added functionality for blue and red teams
https://github.com/vaelwolf/CVE-2022-1388
@BlueRedTeam
GitHub
GitHub - vaelwolf/CVE-2022-1388: -- FOR EDUCATIONAL USE ONLY -- Proof-of-Concept RCE for CVE-2022-1388, plus some added functionality…
-- FOR EDUCATIONAL USE ONLY -- Proof-of-Concept RCE for CVE-2022-1388, plus some added functionality for blue and red teams - vaelwolf/CVE-2022-1388
👍1
#CVE-2022
Proof-of-concept app to overwrite fonts on iOS using CVE-2022-46689.
https://github.com/zhuowei/WDBFontOverwrite
This repo contains payload for the CVE-2022-36067
https://github.com/Prathamrajgor/Exploit-For-CVE-2022-36067
Proof of concept for CVE-2022-30190 (Follina).
https://github.com/winstxnhdw/CVE-2022-30190
@BlueRedTeam
Proof-of-concept app to overwrite fonts on iOS using CVE-2022-46689.
https://github.com/zhuowei/WDBFontOverwrite
This repo contains payload for the CVE-2022-36067
https://github.com/Prathamrajgor/Exploit-For-CVE-2022-36067
Proof of concept for CVE-2022-30190 (Follina).
https://github.com/winstxnhdw/CVE-2022-30190
@BlueRedTeam
GitHub
GitHub - ginsudev/WDBFontOverwrite: Proof-of-concept app to overwrite fonts on iOS using CVE-2022-46689.
Proof-of-concept app to overwrite fonts on iOS using CVE-2022-46689. - ginsudev/WDBFontOverwrite
👍2
#getshell
WBCE CMS v1.5.4 can implement getshell by modifying the upload file type. CVE project by
https://github.com/Live-Hack-CVE/CVE-2022-46020
#webshell
A polymorphic webshell generator
https://github.com/evaannn/delorean
@BlueRedTeam
WBCE CMS v1.5.4 can implement getshell by modifying the upload file type. CVE project by
@Sn0wAlicehttps://github.com/Live-Hack-CVE/CVE-2022-46020
#webshell
A polymorphic webshell generator
https://github.com/evaannn/delorean
@BlueRedTeam
#Red_Team
Sandman is a backdoor that meant to work on hardened networks during red team engagements.
Sandman works as a stager and leverages NTP (protocol to sync time & date) to download an arbitrary shellcode from a pre defined server.
Since NTP is a protocol that is overlooked by many defenders resulting wide network accessability.
https://github.com/Idov31/Sandman
@BlueRedTeam
Sandman is a backdoor that meant to work on hardened networks during red team engagements.
Sandman works as a stager and leverages NTP (protocol to sync time & date) to download an arbitrary shellcode from a pre defined server.
Since NTP is a protocol that is overlooked by many defenders resulting wide network accessability.
https://github.com/Idov31/Sandman
@BlueRedTeam
GitHub
GitHub - Idov31/Sandman: Sandman is a NTP based backdoor for hardened networks.
Sandman is a NTP based backdoor for hardened networks. - Idov31/Sandman
#Red_Team
A huge chunk of my personal notes since I started playing CTFs and working as a Red Teamer.
https://github.com/0xsyr0/Awesome-Cybersecurity-Handbooks
@BlueRedTeam
A huge chunk of my personal notes since I started playing CTFs and working as a Red Teamer.
https://github.com/0xsyr0/Awesome-Cybersecurity-Handbooks
@BlueRedTeam
GitHub
GitHub - 0xsyr0/Awesome-Cybersecurity-Handbooks: A huge chunk of my personal notes since I started playing CTFs and working as…
A huge chunk of my personal notes since I started playing CTFs and working as a Red Teamer. - 0xsyr0/Awesome-Cybersecurity-Handbooks
🔥7
#Cobalt_Strike
A Cobalt Strike Beacon Notifier Via Telegram Bot.
https://github.com/lynxbinz/CS-Beacon-Notifier
@BlueRedTeam
A Cobalt Strike Beacon Notifier Via Telegram Bot.
https://github.com/lynxbinz/CS-Beacon-Notifier
@BlueRedTeam
GitHub
GitHub - lynxbinz/CS-Beacon-Notifier: A Cobalt Strike Beacon Notifier Via Telegram Bot.
A Cobalt Strike Beacon Notifier Via Telegram Bot. Contribute to lynxbinz/CS-Beacon-Notifier development by creating an account on GitHub.
❤1👍1
#Cobalt_Strike
Cobalt Strike profile generator using Jenkins to automate the heavy lifting
https://github.com/RomanRII/jenkins-strike
@BlueRedTeam
Cobalt Strike profile generator using Jenkins to automate the heavy lifting
https://github.com/RomanRII/jenkins-strike
@BlueRedTeam
GitHub
GitHub - RomanRII/jenkins-strike: Cobalt Strike profile generator using Jenkins to automate the heavy lifting
Cobalt Strike profile generator using Jenkins to automate the heavy lifting - RomanRII/jenkins-strike
#Cobalt_Strike
Code and yara rules for detection and analysis of Cobalt Strike
https://github.com/we1h0/cobaltstrike-yara
@BlueRedTeam
Code and yara rules for detection and analysis of Cobalt Strike
https://github.com/we1h0/cobaltstrike-yara
@BlueRedTeam
GitHub
GitHub - we1h0/cobaltstrike-yara: 用于检测和分析 Cobalt Strike 的 代码和yara规则
用于检测和分析 Cobalt Strike 的 代码和yara规则. Contribute to we1h0/cobaltstrike-yara development by creating an account on GitHub.
👍1
#Cobalt_Strike
Use Alibaba Cloud oss object storage to forward http traffic to implement (cs) Cobalt Strike, msf online, etc. These use Alibaba Cloud's related domain names for communication.
https://github.com/pantom2077/alioss-stinger
@BlueRedTeam
Use Alibaba Cloud oss object storage to forward http traffic to implement (cs) Cobalt Strike, msf online, etc. These use Alibaba Cloud's related domain names for communication.
https://github.com/pantom2077/alioss-stinger
@BlueRedTeam
GitHub
GitHub - pant0m/alioss-stinger: 利用阿里云oss对象存储,来转发http流量实现(cs)Cobalt Strike、msf 上线等 这之间利用阿里云的相关域名进行通信。
利用阿里云oss对象存储,来转发http流量实现(cs)Cobalt Strike、msf 上线等 这之间利用阿里云的相关域名进行通信。 - pant0m/alioss-stinger
👍3
#Red_Team
Red Team Script for Cloud pentest with private Cloud built with OpenShift. Fast Extrated the config information in bootstrap.ign file
https://github.com/Esonhugh/OpenShift_IGN_ConfigFileExtractor
@BlueRedTeam
Red Team Script for Cloud pentest with private Cloud built with OpenShift. Fast Extrated the config information in bootstrap.ign file
https://github.com/Esonhugh/OpenShift_IGN_ConfigFileExtractor
@BlueRedTeam
GitHub
GitHub - Esonhugh/OpenShift_IGN_ConfigFileExtractor: Red Team Script for Cloud pentest with private Cloud built with OpenShift.…
Red Team Script for Cloud pentest with private Cloud built with OpenShift. Fast Extrated the config information in bootstrap.ign file - Esonhugh/OpenShift_IGN_ConfigFileExtractor
redteam_with_onenote (1).pdf
576.3 KB
#Red_Team
RedTeam With OneNote Sections
1. Not affected by Protected View/ MOTW
2. Allows embedding Malicious Excel/Word/PPT files that will be played without protected view
3. Allows embedding HTA, LNK, EXE files and spoof extensions
4. Possible to format document in a way user are tricked into opening a malicious file or a link
@BlueRedTeam
RedTeam With OneNote Sections
1. Not affected by Protected View/ MOTW
2. Allows embedding Malicious Excel/Word/PPT files that will be played without protected view
3. Allows embedding HTA, LNK, EXE files and spoof extensions
4. Possible to format document in a way user are tricked into opening a malicious file or a link
@BlueRedTeam
🔥5👍1😁1
#webshell
A python based webshell discovery and decoder for static packet captures. Designed to be extended for easy identification and decoding of many webshell families.
https://github.com/fredflinch/mothra
Demonstrating the value of entropy as a detection mechanism for obfuscated webshells.
https://github.com/mttaggart/webshell-entropy
@BlueRedTeam
A python based webshell discovery and decoder for static packet captures. Designed to be extended for easy identification and decoding of many webshell families.
https://github.com/fredflinch/mothra
Demonstrating the value of entropy as a detection mechanism for obfuscated webshells.
https://github.com/mttaggart/webshell-entropy
@BlueRedTeam
GitHub
GitHub - fredflinch/mothra: A python based webshell discovery and decoder for static packet captures. Designed to be extended for…
A python based webshell discovery and decoder for static packet captures. Designed to be extended for easy identification and decoding of many webshell families. - fredflinch/mothra
👍1