#webshell
A python based webshell discovery and decoder for static packet captures. Designed to be extended for easy identification and decoding of many webshell families.
https://github.com/fredflinch/mothra
Demonstrating the value of entropy as a detection mechanism for obfuscated webshells.
https://github.com/mttaggart/webshell-entropy
@BlueRedTeam
A python based webshell discovery and decoder for static packet captures. Designed to be extended for easy identification and decoding of many webshell families.
https://github.com/fredflinch/mothra
Demonstrating the value of entropy as a detection mechanism for obfuscated webshells.
https://github.com/mttaggart/webshell-entropy
@BlueRedTeam
GitHub
GitHub - fredflinch/mothra: A python based webshell discovery and decoder for static packet captures. Designed to be extended for…
A python based webshell discovery and decoder for static packet captures. Designed to be extended for easy identification and decoding of many webshell families. - fredflinch/mothra
👍1
#Red_Team
OffensivePipeline allows to download, compile (without Visual Studio) and obfuscate C# tools for Red Team exercises.
https://github.com/Aetsu/OffensivePipeline
@BlueRedTeam
OffensivePipeline allows to download, compile (without Visual Studio) and obfuscate C# tools for Red Team exercises.
https://github.com/Aetsu/OffensivePipeline
@BlueRedTeam
GitHub
GitHub - Aetsu/OffensivePipeline: OfensivePipeline allows you to download and build C# tools, applying certain modifications in…
OfensivePipeline allows you to download and build C# tools, applying certain modifications in order to improve their evasion for Red Team exercises. - Aetsu/OffensivePipeline
👍3
#CVE-2023
Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2023-21543, CVE-2023-21546, CVE-2023-21556, CVE-2023-21679. CVE
https://github.com/Live-Hack-CVE/CVE-2023-21555
@BlueRedTeam
Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2023-21543, CVE-2023-21546, CVE-2023-21556, CVE-2023-21679. CVE
https://github.com/Live-Hack-CVE/CVE-2023-21555
@BlueRedTeam
#Cobalt_Strike
Convert Cobalt Strike profiles to modrewrite noscripts
https://github.com/threatexpress/cs2modrewrite
@BlueRedTeam
Convert Cobalt Strike profiles to modrewrite noscripts
https://github.com/threatexpress/cs2modrewrite
@BlueRedTeam
GitHub
GitHub - threatexpress/cs2modrewrite: Convert Cobalt Strike profiles to modrewrite noscripts
Convert Cobalt Strike profiles to modrewrite noscripts - threatexpress/cs2modrewrite
❤1
#Red_Team
Red Team Tutorial: Design and setup of C2 traffic redirectors
https://ditrizna.medium.com/design-and-setup-of-c2-traffic-redirectors-ec3c11bd227d
@BlueRedTeam
Red Team Tutorial: Design and setup of C2 traffic redirectors
https://ditrizna.medium.com/design-and-setup-of-c2-traffic-redirectors-ec3c11bd227d
@BlueRedTeam
Medium
Red Team Tutorial: Design and setup of C2 traffic redirectors
This article describes the Command & Control (C2) infrastructure design and provides a step-by-step setup of the C2 redirector.
👍1
#Red_Team
I've had so much fun learning rust. This is an excellent example of the power of rust, no EDR unhooking, patching of ETW, syscalls, or LITCRYPT and it calls home against EDRs. More to come soon .
https://twitter.com/Tyl0us/status/1627759675352424460
@BlueRedTeam
I've had so much fun learning rust. This is an excellent example of the power of rust, no EDR unhooking, patching of ETW, syscalls, or LITCRYPT and it calls home against EDRs. More to come soon .
https://twitter.com/Tyl0us/status/1627759675352424460
@BlueRedTeam
This media is not supported in your browser
VIEW IN TELEGRAM
#Red_Team
AMSI Patch to Defeat Windows Defender
In this week's red team tip. I take a look at the new AMSI patch from TheD1rkMtr. I use the patch to slip Invoke-Mimikatz by Windows Defender. Take a look!Amsi Patch to Bypass Windows Defender
AMSI Patch
https://github.com/TheD1rkMtr/AMSI_patch
@BlueRedTeam
AMSI Patch to Defeat Windows Defender
In this week's red team tip. I take a look at the new AMSI patch from TheD1rkMtr. I use the patch to slip Invoke-Mimikatz by Windows Defender. Take a look!Amsi Patch to Bypass Windows Defender
AMSI Patch
https://github.com/TheD1rkMtr/AMSI_patch
@BlueRedTeam
👍2
#webshell
I have webshell of my websites. But how to login to cpanel from webshell?
https://github.com/davidsantur/cpanel
@BlueRedTeam
I have webshell of my websites. But how to login to cpanel from webshell?
https://github.com/davidsantur/cpanel
@BlueRedTeam
GitHub
davidsantur/cpanel
I have webshell of my websites. But how to login to cpanel from webshell? - davidsantur/cpanel
👍1
#Cobalt_Strike
Cobalt Strike (CS) Beacon Object File (BOF) for kernel exploitation using AMD's Ryzen Master Driver (version 17).
https://github.com/tijme/amd-ryzen-master-driver-v17-exploit
@BlueRedTeam
Cobalt Strike (CS) Beacon Object File (BOF) for kernel exploitation using AMD's Ryzen Master Driver (version 17).
https://github.com/tijme/amd-ryzen-master-driver-v17-exploit
@BlueRedTeam
GitHub
GitHub - tijme/amd-ryzen-master-driver-v17-exploit: Cobalt Strike (CS) Beacon Object File (BOF) for kernel exploitation using AMD's…
Cobalt Strike (CS) Beacon Object File (BOF) for kernel exploitation using AMD's Ryzen Master Driver (version 17). - tijme/amd-ryzen-master-driver-v17-exploit
#Red_Team
Cloud Container Attack Tool (CCAT) is a tool for testing security of container environments.
https://github.com/RhinoSecurityLabs/ccat
@BlueRedTeam
Cloud Container Attack Tool (CCAT) is a tool for testing security of container environments.
https://github.com/RhinoSecurityLabs/ccat
@BlueRedTeam
GitHub
GitHub - RhinoSecurityLabs/ccat: Cloud Container Attack Tool (CCAT) is a tool for testing security of container environments.
Cloud Container Attack Tool (CCAT) is a tool for testing security of container environments. - RhinoSecurityLabs/ccat
#Red_Team
Automate recon for red team assessments.
Thoth is a very modular tool that automates the execution of tools during a reconnaissance assessment. Using multithreading, several tools are executed simultaneously. The use of different modules can be adapted on the fly by using module names or risk level as a filter.
https://github.com/r1cksec/thoth
@BlueRedTeam
Automate recon for red team assessments.
Thoth is a very modular tool that automates the execution of tools during a reconnaissance assessment. Using multithreading, several tools are executed simultaneously. The use of different modules can be adapted on the fly by using module names or risk level as a filter.
https://github.com/r1cksec/thoth
@BlueRedTeam
👎1
Red Blue Team
#Red_Team Automate recon for red team assessments. Thoth is a very modular tool that automates the execution of tools during a reconnaissance assessment. Using multithreading, several tools are executed simultaneously. The use of different modules can be…
thoth-master.zip
567.4 KB
👍2👎1
#Red_Team
Some HTB, THM , Red Team Training writeups
https://github.com/opabravo/security-writeups
@BlueRedTeam
Some HTB, THM , Red Team Training writeups
https://github.com/opabravo/security-writeups
@BlueRedTeam
GitHub
GitHub - opabravo/security-writeups: Some HTB, THM, CTF, Penetration Testing, cyber security related resource and writeups
Some HTB, THM, CTF, Penetration Testing, cyber security related resource and writeups - opabravo/security-writeups
👍1
#CVE-2023
A noscript to automate privilege escalation with CVE-2023-22809 vulnerability
https://github.com/n3m1dotsys/CVE-2023-22809-sudoedit-privesc
A noscript to automate privilege escalation with CVE-2023-22809 vulnerability
https://github.com/Live-Hack-CVE/CVE-2023-22884
POC and Scanner for CVE-2023-24055
https://github.com/Live-Hack-CVE/CVE-2023-21867
@BlueRedTeam
A noscript to automate privilege escalation with CVE-2023-22809 vulnerability
https://github.com/n3m1dotsys/CVE-2023-22809-sudoedit-privesc
A noscript to automate privilege escalation with CVE-2023-22809 vulnerability
https://github.com/Live-Hack-CVE/CVE-2023-22884
POC and Scanner for CVE-2023-24055
https://github.com/Live-Hack-CVE/CVE-2023-21867
@BlueRedTeam
GitHub
GitHub - n3m1sys/CVE-2023-22809-sudoedit-privesc: A noscript to automate privilege escalation with CVE-2023-22809 vulnerability
A noscript to automate privilege escalation with CVE-2023-22809 vulnerability - n3m1sys/CVE-2023-22809-sudoedit-privesc
👍1👎1
#webshell
Various webshells. We accept pull requests for additions to this collection.
https://github.com/BlackArch/webshells
@BlueRedTeam
Various webshells. We accept pull requests for additions to this collection.
https://github.com/BlackArch/webshells
@BlueRedTeam
GitHub
GitHub - BlackArch/webshells: Various webshells. We accept pull requests for additions to this collection.
Various webshells. We accept pull requests for additions to this collection. - BlackArch/webshells
#CVE-2023
POC and Scanner for CVE-2023-24055
https://github.com/deetl/CVE-2023-24055
CVE-2023-21839 exp
https://github.com/fakenews2025/CVE-2023-21839
CVE-2023-23132
https://github.com/l00neyhacker/CVE-2023-23132
@BlueRedTeam
POC and Scanner for CVE-2023-24055
https://github.com/deetl/CVE-2023-24055
CVE-2023-21839 exp
https://github.com/fakenews2025/CVE-2023-21839
CVE-2023-23132
https://github.com/l00neyhacker/CVE-2023-23132
@BlueRedTeam
GitHub
GitHub - deetl/CVE-2023-24055: POC and Scanner for CVE-2023-24055
POC and Scanner for CVE-2023-24055. Contribute to deetl/CVE-2023-24055 development by creating an account on GitHub.
👍1