#Red_Team
Recon noscripts for Red Team and Web blackbox auditing
https://github.com/mtimani/Recon_noscripts
@BlueRedTeam
Recon noscripts for Red Team and Web blackbox auditing
https://github.com/mtimani/Recon_noscripts
@BlueRedTeam
👍1
#Cobalt_Strike
It's just un implementation of in-house CoffLoader supporting #CobaltStrike standard BOF and BSS initialized variables.
Look at the main.c file to change the BOF and its parameters. CobalStrike handles the BOF parameter in a special way, the Arg structure is here to pass parameters easier.
https://github.com/OtterHacker/CoffLoader
@BlueRedTeam
It's just un implementation of in-house CoffLoader supporting #CobaltStrike standard BOF and BSS initialized variables.
Look at the main.c file to change the BOF and its parameters. CobalStrike handles the BOF parameter in a special way, the Arg structure is here to pass parameters easier.
https://github.com/OtterHacker/CoffLoader
@BlueRedTeam
GitHub
GitHub - OtterHacker/CoffLoader
Contribute to OtterHacker/CoffLoader development by creating an account on GitHub.
Python parser for #Cobalt_Strike stagers
Use parse_stager_config.py to search a file for Cobalt Strike stager shellcode. If shellcode is found, it will be extracted in JSON format.
https://github.com/stairwell-inc/cobalt-strike-stager-parser
@BlueRedTeam
Use parse_stager_config.py to search a file for Cobalt Strike stager shellcode. If shellcode is found, it will be extracted in JSON format.
https://github.com/stairwell-inc/cobalt-strike-stager-parser
@BlueRedTeam
GitHub
GitHub - stairwell-inc/cobalt-strike-stager-parser
Contribute to stairwell-inc/cobalt-strike-stager-parser development by creating an account on GitHub.
👍1
#Red_Team
Collection of tooling to use on Red Team engagements.
https://github.com/burnbrian/redteam-tooling
A curated list of Cybersecurity tools for Penetration Testing or Red Teaming.
https://github.com/q0phi80/CybersecurityTools
Eden Red Teaming
https://github.com/Eden-Advisory/altakahun
@BlueRedTeam
Collection of tooling to use on Red Team engagements.
https://github.com/burnbrian/redteam-tooling
A curated list of Cybersecurity tools for Penetration Testing or Red Teaming.
https://github.com/q0phi80/CybersecurityTools
Eden Red Teaming
https://github.com/Eden-Advisory/altakahun
@BlueRedTeam
#Cobalt_Strike
All in 1 repo for anything and everything I work with that is Cobalt Strike related.
https://github.com/Altoid0/CobaltStrike-Library
@BlueRedTeam
All in 1 repo for anything and everything I work with that is Cobalt Strike related.
https://github.com/Altoid0/CobaltStrike-Library
@BlueRedTeam
👍1
#Red_Team
Collection of tooling to use on Red Team engagements.
https://github.com/burnbrian/redteam-utilities
@BlueRedTeam
Collection of tooling to use on Red Team engagements.
https://github.com/burnbrian/redteam-utilities
@BlueRedTeam
#Red_Team
Anti Forensics Tool For Red Teamers, Used For Erasing Footprints In The Post Exploitation Phase.
https://github.com/PaulNorman01/Forensia
@BlueRedTeam
Anti Forensics Tool For Red Teamers, Used For Erasing Footprints In The Post Exploitation Phase.
https://github.com/PaulNorman01/Forensia
@BlueRedTeam
GitHub
GitHub - PaulNorman01/Forensia: Anti Forensics Tool For Red Teamers, Used For Erasing Footprints In The Post Exploitation Phase.
Anti Forensics Tool For Red Teamers, Used For Erasing Footprints In The Post Exploitation Phase. - PaulNorman01/Forensia
#Cobalt_Strike
Support Cobalt Strike's security assessment of other platforms (Linux/MacOS/...), and include the development support of Unix post-penetration module.
https://github.com/gloxec/CrossC2
Wiki 📖 https://gloxec.github.io/CrossC2/en/
@BlueRedTeam
Support Cobalt Strike's security assessment of other platforms (Linux/MacOS/...), and include the development support of Unix post-penetration module.
https://github.com/gloxec/CrossC2
Wiki 📖 https://gloxec.github.io/CrossC2/en/
@BlueRedTeam
GitHub
GitHub - gloxec/CrossC2: generate CobaltStrike's cross-platform payload
generate CobaltStrike's cross-platform payload. Contribute to gloxec/CrossC2 development by creating an account on GitHub.
#C2 #Cobalt_Strike
A Fully Undetectable C2 Server That Communicates Via Google SMTP to evade Antivirus Protections and Network Traffic Restrictions.
C2 Feature:
▫️ Persistence (type persist)
▫️ Shell Access
▫️ System Info (type info)
▫️ More Features Will Be Added
Features:
▫️ FUD Ratio 0/40
▫️ Bypass Any EDR's Solutions
▫️ Bypass Any Network Restrictions
▫️ Commands Are Being Sent in Base64 And Decoded on server side
▫️ No More Tcp Shits
https://github.com/machine1337/gmailc2
@BlueRedTeam
A Fully Undetectable C2 Server That Communicates Via Google SMTP to evade Antivirus Protections and Network Traffic Restrictions.
C2 Feature:
▫️ Persistence (type persist)
▫️ Shell Access
▫️ System Info (type info)
▫️ More Features Will Be Added
Features:
▫️ FUD Ratio 0/40
▫️ Bypass Any EDR's Solutions
▫️ Bypass Any Network Restrictions
▫️ Commands Are Being Sent in Base64 And Decoded on server side
▫️ No More Tcp Shits
https://github.com/machine1337/gmailc2
@BlueRedTeam
GitHub
GitHub - root4031/gmailc2: A Fully Undetectable C2 Server That Communicates Via Google SMTP to evade Antivirus Protections and…
A Fully Undetectable C2 Server That Communicates Via Google SMTP to evade Antivirus Protections and Network Traffic Restrictions - root4031/gmailc2
#Red_Team
A collection of red teaming and adversary emulation related tools, noscripts, techniques, notes, etc.
https://github.com/infosecn1nja/red-team-noscripts
@BlueRedTeam
A collection of red teaming and adversary emulation related tools, noscripts, techniques, notes, etc.
https://github.com/infosecn1nja/red-team-noscripts
@BlueRedTeam
GitHub
GitHub - infosecn1nja/red-team-noscripts: A collection of red teaming and adversary emulation related tools, noscripts, techniques…
A collection of red teaming and adversary emulation related tools, noscripts, techniques, notes, etc - infosecn1nja/red-team-noscripts
#Cobalt_Strike
amd ryzen driver exploit
Cobalt Strike (CS) Beacon Object File (BOF) for kernel exploitation using AMD's Ryzen Master Driver (version 17).
https://github.com/tijme/amd-ryzen-master-driver-v17-exploit
@BlueRedTeam
amd ryzen driver exploit
Cobalt Strike (CS) Beacon Object File (BOF) for kernel exploitation using AMD's Ryzen Master Driver (version 17).
https://github.com/tijme/amd-ryzen-master-driver-v17-exploit
@BlueRedTeam
GitHub
GitHub - tijme/amd-ryzen-master-driver-v17-exploit: Cobalt Strike (CS) Beacon Object File (BOF) for kernel exploitation using AMD's…
Cobalt Strike (CS) Beacon Object File (BOF) for kernel exploitation using AMD's Ryzen Master Driver (version 17). - tijme/amd-ryzen-master-driver-v17-exploit
#Red_Team
Inline-Execute-PE is a suite of Beacon Object Files (BOF's) and an accompanying Aggressor noscript for #Cobalt_Strike that enables Operators to load unmanaged Windows executables into Beacon memory and execute them, retrieving the output and rendering it in the Beacon console.
https://github.com/Octoberfest7/Inline-Execute-PE
@BlueRedTeam
Inline-Execute-PE is a suite of Beacon Object Files (BOF's) and an accompanying Aggressor noscript for #Cobalt_Strike that enables Operators to load unmanaged Windows executables into Beacon memory and execute them, retrieving the output and rendering it in the Beacon console.
https://github.com/Octoberfest7/Inline-Execute-PE
@BlueRedTeam
GitHub
GitHub - Octoberfest7/Inline-Execute-PE: Execute unmanaged Windows executables in CobaltStrike Beacons
Execute unmanaged Windows executables in CobaltStrike Beacons - GitHub - Octoberfest7/Inline-Execute-PE: Execute unmanaged Windows executables in CobaltStrike Beacons
#Red_Team
NativePayload_PE1/PE2 , Injecting Meterpreter Payload bytes into local Process via Delegation Technique + in-memory with delay Changing RWX to X or RX or (both) [Bypassing AVs].
https://github.com/DamonMohammadbagher/NativePayload_PE1
@BlueRedTeam
NativePayload_PE1/PE2 , Injecting Meterpreter Payload bytes into local Process via Delegation Technique + in-memory with delay Changing RWX to X or RX or (both) [Bypassing AVs].
https://github.com/DamonMohammadbagher/NativePayload_PE1
@BlueRedTeam
#Red_Team
This tool is used for backdoor and shellcode generation for various architecture devices.
https://github.com/doudoudedi/hackEmbedded
@BlueRedTeam
This tool is used for backdoor and shellcode generation for various architecture devices.
https://github.com/doudoudedi/hackEmbedded
@BlueRedTeam
👎1
#Red_Team
The shortest payload for a tiny php reverse shell written in 19 bytes using only non-alphanumeric characters. Hex values inside indicate raw bytes.
This will help to bypass WAF and execute PHP reverse shell for RCE.
https://gist.github.com/0xSojalSec/5bee09c7035985ddc13fddb16f191075
@BlueRedTeam
The shortest payload for a tiny php reverse shell written in 19 bytes using only non-alphanumeric characters. Hex values inside indicate raw bytes.
This will help to bypass WAF and execute PHP reverse shell for RCE.
https://gist.github.com/0xSojalSec/5bee09c7035985ddc13fddb16f191075
@BlueRedTeam
#Cobalt_Strike Beacon Notifier
A #?Cobalt Strike Beacon Notifier Via #Telegram #Bot.
Features:
▫️ Showing the Name of the Current User
▫️ Showing the Computer Name of the Current User
▫️ Showing the Type and Version of the Operating System
▫️ Showing the Type of the Process Exec Name
▫️ Showing the Internal IP of the System
▫️ Showing the Enternal IP of the System
https://github.com/lynxbinz/CS-Beacon-Notifier
@BlueRedTeam
A #?Cobalt Strike Beacon Notifier Via #Telegram #Bot.
Features:
▫️ Showing the Name of the Current User
▫️ Showing the Computer Name of the Current User
▫️ Showing the Type and Version of the Operating System
▫️ Showing the Type of the Process Exec Name
▫️ Showing the Internal IP of the System
▫️ Showing the Enternal IP of the System
https://github.com/lynxbinz/CS-Beacon-Notifier
@BlueRedTeam
👍1👎1
#Red_Team
Bypass Userland EDR hooks by Loading Reflective Ntdll in memory from a remote server based on Windows ReleaseID to avoid opening a handle to ntdll, and trigger exported APIs from the export table.
https://github.com/TheD1rkMtr/NTDLLReflection
@BlueRedTeam
Bypass Userland EDR hooks by Loading Reflective Ntdll in memory from a remote server based on Windows ReleaseID to avoid opening a handle to ntdll, and trigger exported APIs from the export table.
https://github.com/TheD1rkMtr/NTDLLReflection
@BlueRedTeam