RCE in BIG-IP iControl REST (CVE-2022-1388)
This vulnerability could allow an unauthenticated attacker with network access to a BIG-IP system to execute arbitrary system commands, create or delete files, or disable services (CVE-2022-1388)
Dork for Shodan:
https://github.com/sherlocksecurity/CVE-2022-1388_F5_BIG-IP
#web
#cve
#rce
@NetPentesters
This vulnerability could allow an unauthenticated attacker with network access to a BIG-IP system to execute arbitrary system commands, create or delete files, or disable services (CVE-2022-1388)
Dork for Shodan:
http.noscript:"BIG-IP®-+Redirect" +"Server"https://github.com/sherlocksecurity/CVE-2022-1388_F5_BIG-IP
#web
#cve
#rce
@NetPentesters
GitHub
GitHub - sherlocksecurity/CVE-2022-1388-Exploit-POC: PoC for CVE-2022-1388_F5_BIG-IP
PoC for CVE-2022-1388_F5_BIG-IP. Contribute to sherlocksecurity/CVE-2022-1388-Exploit-POC development by creating an account on GitHub.
ICMP-TransferTools is a set of noscripts designed to move files to and from Windows hosts in restricted network environments.
https://github.com/icyguider/ICMP-TransferTools
#icmp
#file
#transfer
#bypass
#firewall
@NetPentesters
https://github.com/icyguider/ICMP-TransferTools
#icmp
#file
#transfer
#bypass
#firewall
@NetPentesters
GitHub
GitHub - icyguider/ICMP-TransferTools: Transfer files to and from a Windows host via ICMP in restricted network environments.
Transfer files to and from a Windows host via ICMP in restricted network environments. - icyguider/ICMP-TransferTools
PPID Spoofing & BlockDLLs with NtCreateUserProcess
https://offensivedefence.co.uk/posts/ntcreateuserprocess
@NetPentesters
https://offensivedefence.co.uk/posts/ntcreateuserprocess
@NetPentesters
offensivedefence.co.uk
PPID Spoofing & BlockDLLs with NtCreateUserProcess
This week, Capt. Meelo released a great blog post on how to call the NtCreateUserProcess API as a substitue for the typical Win32 CreateProcess API. This post will build upon Meelo’s, so I highly encourage you to read it first.
TL;DR, this code (not counting…
TL;DR, this code (not counting…
SearchMap Information Collection Tool
https://reconshell.com/searchmap-information-collection-tool/
@NetPentesters
https://reconshell.com/searchmap-information-collection-tool/
@NetPentesters
Transferring Files over ICMP in Restricted Network Environments
https://icyguider.github.io/2022/02/01/Transferring-Files-Over-ICMP.html
@NetPentesters
https://icyguider.github.io/2022/02/01/Transferring-Files-Over-ICMP.html
@NetPentesters
[ How to Exploit Active Directory ACL Attack Paths Through LDAP Relaying Attacks ]
https://www.praetorian.com/blog/how-to-exploit-active-directory-acl-attack-paths-through-ldap-relaying-attacks/
#ad
#acl
#ldap
#relay
@NetPentesters
https://www.praetorian.com/blog/how-to-exploit-active-directory-acl-attack-paths-through-ldap-relaying-attacks/
#ad
#acl
#ldap
#relay
@NetPentesters
Praetorian
How to Exploit Active Directory ACL Attack Paths Through LDAP Relaying Attacks
Overview This article describes methods by which an attacker can induce a victim user into authenticating using the NT Lan Manager (NTLM) Authentication Protocol to an attacker-controlled “Intranet” site, even in instances where that site points to an external…
Tool to scan user data with neural networks
Octopii is an AI based user information scanner that uses Tesseract's Optical Character Recognition (OCR) and MobileNet's Convolutional Neural Network (CNN) model.
Allows you to detect various forms of government IDs, passports, debit cards, driver's licenses, photographs, signatures, etc.
https://github.com/redhuntlabs/Octopii
#redteam #leak
@NetPentesters
Octopii is an AI based user information scanner that uses Tesseract's Optical Character Recognition (OCR) and MobileNet's Convolutional Neural Network (CNN) model.
Allows you to detect various forms of government IDs, passports, debit cards, driver's licenses, photographs, signatures, etc.
https://github.com/redhuntlabs/Octopii
#redteam #leak
@NetPentesters
GitHub
GitHub - redhuntlabs/Octopii: An AI-powered Personal Identifiable Information (PII) scanner.
An AI-powered Personal Identifiable Information (PII) scanner. - redhuntlabs/Octopii
Maximizing BloodHound with a simple suite of tools
[Maximizing BloodHound with a simple suite of tools]
A set of console utilities for working with Bloodhound. Retrieve/update objects, mark objects as Owned/High Value Targets, delete objects, match shattered passwords (hashcat) with users, execute raw DB query...
https://github.com/knavesec/Max
#AD
#bloodhound
@NetPentesters
[Maximizing BloodHound with a simple suite of tools]
A set of console utilities for working with Bloodhound. Retrieve/update objects, mark objects as Owned/High Value Targets, delete objects, match shattered passwords (hashcat) with users, execute raw DB query...
https://github.com/knavesec/Max
#AD
#bloodhound
@NetPentesters
GitHub
GitHub - knavesec/Max: Maximizing BloodHound. Max is a good boy.
Maximizing BloodHound. Max is a good boy. Contribute to knavesec/Max development by creating an account on GitHub.
SMB Session Spoofing: create a fake SMB Session
https://securityonline.info/smb-session-spoofing-create-a-fake-smb-session/
#SMB
#spoofing
@NetPentesters
https://securityonline.info/smb-session-spoofing-create-a-fake-smb-session/
#SMB
#spoofing
@NetPentesters
VLAN attacks toolkit
The author has nothing to do with those who will use this tool for personal purposes to destroy other people's computer networks. The tools are presented for training purposes to help engineers improve the security of their network.
https://github.com/necreas1ng/VLANPWN
#VLAN
@NetPentesters
The author has nothing to do with those who will use this tool for personal purposes to destroy other people's computer networks. The tools are presented for training purposes to help engineers improve the security of their network.
https://github.com/necreas1ng/VLANPWN
#VLAN
@NetPentesters
Active-Directory-Purple-Teaming
This repository is aimed at sharing the cliff notes for performing Red Teaming of Active Directory System combined with Detection Engineering part of AD Attacks
https://github.com/MirHassanRiaz/Active-Directory-Purple-Teaming
#ad
@NetPentesters
This repository is aimed at sharing the cliff notes for performing Red Teaming of Active Directory System combined with Detection Engineering part of AD Attacks
https://github.com/MirHassanRiaz/Active-Directory-Purple-Teaming
#ad
@NetPentesters
CVE-2022-26937
Microsoft Windows Network File System NLM Portmap Stack Buffer Overflow
https://www.zerodayinitiative.com/blog/2022/6/7/cve-2022-26937-microsoft-windows-network-file-system-nlm-portmap-stack-buffer-overflow
#exploit
@NetPentesters
Microsoft Windows Network File System NLM Portmap Stack Buffer Overflow
https://www.zerodayinitiative.com/blog/2022/6/7/cve-2022-26937-microsoft-windows-network-file-system-nlm-portmap-stack-buffer-overflow
#exploit
@NetPentesters
Zero Day Initiative
Zero Day Initiative — CVE-2022-26937: Microsoft Windows Network File System NLM Portmap Stack Buffer Overflow
In this excerpt of a Trend Micro Vulnerability Research Service vulnerability report, Guy Lederfein and Jason McFadyen of the Trend Micro Research Team detail a recently patched code execution vulnerability in the Microsoft Windows operating system. The bug…
DNS_Tunneling
DNS Tunneling using powershell to download and execute a payload. Works in CLM.
https://github.com/Octoberfest7/DNS_Tunneling
@NetPentesters
DNS Tunneling using powershell to download and execute a payload. Works in CLM.
https://github.com/Octoberfest7/DNS_Tunneling
@NetPentesters
GitHub
GitHub - Octoberfest7/DNS_Tunneling: DNS Tunneling using powershell to download and execute a payload. Works in CLM.
DNS Tunneling using powershell to download and execute a payload. Works in CLM. - Octoberfest7/DNS_Tunneling
Cloud penetration testing
A curateinfrastrucd list of cloud pentesting resource, contains AWS, Azure, Google Cloud
https://github.com/kh4sh3i/cloud-penetration-testing
#Cloud
@NetPentesters
A curateinfrastrucd list of cloud pentesting resource, contains AWS, Azure, Google Cloud
https://github.com/kh4sh3i/cloud-penetration-testing
#Cloud
@NetPentesters
GitHub
GitHub - kh4sh3i/cloud-penetration-testing: A curated list of cloud pentesting resource, contains AWS, Azure, Google Cloud
A curated list of cloud pentesting resource, contains AWS, Azure, Google Cloud - kh4sh3i/cloud-penetration-testing
Aced
Aced is a tool to parse and resolve a single targeted Active Directory principal's DACL. Aced will identify interesting inbound access allowed privileges against the targeted account, resolve the SIDS of the inbound permissions, and present that data to the operator.
Additionally, the logging features of pyldapsearch have been integrated with Aced to log the targeted principal's LDAP attributes locally which can then be parsed by pyldapsearch's companion tool BOFHound to ingest the collected data into BloodHound.
https://github.com/garrettfoster13/aced
#ad
#tools
@NetPentesters
Aced is a tool to parse and resolve a single targeted Active Directory principal's DACL. Aced will identify interesting inbound access allowed privileges against the targeted account, resolve the SIDS of the inbound permissions, and present that data to the operator.
Additionally, the logging features of pyldapsearch have been integrated with Aced to log the targeted principal's LDAP attributes locally which can then be parsed by pyldapsearch's companion tool BOFHound to ingest the collected data into BloodHound.
https://github.com/garrettfoster13/aced
#ad
#tools
@NetPentesters
MikroTik Cloud Hosted Router Universal Unpatchable Jailbreak
Universal "unpatchable" jailbreak for all MikroTik RouterOS versions:
1. Download Cloud Router VM image, boot it in your favourite hypervisor
2. Suspend / save to disk
3. Replace /nova/bin/login with /bin/sh in the saved memory image
4. Restore the running VM from the memory image
https://github.com/pedrib/PoC/blob/master/tools/mikrotik_jailbreak.py
#mikrotik
@NetPentesters
Universal "unpatchable" jailbreak for all MikroTik RouterOS versions:
1. Download Cloud Router VM image, boot it in your favourite hypervisor
2. Suspend / save to disk
3. Replace /nova/bin/login with /bin/sh in the saved memory image
4. Restore the running VM from the memory image
https://github.com/pedrib/PoC/blob/master/tools/mikrotik_jailbreak.py
#mikrotik
@NetPentesters
GitHub
PoC/tools/mikrotik_jailbreak.py at master · pedrib/PoC
Advisories, proof of concept files and exploits that have been made public by @pedrib. - pedrib/PoC
CVE-2022-26937
Windows Network File System Crash PoC
https://github.com/omair2084/CVE-2022-26937
#cve
@NetPentesters
Windows Network File System Crash PoC
https://github.com/omair2084/CVE-2022-26937
#cve
@NetPentesters
GitHub
GitHub - omair2084/CVE-2022-26937: Windows Network File System Crash PoC
Windows Network File System Crash PoC. Contribute to omair2084/CVE-2022-26937 development by creating an account on GitHub.