PowerShell Red Team Enum.
Collection of PowerShell functions a Red Teamer may use to collect data from a machine or gain access to a target. I added ps1 files for the commands that are included in the RedTeamEnum module. This will allow you to easily find and use only one command if that is all you want. If you want the entire module perform the following actions after downloading the RedTeamEnum directory and contents to your device.
https://github.com/tobor88/PowerShell-Red-Team
#PowerShell #RedTeam
@BlueRedTeam
Collection of PowerShell functions a Red Teamer may use to collect data from a machine or gain access to a target. I added ps1 files for the commands that are included in the RedTeamEnum module. This will allow you to easily find and use only one command if that is all you want. If you want the entire module perform the following actions after downloading the RedTeamEnum directory and contents to your device.
https://github.com/tobor88/PowerShell-Red-Team
#PowerShell #RedTeam
@BlueRedTeam
GitHub
GitHub - tobor88/PowerShell-Red-Team: Collection of PowerShell functions a Red Teamer may use in an engagement
Collection of PowerShell functions a Red Teamer may use in an engagement - tobor88/PowerShell-Red-Team
Incident Response collection and processing scripts
with automated reporting scripts
https://github.com/FSecureLABS/LinuxCatScale
#BlueTeam_Techniques
#BlueTeam
@BlueRedTeam
with automated reporting scripts
https://github.com/FSecureLABS/LinuxCatScale
#BlueTeam_Techniques
#BlueTeam
@BlueRedTeam
GitHub
GitHub - WithSecureLabs/LinuxCatScale: Incident Response collection and processing scripts with automated reporting scripts
Incident Response collection and processing scripts with automated reporting scripts - WithSecureLabs/LinuxCatScale
1. CVE-2021-34486:
Windows 20H2 x64 Etw LPE
https://github.com/KaLendsi/CVE-2021-34486
2. CVE-2021-26085 / CVE-2021-26086:
Atlassian Confluence Server 7.5.1 Pre-Authorization Arbitrary File Read vulnerability / Atlassian Jira Server/DataCenter 8.4.0 - Arbitrary File read
https://github.com/ColdFusionX/CVE-2021-26085
https://github.com/ColdFusionX/CVE-2021-26086
#exploit
@BlueRedTeam
Windows 20H2 x64 Etw LPE
https://github.com/KaLendsi/CVE-2021-34486
2. CVE-2021-26085 / CVE-2021-26086:
Atlassian Confluence Server 7.5.1 Pre-Authorization Arbitrary File Read vulnerability / Atlassian Jira Server/DataCenter 8.4.0 - Arbitrary File read
https://github.com/ColdFusionX/CVE-2021-26085
https://github.com/ColdFusionX/CVE-2021-26086
#exploit
@BlueRedTeam
GitHub
GitHub - KaLendsi/CVE-2021-34486: Windows Etw LPE
Windows Etw LPE. Contribute to KaLendsi/CVE-2021-34486 development by creating an account on GitHub.
1. Sysmon For Linux
https://github.com/Sysinternals/SysmonForLinux
]-> Automating the deployment of Sysmon for Linux/Azure Sentinel in a lab environment
https://techcommunity.microsoft.com/t5/azure-sentinel/automating-the-deployment-of-sysmon-for-linux-and-azure-sentinel/ba-p/2847054
#BlueTeam_Techniques
#BlueTeam
@BlueRedTeam
https://github.com/Sysinternals/SysmonForLinux
]-> Automating the deployment of Sysmon for Linux/Azure Sentinel in a lab environment
https://techcommunity.microsoft.com/t5/azure-sentinel/automating-the-deployment-of-sysmon-for-linux-and-azure-sentinel/ba-p/2847054
#BlueTeam_Techniques
#BlueTeam
@BlueRedTeam
GitHub
GitHub - microsoft/SysmonForLinux: Sysmon for Linux
Sysmon for Linux. Contribute to microsoft/SysmonForLinux development by creating an account on GitHub.
1. Compromising vCenter via SAML Certificates
https://www.horizon3.ai/compromising-vcenter-via-saml-certificates
]-> PoC: https://github.com/horizon3ai/vcenter_saml_login
2. Youtube as covert-channel -
C2 by uploading videos to Youtube
https://github.com/ricardojoserf/covert-tube
#RedTeam_Tactics
#RedTeam
@BlueRedTeam
https://www.horizon3.ai/compromising-vcenter-via-saml-certificates
]-> PoC: https://github.com/horizon3ai/vcenter_saml_login
2. Youtube as covert-channel -
C2 by uploading videos to Youtube
https://github.com/ricardojoserf/covert-tube
#RedTeam_Tactics
#RedTeam
@BlueRedTeam
Horizon3.ai
Compromising vCenter via SAML Certificates
A common attack path that Horizon3 has identified across many of its customers is abusing access to the VMware vCenter Identity Provider (IdP) certificate. Security Assertion Markup Language (SAML)…
1. Open-source toolkit for large-scale network analysis
https://github.com/networkit/networkit
2. A Linux Auditd rule set mapped to MITRE's Attack Framework
https://github.com/bfuzzy/auditd-attack
#BlueTeam_Techniques
#BlueTeam
@BlueTeam
https://github.com/networkit/networkit
2. A Linux Auditd rule set mapped to MITRE's Attack Framework
https://github.com/bfuzzy/auditd-attack
#BlueTeam_Techniques
#BlueTeam
@BlueTeam
GitHub
GitHub - networkit/networkit: NetworKit is a growing open-source toolkit for large-scale network analysis.
NetworKit is a growing open-source toolkit for large-scale network analysis. - networkit/networkit
LDAP Monitor:
Monitor creation, deletion and changes to LDAP objects live during your pentest or system administration
https://github.com/p0dalirius/LDAPmonitor
#BlueTeam_Techniques
#BlueTeam
@BlueRedTeam
Monitor creation, deletion and changes to LDAP objects live during your pentest or system administration
https://github.com/p0dalirius/LDAPmonitor
#BlueTeam_Techniques
#BlueTeam
@BlueRedTeam
GitHub
GitHub - p0dalirius/LDAPmonitor: Monitor creation, deletion and changes to LDAP objects live during your pentest or system administration!
Monitor creation, deletion and changes to LDAP objects live during your pentest or system administration! - p0dalirius/LDAPmonitor
A new lateral movement technique using DCOM and HTA
https://codewhitesec.blogspot.com/2018/07/lethalhta.html
2. Elevation of privileges via Resource Based Constrained Delegation
https://pentestlab.blog/2021/10/18/resource-based-constrained-delegation
#RedTeam_Tactics
#RedTeam
@BlueRedTeam
https://codewhitesec.blogspot.com/2018/07/lethalhta.html
2. Elevation of privileges via Resource Based Constrained Delegation
https://pentestlab.blog/2021/10/18/resource-based-constrained-delegation
#RedTeam_Tactics
#RedTeam
@BlueRedTeam
Blogspot
CODE WHITE | Blog: LethalHTA - A new lateral movement technique using DCOM and HTA
The following blog post introduces a new lateral movement technique that combines the power of DCOM and HTA. The research on this t...
Web-based tool for the automation of infosec watching
and vulnerability management with a web interface
https://github.com/Guezone/SECMON
#BlueTeam_Techniques
#BlueTeam
@BlueRedTeam
and vulnerability management with a web interface
https://github.com/Guezone/SECMON
#BlueTeam_Techniques
#BlueTeam
@BlueRedTeam
GitHub
GitHub - alb-uss/SECMON: SECMON is a web-based tool for the automation of infosec watching and vulnerability management with a…
SECMON is a web-based tool for the automation of infosec watching and vulnerability management with a web interface. - alb-uss/SECMON
1. Weaponizing a NFC reader for basic timing attacks
https://ceres-c.it/2021/10/24/weaponizing-NFC-reader
2. Advanced request smuggling
https://portswigger.net/web-security/request-smuggling/advanced
#RedTeam_Tactics
#RedTeam
@blueredteam
https://ceres-c.it/2021/10/24/weaponizing-NFC-reader
2. Advanced request smuggling
https://portswigger.net/web-security/request-smuggling/advanced
#RedTeam_Tactics
#RedTeam
@blueredteam
ceres-c
Weaponizing a NFC reader for basic timing attacks
Towards time accuracy with a python script
#RedTeam_Tactics
#RedTeam
Get shells with JET, the Jolokia Exploitation Toolkit
https://thinkloveshare.com/hacking/shells_with_jolokia_exploitation_toolkit
]-> jolokia-exploitation-toolkit:
https://github.com/laluka/jolokia-exploitation-toolkit
#RedTeam
Get shells with JET, the Jolokia Exploitation Toolkit
https://thinkloveshare.com/hacking/shells_with_jolokia_exploitation_toolkit
]-> jolokia-exploitation-toolkit:
https://github.com/laluka/jolokia-exploitation-toolkit
Thinkloveshare
Get shells with JET, the Jolokia Exploitation Toolkit
I spent too much time hacking on Jolokia, so here's an exploitation toolkit, it provides file read, write, rmi injection, information disclosure, and much more. Enjoy!
#Blue_Team_Techniques
#BlueTeam
1. MalAPI: maps Windows APIs to common techniques used by malware
https://malapi.io
2. How the SolarWinds Hack (almost) went Undetected
https://www.netresec.com/?page=Blog&month=2021-10&post=How-the-SolarWinds-Hack-almost-went-Undetected
@BlueRedTeam
#BlueTeam
1. MalAPI: maps Windows APIs to common techniques used by malware
https://malapi.io
2. How the SolarWinds Hack (almost) went Undetected
https://www.netresec.com/?page=Blog&month=2021-10&post=How-the-SolarWinds-Hack-almost-went-Undetected
@BlueRedTeam
Netresec
How the SolarWinds Hack (almost) went Undetected
My lightning talk from the SEC-T 0x0D conference has now been published on YouTube. This 13 minute talk covers tactics and techniques that the SolarWinds hackers used in order to avoid being detected. Some of these tactics included using DNS based command…
#RedTeam_Tactics
#Redteam
1. Chrome Exploitation:
An old but good case-study
https://blog.haboob.sa/blog/chrome-exploitation-an-old-but-good-case-study
2. DCOM abuse and lateral movement with Cobalt Strike
https://www.pentestpartners.com/security-blog/dcom-abuse-and-lateral-movement-with-cobalt-strike
@BlueRedTeam
#Redteam
1. Chrome Exploitation:
An old but good case-study
https://blog.haboob.sa/blog/chrome-exploitation-an-old-but-good-case-study
2. DCOM abuse and lateral movement with Cobalt Strike
https://www.pentestpartners.com/security-blog/dcom-abuse-and-lateral-movement-with-cobalt-strike
@BlueRedTeam
#BlueTeam_Techniques
#BlueTeam
A methodology for mapping MITRE ATT&CK
techniques to vulnerability records to describe
the impact of a vulnerability
https://github.com/center-for-threat-informed-defense/attack_to_cve
@BlueRedTeam
#BlueTeam
A methodology for mapping MITRE ATT&CK
techniques to vulnerability records to describe
the impact of a vulnerability
https://github.com/center-for-threat-informed-defense/attack_to_cve
@BlueRedTeam
GitHub
GitHub - center-for-threat-informed-defense/attack_to_cve: 🚨ATTENTION🚨 The CVE mappings have migrated to the Center’s Mappings…
🚨ATTENTION🚨 The CVE mappings have migrated to the Center’s Mappings Explorer project. See README below. This repository is kept here as an archive. - center-for-threat-informed-defense/attack_to_cve
#RedTeam_Tactics
#RedTeam
1. Auth Bypass in Google Assistant
https://feed.bugs.xdavidhu.me/bugs/0011
2. A Primer for Testing the Security of GraphQL APIs
https://blog.forcesunseen.com/a-primer-for-testing-the-security-of-graphql-apis
@BlueRedTeam
#RedTeam
1. Auth Bypass in Google Assistant
https://feed.bugs.xdavidhu.me/bugs/0011
2. A Primer for Testing the Security of GraphQL APIs
https://blog.forcesunseen.com/a-primer-for-testing-the-security-of-graphql-apis
@BlueRedTeam
feed.bugs.xdavidhu.me
Malicious webpage can execute Google Assistant commands without any permissions
xdavidhu's bug bounty disclosures.