A new lateral movement technique using DCOM and HTA
https://codewhitesec.blogspot.com/2018/07/lethalhta.html
2. Elevation of privileges via Resource Based Constrained Delegation
https://pentestlab.blog/2021/10/18/resource-based-constrained-delegation
#RedTeam_Tactics
#RedTeam
@BlueRedTeam
https://codewhitesec.blogspot.com/2018/07/lethalhta.html
2. Elevation of privileges via Resource Based Constrained Delegation
https://pentestlab.blog/2021/10/18/resource-based-constrained-delegation
#RedTeam_Tactics
#RedTeam
@BlueRedTeam
Blogspot
CODE WHITE | Blog: LethalHTA - A new lateral movement technique using DCOM and HTA
The following blog post introduces a new lateral movement technique that combines the power of DCOM and HTA. The research on this t...
Web-based tool for the automation of infosec watching
and vulnerability management with a web interface
https://github.com/Guezone/SECMON
#BlueTeam_Techniques
#BlueTeam
@BlueRedTeam
and vulnerability management with a web interface
https://github.com/Guezone/SECMON
#BlueTeam_Techniques
#BlueTeam
@BlueRedTeam
GitHub
GitHub - alb-uss/SECMON: SECMON is a web-based tool for the automation of infosec watching and vulnerability management with a…
SECMON is a web-based tool for the automation of infosec watching and vulnerability management with a web interface. - alb-uss/SECMON
1. Weaponizing a NFC reader for basic timing attacks
https://ceres-c.it/2021/10/24/weaponizing-NFC-reader
2. Advanced request smuggling
https://portswigger.net/web-security/request-smuggling/advanced
#RedTeam_Tactics
#RedTeam
@blueredteam
https://ceres-c.it/2021/10/24/weaponizing-NFC-reader
2. Advanced request smuggling
https://portswigger.net/web-security/request-smuggling/advanced
#RedTeam_Tactics
#RedTeam
@blueredteam
ceres-c
Weaponizing a NFC reader for basic timing attacks
Towards time accuracy with a python script
#RedTeam_Tactics
#RedTeam
Get shells with JET, the Jolokia Exploitation Toolkit
https://thinkloveshare.com/hacking/shells_with_jolokia_exploitation_toolkit
]-> jolokia-exploitation-toolkit:
https://github.com/laluka/jolokia-exploitation-toolkit
#RedTeam
Get shells with JET, the Jolokia Exploitation Toolkit
https://thinkloveshare.com/hacking/shells_with_jolokia_exploitation_toolkit
]-> jolokia-exploitation-toolkit:
https://github.com/laluka/jolokia-exploitation-toolkit
Thinkloveshare
Get shells with JET, the Jolokia Exploitation Toolkit
I spent too much time hacking on Jolokia, so here's an exploitation toolkit, it provides file read, write, rmi injection, information disclosure, and much more. Enjoy!
#Blue_Team_Techniques
#BlueTeam
1. MalAPI: maps Windows APIs to common techniques used by malware
https://malapi.io
2. How the SolarWinds Hack (almost) went Undetected
https://www.netresec.com/?page=Blog&month=2021-10&post=How-the-SolarWinds-Hack-almost-went-Undetected
@BlueRedTeam
#BlueTeam
1. MalAPI: maps Windows APIs to common techniques used by malware
https://malapi.io
2. How the SolarWinds Hack (almost) went Undetected
https://www.netresec.com/?page=Blog&month=2021-10&post=How-the-SolarWinds-Hack-almost-went-Undetected
@BlueRedTeam
Netresec
How the SolarWinds Hack (almost) went Undetected
My lightning talk from the SEC-T 0x0D conference has now been published on YouTube. This 13 minute talk covers tactics and techniques that the SolarWinds hackers used in order to avoid being detected. Some of these tactics included using DNS based command…
#RedTeam_Tactics
#Redteam
1. Chrome Exploitation:
An old but good case-study
https://blog.haboob.sa/blog/chrome-exploitation-an-old-but-good-case-study
2. DCOM abuse and lateral movement with Cobalt Strike
https://www.pentestpartners.com/security-blog/dcom-abuse-and-lateral-movement-with-cobalt-strike
@BlueRedTeam
#Redteam
1. Chrome Exploitation:
An old but good case-study
https://blog.haboob.sa/blog/chrome-exploitation-an-old-but-good-case-study
2. DCOM abuse and lateral movement with Cobalt Strike
https://www.pentestpartners.com/security-blog/dcom-abuse-and-lateral-movement-with-cobalt-strike
@BlueRedTeam
#BlueTeam_Techniques
#BlueTeam
A methodology for mapping MITRE ATT&CK
techniques to vulnerability records to describe
the impact of a vulnerability
https://github.com/center-for-threat-informed-defense/attack_to_cve
@BlueRedTeam
#BlueTeam
A methodology for mapping MITRE ATT&CK
techniques to vulnerability records to describe
the impact of a vulnerability
https://github.com/center-for-threat-informed-defense/attack_to_cve
@BlueRedTeam
GitHub
GitHub - center-for-threat-informed-defense/attack_to_cve: 🚨ATTENTION🚨 The CVE mappings have migrated to the Center’s Mappings…
🚨ATTENTION🚨 The CVE mappings have migrated to the Center’s Mappings Explorer project. See README below. This repository is kept here as an archive. - center-for-threat-informed-defense/attack_to_cve
#RedTeam_Tactics
#RedTeam
1. Auth Bypass in Google Assistant
https://feed.bugs.xdavidhu.me/bugs/0011
2. A Primer for Testing the Security of GraphQL APIs
https://blog.forcesunseen.com/a-primer-for-testing-the-security-of-graphql-apis
@BlueRedTeam
#RedTeam
1. Auth Bypass in Google Assistant
https://feed.bugs.xdavidhu.me/bugs/0011
2. A Primer for Testing the Security of GraphQL APIs
https://blog.forcesunseen.com/a-primer-for-testing-the-security-of-graphql-apis
@BlueRedTeam
feed.bugs.xdavidhu.me
Malicious webpage can execute Google Assistant commands without any permissions
xdavidhu's bug bounty disclosures.
#Offensive_security
Recon, Vulnerable Code Assessment, Exploit Automation, Bypasses & Patching all one (Python, PHP)
https://blog.riotsecurityteam.com/recon-vulnerable-code-assessment-exploit-automation-bypasses-and-patching-all-one-python-php
@BlueRedTeam
Recon, Vulnerable Code Assessment, Exploit Automation, Bypasses & Patching all one (Python, PHP)
https://blog.riotsecurityteam.com/recon-vulnerable-code-assessment-exploit-automation-bypasses-and-patching-all-one-python-php
@BlueRedTeam
#RedTeam_Tactics
#RedTeam
1. How to tamper the EDR
https://www.infosec.tirol/master-of-puppets-part-ii-how-to-tamper-the-edr
2. Bypassing UAC using DLL hijacking and abusing the "Trusted Directories" verification
https://securityonline.info/dllhijackingscanner-bypassing-uac-using-dll-hijacking
]-> PoC: https://github.com/SecuProject/DLLHijackingScanner/releases
3. Kerberoast With OpSec
https://m365internals.com/2021/11/08/kerberoast-with-opsec
@BlueRedTeam
#RedTeam
1. How to tamper the EDR
https://www.infosec.tirol/master-of-puppets-part-ii-how-to-tamper-the-edr
2. Bypassing UAC using DLL hijacking and abusing the "Trusted Directories" verification
https://securityonline.info/dllhijackingscanner-bypassing-uac-using-dll-hijacking
]-> PoC: https://github.com/SecuProject/DLLHijackingScanner/releases
3. Kerberoast With OpSec
https://m365internals.com/2021/11/08/kerberoast-with-opsec
@BlueRedTeam
#Threat_Research
TA505 exploits SolarWinds Serv-U vulnerability (CVE-2021-35211) for initial access
https://research.nccgroup.com/2021/11/08/ta505-exploits-solarwinds-serv-u-vulnerability-cve-2021-35211-for-initial-access
@BlueRedTeam
TA505 exploits SolarWinds Serv-U vulnerability (CVE-2021-35211) for initial access
https://research.nccgroup.com/2021/11/08/ta505-exploits-solarwinds-serv-u-vulnerability-cve-2021-35211-for-initial-access
@BlueRedTeam
Nccgroup
Cyber Security Research
Cutting-edge cyber security research from NCC Group. Find public reports, technical advisories, analyses, & other novel insights from our global experts.
#BlueTeam_Techniques
#BlueTeam
1. A Zeek package to detect CVE-2021-42292,
a Microsoft Excel local privilege escalation exploit
https://github.com/corelight/CVE-2021-42292
2. RPC Firewall
https://github.com/zeronetworks/rpcfirewall
@BlueRedTeam
#BlueTeam
1. A Zeek package to detect CVE-2021-42292,
a Microsoft Excel local privilege escalation exploit
https://github.com/corelight/CVE-2021-42292
2. RPC Firewall
https://github.com/zeronetworks/rpcfirewall
@BlueRedTeam
GitHub
GitHub - corelight/CVE-2021-42292: A Zeek package to detect CVE-2021-42292, a Microsoft Excel local privilege escalation exploit.
A Zeek package to detect CVE-2021-42292, a Microsoft Excel local privilege escalation exploit. - corelight/CVE-2021-42292