#RedTeam
1. Finding XSS on .apple.com and building a proof of concept to leak your PII information
https://zseano.medium.com/finding-xss-on-apple-com-and-building-a-proof-of-concept-to-leak-your-pii-information-d7bc93cff2df
2. Using CVE-2021-40531 for RCE with Sketch
https://jonpalmisc.com/2021/11/22/cve-2021-40531
@BlueRedTeam
1. Finding XSS on .apple.com and building a proof of concept to leak your PII information
https://zseano.medium.com/finding-xss-on-apple-com-and-building-a-proof-of-concept-to-leak-your-pii-information-d7bc93cff2df
2. Using CVE-2021-40531 for RCE with Sketch
https://jonpalmisc.com/2021/11/22/cve-2021-40531
@BlueRedTeam
Medium
Finding XSS on .apple.com and building a proof of concept to leak your PII information
Back in February of this year I hacked with members of BugBountyHunter.com on a public bug bounty program and we chose Apple as our target…
CVE-2021
Local PoC exploit for CVE-2021-43267 (Linux TIPC)
https://github.com/ohnonoyesyes/CVE-2021-43267
@BlueRedTeam
Local PoC exploit for CVE-2021-43267 (Linux TIPC)
https://github.com/ohnonoyesyes/CVE-2021-43267
@BlueRedTeam
MAL_CL_MindMap.png
2.7 MB
#Infographics
#BlueTeam
MAL-CL (Malicious Command-Line) MindMap
https://github.com/3CORESec/MAL-CL
// aims to collect and document real world and most common "malicious" command-line executions of different tools and utilities
@BlueRedTeam
#BlueTeam
MAL-CL (Malicious Command-Line) MindMap
https://github.com/3CORESec/MAL-CL
// aims to collect and document real world and most common "malicious" command-line executions of different tools and utilities
@BlueRedTeam
#tools
#RedTeam
4-ZERO-3 Tool to bypass 403/401
+ Bash Automation
https://github.com/Dheerajmadhukar/4-ZERO-3
@BlueRedTeam
#RedTeam
4-ZERO-3 Tool to bypass 403/401
+ Bash Automation
https://github.com/Dheerajmadhukar/4-ZERO-3
@BlueRedTeam
GitHub
GitHub - Dheerajmadhukar/4-ZERO-3: 403/401 Bypass Methods + Bash Automation + Your Support ;)
403/401 Bypass Methods + Bash Automation + Your Support ;) - Dheerajmadhukar/4-ZERO-3
#Threat_Research
In-depth analysis of Windows domain name resolution protection mechanism
https://mp.weixin.qq.com/s/MBWv5I-5DNoOrmEGP4kR0A
@BlueRedTeam
In-depth analysis of Windows domain name resolution protection mechanism
https://mp.weixin.qq.com/s/MBWv5I-5DNoOrmEGP4kR0A
@BlueRedTeam
Forwarded from F.P.W Library Sec [ CyberSecurity Book ] (#M)
#Linux #Windows #privilege
Privilege Escalation Techniques: Learn the art of exploiting Windows and Linux systems.
Shere and Support us ❤
T.me/C2Book_News
T.me/Library_Sec
Privilege Escalation Techniques: Learn the art of exploiting Windows and Linux systems.
Shere and Support us ❤
T.me/C2Book_News
T.me/Library_Sec
#RedTeam
1. Offensive tooling notes and experiments in AutoIt v.3
https://github.com/V1V1/OffensiveAutoIt
2. Scan installed EDRs/AVs on Windows
https://www.fourcore.vision/blogs/Red-Team-Adventure:-Digging-into-Windows-Endpoints-for-EDRs-and-profit-cUf
]-> https://github.com/FourCoreLabs/EDRHunt
@BlueRedTeam
1. Offensive tooling notes and experiments in AutoIt v.3
https://github.com/V1V1/OffensiveAutoIt
2. Scan installed EDRs/AVs on Windows
https://www.fourcore.vision/blogs/Red-Team-Adventure:-Digging-into-Windows-Endpoints-for-EDRs-and-profit-cUf
]-> https://github.com/FourCoreLabs/EDRHunt
@BlueRedTeam
GitHub
GitHub - V1V1/OffensiveAutoIt: Offensive tooling notes and experiments in AutoIt v3 (https://www.autoitscript.com/site/autoit/)
Offensive tooling notes and experiments in AutoIt v3 (https://www.autoitscript.com/site/autoit/) - V1V1/OffensiveAutoIt
tbone_v1.0.pdf
482.2 KB
#exploit
TBONE - A zero-click exploit for Tesla MCUs
]-> https://github.com/firmianay/security-paper/tree/master/Vehicle/TBONE%E2%80%93A_zero-click_exploit_for_Tesla_MCUs
@BlueRedTeam
TBONE - A zero-click exploit for Tesla MCUs
]-> https://github.com/firmianay/security-paper/tree/master/Vehicle/TBONE%E2%80%93A_zero-click_exploit_for_Tesla_MCUs
@BlueRedTeam
#RedTeam
A collection of handy and specific tools for the Red Teamer
https://github.com/Vyiel/RedTeamPets
@BlueRedTeam
A collection of handy and specific tools for the Red Teamer
https://github.com/Vyiel/RedTeamPets
@BlueRedTeam
GitHub
GitHub - Vyiel/RedTeamPets: A collection of handy and specific tools for the Red Teamer
A collection of handy and specific tools for the Red Teamer - GitHub - Vyiel/RedTeamPets: A collection of handy and specific tools for the Red Teamer
#exploit
1. CVE-2021-40865:
https://github.com/hktalent/CVE-2021-40865
2. CVE-2021-24084:
Windows MDM LPE
https://github.com/ohnonoyesyes/CVE-2021-24084
]-> Micropatching Unpatched LPE in Mobile Device Management Service
https://blog.0patch.com/2021/11/micropatching-unpatched-local-privilege.html
@BlueRedTeam
1. CVE-2021-40865:
https://github.com/hktalent/CVE-2021-40865
2. CVE-2021-24084:
Windows MDM LPE
https://github.com/ohnonoyesyes/CVE-2021-24084
]-> Micropatching Unpatched LPE in Mobile Device Management Service
https://blog.0patch.com/2021/11/micropatching-unpatched-local-privilege.html
@BlueRedTeam
GitHub
GitHub - hktalent/CVE-2021-40865: CVE-2021-40865
CVE-2021-40865. Contribute to hktalent/CVE-2021-40865 development by creating an account on GitHub.
#BlueTeam
Memory Forensics R&D Illustrated:
Detecting Mimikatz's Skeleton Key Attack
https://volatility-labs.blogspot.com/2021/10/memory-forensics-r-illustrated.html?m=1
@BlueRedTeam
Memory Forensics R&D Illustrated:
Detecting Mimikatz's Skeleton Key Attack
https://volatility-labs.blogspot.com/2021/10/memory-forensics-r-illustrated.html?m=1
@BlueRedTeam
Blogspot
Memory Forensics R&D Illustrated: Detecting Mimikatz's Skeleton Key Attack
In this blog post, we are going to walk you through the research and development process that leads to new and powerful memory analysis capa...
#Threat_Research
Keybase App Vulnerability:
Incomplete Cleanup of Messages In Keybase
for Android/iOS (CVE-2021-34421)
https://www.oliviaohara.com/keybase
@BlueRedTeam
Keybase App Vulnerability:
Incomplete Cleanup of Messages In Keybase
for Android/iOS (CVE-2021-34421)
https://www.oliviaohara.com/keybase
@BlueRedTeam
OLIVIA O'HARA
CVE-2022-22779: Retained Exploded Messages in Keybase Clients for macOS and Windows — OLIVIA O'HARA
In Keybase desktop versions before 5.9.0, users can retain "exploded" messages with a few clever clicks, meaning your sensitive chats may be read after you want them gone.
#tools
#BlueTeam
Testing TLS/SSL encryption anywhere on any port
https://github.com/drwetter/testssl.sh
@BlueRedTeam
#BlueTeam
Testing TLS/SSL encryption anywhere on any port
https://github.com/drwetter/testssl.sh
@BlueRedTeam
GitHub
GitHub - testssl/testssl.sh: Testing TLS/SSL encryption anywhere on any port
Testing TLS/SSL encryption anywhere on any port . Contribute to testssl/testssl.sh development by creating an account on GitHub.
#RedTeam
How to execute shellcodes from memory in Rust
https://kerkour.com/rust-execute-from-memory
]-> 8 techniques to achieve RCE on developers', CI/CD, or users' machines:
https://kerkour.com/rust-crate-backdoor
@BlueRedTeam
How to execute shellcodes from memory in Rust
https://kerkour.com/rust-execute-from-memory
]-> 8 techniques to achieve RCE on developers', CI/CD, or users' machines:
https://kerkour.com/rust-crate-backdoor
@BlueRedTeam
Sylvain Kerkour
How to execute shellcodes from memory in Rust
Executing code from memory in Rust is very dependant of the platform as all modern Operating Systems implement security measures to avoid it. The following applies to Linux. There are at least 3 ways to execute raw instructions from memory: By embedding the…
#exploit
A Collection of Chrome Sandbox Escape POCs/Exploits
for learning
https://github.com/allpaca/chrome-sbx-db
@BlueRedTeam
A Collection of Chrome Sandbox Escape POCs/Exploits
for learning
https://github.com/allpaca/chrome-sbx-db
@BlueRedTeam
GitHub
GitHub - allpaca/chrome-sbx-db: A Collection of Chrome Sandbox Escape POCs/Exploits for learning
A Collection of Chrome Sandbox Escape POCs/Exploits for learning - allpaca/chrome-sbx-db