#Threat_Research
In-depth analysis of Windows domain name resolution protection mechanism
https://mp.weixin.qq.com/s/MBWv5I-5DNoOrmEGP4kR0A
@BlueRedTeam
In-depth analysis of Windows domain name resolution protection mechanism
https://mp.weixin.qq.com/s/MBWv5I-5DNoOrmEGP4kR0A
@BlueRedTeam
Forwarded from F.P.W Library Sec [ CyberSecurity Book ] (#M)
#Linux #Windows #privilege
Privilege Escalation Techniques: Learn the art of exploiting Windows and Linux systems.
Shere and Support us ❤
T.me/C2Book_News
T.me/Library_Sec
Privilege Escalation Techniques: Learn the art of exploiting Windows and Linux systems.
Shere and Support us ❤
T.me/C2Book_News
T.me/Library_Sec
#RedTeam
1. Offensive tooling notes and experiments in AutoIt v.3
https://github.com/V1V1/OffensiveAutoIt
2. Scan installed EDRs/AVs on Windows
https://www.fourcore.vision/blogs/Red-Team-Adventure:-Digging-into-Windows-Endpoints-for-EDRs-and-profit-cUf
]-> https://github.com/FourCoreLabs/EDRHunt
@BlueRedTeam
1. Offensive tooling notes and experiments in AutoIt v.3
https://github.com/V1V1/OffensiveAutoIt
2. Scan installed EDRs/AVs on Windows
https://www.fourcore.vision/blogs/Red-Team-Adventure:-Digging-into-Windows-Endpoints-for-EDRs-and-profit-cUf
]-> https://github.com/FourCoreLabs/EDRHunt
@BlueRedTeam
GitHub
GitHub - V1V1/OffensiveAutoIt: Offensive tooling notes and experiments in AutoIt v3 (https://www.autoitscript.com/site/autoit/)
Offensive tooling notes and experiments in AutoIt v3 (https://www.autoitscript.com/site/autoit/) - V1V1/OffensiveAutoIt
tbone_v1.0.pdf
482.2 KB
#exploit
TBONE - A zero-click exploit for Tesla MCUs
]-> https://github.com/firmianay/security-paper/tree/master/Vehicle/TBONE%E2%80%93A_zero-click_exploit_for_Tesla_MCUs
@BlueRedTeam
TBONE - A zero-click exploit for Tesla MCUs
]-> https://github.com/firmianay/security-paper/tree/master/Vehicle/TBONE%E2%80%93A_zero-click_exploit_for_Tesla_MCUs
@BlueRedTeam
#RedTeam
A collection of handy and specific tools for the Red Teamer
https://github.com/Vyiel/RedTeamPets
@BlueRedTeam
A collection of handy and specific tools for the Red Teamer
https://github.com/Vyiel/RedTeamPets
@BlueRedTeam
GitHub
GitHub - Vyiel/RedTeamPets: A collection of handy and specific tools for the Red Teamer
A collection of handy and specific tools for the Red Teamer - GitHub - Vyiel/RedTeamPets: A collection of handy and specific tools for the Red Teamer
#exploit
1. CVE-2021-40865:
https://github.com/hktalent/CVE-2021-40865
2. CVE-2021-24084:
Windows MDM LPE
https://github.com/ohnonoyesyes/CVE-2021-24084
]-> Micropatching Unpatched LPE in Mobile Device Management Service
https://blog.0patch.com/2021/11/micropatching-unpatched-local-privilege.html
@BlueRedTeam
1. CVE-2021-40865:
https://github.com/hktalent/CVE-2021-40865
2. CVE-2021-24084:
Windows MDM LPE
https://github.com/ohnonoyesyes/CVE-2021-24084
]-> Micropatching Unpatched LPE in Mobile Device Management Service
https://blog.0patch.com/2021/11/micropatching-unpatched-local-privilege.html
@BlueRedTeam
GitHub
GitHub - hktalent/CVE-2021-40865: CVE-2021-40865
CVE-2021-40865. Contribute to hktalent/CVE-2021-40865 development by creating an account on GitHub.
#BlueTeam
Memory Forensics R&D Illustrated:
Detecting Mimikatz's Skeleton Key Attack
https://volatility-labs.blogspot.com/2021/10/memory-forensics-r-illustrated.html?m=1
@BlueRedTeam
Memory Forensics R&D Illustrated:
Detecting Mimikatz's Skeleton Key Attack
https://volatility-labs.blogspot.com/2021/10/memory-forensics-r-illustrated.html?m=1
@BlueRedTeam
Blogspot
Memory Forensics R&D Illustrated: Detecting Mimikatz's Skeleton Key Attack
In this blog post, we are going to walk you through the research and development process that leads to new and powerful memory analysis capa...
#Threat_Research
Keybase App Vulnerability:
Incomplete Cleanup of Messages In Keybase
for Android/iOS (CVE-2021-34421)
https://www.oliviaohara.com/keybase
@BlueRedTeam
Keybase App Vulnerability:
Incomplete Cleanup of Messages In Keybase
for Android/iOS (CVE-2021-34421)
https://www.oliviaohara.com/keybase
@BlueRedTeam
OLIVIA O'HARA
CVE-2022-22779: Retained Exploded Messages in Keybase Clients for macOS and Windows — OLIVIA O'HARA
In Keybase desktop versions before 5.9.0, users can retain "exploded" messages with a few clever clicks, meaning your sensitive chats may be read after you want them gone.
#tools
#BlueTeam
Testing TLS/SSL encryption anywhere on any port
https://github.com/drwetter/testssl.sh
@BlueRedTeam
#BlueTeam
Testing TLS/SSL encryption anywhere on any port
https://github.com/drwetter/testssl.sh
@BlueRedTeam
GitHub
GitHub - testssl/testssl.sh: Testing TLS/SSL encryption anywhere on any port
Testing TLS/SSL encryption anywhere on any port . Contribute to testssl/testssl.sh development by creating an account on GitHub.
#RedTeam
How to execute shellcodes from memory in Rust
https://kerkour.com/rust-execute-from-memory
]-> 8 techniques to achieve RCE on developers', CI/CD, or users' machines:
https://kerkour.com/rust-crate-backdoor
@BlueRedTeam
How to execute shellcodes from memory in Rust
https://kerkour.com/rust-execute-from-memory
]-> 8 techniques to achieve RCE on developers', CI/CD, or users' machines:
https://kerkour.com/rust-crate-backdoor
@BlueRedTeam
Sylvain Kerkour
How to execute shellcodes from memory in Rust
Executing code from memory in Rust is very dependant of the platform as all modern Operating Systems implement security measures to avoid it. The following applies to Linux. There are at least 3 ways to execute raw instructions from memory: By embedding the…
#exploit
A Collection of Chrome Sandbox Escape POCs/Exploits
for learning
https://github.com/allpaca/chrome-sbx-db
@BlueRedTeam
A Collection of Chrome Sandbox Escape POCs/Exploits
for learning
https://github.com/allpaca/chrome-sbx-db
@BlueRedTeam
GitHub
GitHub - allpaca/chrome-sbx-db: A Collection of Chrome Sandbox Escape POCs/Exploits for learning
A Collection of Chrome Sandbox Escape POCs/Exploits for learning - allpaca/chrome-sbx-db
#RedTeam
Rust Weaponization for Red Team Engagements
https://github.com/trickster0/OffensiveRust
@BlueRedTeam
Rust Weaponization for Red Team Engagements
https://github.com/trickster0/OffensiveRust
@BlueRedTeam
GitHub
GitHub - trickster0/OffensiveRust: Rust Weaponization for Red Team Engagements.
Rust Weaponization for Red Team Engagements. Contribute to trickster0/OffensiveRust development by creating an account on GitHub.
#BlueTeam
1. Code and yara rules to detect and analyze Cobalt Strike
https://github.com/Te-k/cobaltstrike
]-> https://www.randhome.io/blog/2020/12/20/analyzing-cobalt-strike-for-fun-and-profit
2. APT-Hunter is Threat Hunting tool for windows event logs
https://github.com/ahmedkhlief/APT-Hunter
@BlueRedTeam
1. Code and yara rules to detect and analyze Cobalt Strike
https://github.com/Te-k/cobaltstrike
]-> https://www.randhome.io/blog/2020/12/20/analyzing-cobalt-strike-for-fun-and-profit
2. APT-Hunter is Threat Hunting tool for windows event logs
https://github.com/ahmedkhlief/APT-Hunter
@BlueRedTeam
GitHub
GitHub - Te-k/cobaltstrike: Code and yara rules to detect and analyze Cobalt Strike
Code and yara rules to detect and analyze Cobalt Strike - Te-k/cobaltstrike
#exploit
CVE-2021-21234:
Spring Boot Actuator Logview Directory Traversal
https://pyn3rd.github.io/2021/10/25/CVE-2021-21234-Spring-Boot-Actuator-Logview-Directory-Traversal
@BlueRedTeam
CVE-2021-21234:
Spring Boot Actuator Logview Directory Traversal
https://pyn3rd.github.io/2021/10/25/CVE-2021-21234-Spring-Boot-Actuator-Logview-Directory-Traversal
@BlueRedTeam
Pyn3Rd
CVE-2021-21234 Spring Boot Actuator Logview Directory Traversal
AbstractPrior to spring-boot-actuator-logview 0.2.13, the securityCheck() method exists in LogViewEndpoint, but the securityCheck() method only filter the .. in fileName, ignoring the security check o
#ecploit
Micropatching Unpatched LPE in Mobile Device Management Service (CVE-2021-24084/0day)
https://blog.0patch.com/2021/11/micropatching-unpatched-local-privilege.html
@BlueRedTeam
Micropatching Unpatched LPE in Mobile Device Management Service (CVE-2021-24084/0day)
https://blog.0patch.com/2021/11/micropatching-unpatched-local-privilege.html
@BlueRedTeam
0Patch
Micropatching Unpatched Local Privilege Escalation in Mobile Device Management Service (CVE-2021-24084 / 0day)
by Mitja Kolsek, the 0patch Team Update 12/21/2021: Microsoft provided an official fix for this issue on December 14. Our associated mi...