#CVE-2021
#Log4j
Simple Python 3 script to detect the \"Log4j\" Java library vulnerability (CVE-2021-44228) for a list of URLs with multithreading
https://github.com/kal1gh0st/MyLog4Shell
@BlueRedTeam
#Log4j
Simple Python 3 script to detect the \"Log4j\" Java library vulnerability (CVE-2021-44228) for a list of URLs with multithreading
https://github.com/kal1gh0st/MyLog4Shell
@BlueRedTeam
GitHub
GitHub - kal1gh0st/MyLog4Shell: Simple Python 3 script to detect the "Log4j" Java library vulnerability (CVE-2021-44228) for a…
Simple Python 3 script to detect the "Log4j" Java library vulnerability (CVE-2021-44228) for a list of URLs with multithreading - GitHub - kal1gh0st/MyLog4Shell: Simple Python 3 s...
#Log4j
#CVE-2021
Log4j_dos_CVE-2021-45105
https://github.com/cckuailong/Log4j_dos_CVE-2021-45105
@BlueRedTeam
#CVE-2021
Log4j_dos_CVE-2021-45105
https://github.com/cckuailong/Log4j_dos_CVE-2021-45105
@BlueRedTeam
GitHub
GitHub - cckuailong/Log4j_dos_CVE-2021-45105: Log4j_dos_CVE-2021-45105
Log4j_dos_CVE-2021-45105. Contribute to cckuailong/Log4j_dos_CVE-2021-45105 development by creating an account on GitHub.
#exploit
1. Android: apps have VM_MAYWRITE access to shared zygote JIT mapping
https://bugs.chromium.org/p/project-zero/issues/detail?id=2227
2. CVE-2021-45105:
Log4j2 DOS
https://github.com/cckuailong/Log4j_dos_CVE-2021-45105
@BlueRedTeam
1. Android: apps have VM_MAYWRITE access to shared zygote JIT mapping
https://bugs.chromium.org/p/project-zero/issues/detail?id=2227
2. CVE-2021-45105:
Log4j2 DOS
https://github.com/cckuailong/Log4j_dos_CVE-2021-45105
@BlueRedTeam
GitHub
GitHub - cckuailong/Log4j_dos_CVE-2021-45105: Log4j_dos_CVE-2021-45105
Log4j_dos_CVE-2021-45105. Contribute to cckuailong/Log4j_dos_CVE-2021-45105 development by creating an account on GitHub.
#Red_Team
1. Alternative Process Injection
https://www.netero1010-securitylab.com/eavsion/alternative-process-injection
2. HTTP Parameter Pollution
https://medium.com/geekculture/http-parameter-pollution-981af7894c6e
@BlueRedTeam
1. Alternative Process Injection
https://www.netero1010-securitylab.com/eavsion/alternative-process-injection
2. HTTP Parameter Pollution
https://medium.com/geekculture/http-parameter-pollution-981af7894c6e
@BlueRedTeam
Netero1010-Securitylab
Alternative Process Injection | Netero1010 Security Lab
21 December 2021
#Red_Team
In this project, I acted as both Red Team and Blue Team, alternately, and examined the Kibana log files that were created by my Red Team actions.
https://github.com/Symantha/Project_2-RedTeam-vs-BlueTeam
@BlueRedTeam
In this project, I acted as both Red Team and Blue Team, alternately, and examined the Kibana log files that were created by my Red Team actions.
https://github.com/Symantha/Project_2-RedTeam-vs-BlueTeam
@BlueRedTeam
GitHub
GitHub - Symantha/Project_2-RedTeam-vs-BlueTeam: In this project, I acted as both Red Team and Blue Team, alternately, and examined…
In this project, I acted as both Red Team and Blue Team, alternately, and examined the Kibana log files that were created by my Red Team actions. - GitHub - Symantha/Project_2-RedTeam-vs-BlueTeam: ...
#CVE-2021
#Log4Shell
Searches filesystem for CVE-2021-44228 and CVE-2021-45046 vulnerable instances, including embedded (jar/war/zip) packaged ones.
https://github.com/HynekPetrak/log4shell_finder
@BlueRedTeam
#Log4Shell
Searches filesystem for CVE-2021-44228 and CVE-2021-45046 vulnerable instances, including embedded (jar/war/zip) packaged ones.
https://github.com/HynekPetrak/log4shell_finder
@BlueRedTeam
GitHub
GitHub - HynekPetrak/log4shell-finder: Fastest filesystem scanner for log4shell (CVE-2021-44228, CVE-2021-45046) and other vulnerable…
Fastest filesystem scanner for log4shell (CVE-2021-44228, CVE-2021-45046) and other vulnerable (CVE-2017-5645, CVE-2019-17571, CVE-2022-23305, CVE-2022-23307 ... ) instances of log4j library. Excel...
#CVE-2021
#log4j
Vulerability analysis, patch management and exploitation tool CVE-2021-44228 / CVE-2021-45046 / CVE-2021-4104
https://github.com/TheInterception/Log4J-Simulation-Tool
@BlueRedTeam
#log4j
Vulerability analysis, patch management and exploitation tool CVE-2021-44228 / CVE-2021-45046 / CVE-2021-4104
https://github.com/TheInterception/Log4J-Simulation-Tool
@BlueRedTeam
GitHub
GitHub - TheInterception/Log4J-Simulation-Tool: Vulnerability analysis, patch management and exploitation tool forCVE-2021-44228…
Vulnerability analysis, patch management and exploitation tool forCVE-2021-44228 / CVE-2021-45046 / CVE-2021-4104 - TheInterception/Log4J-Simulation-Tool
#Red_Team
1. Primary Access Token Manipulation
https://www.ired.team/offensive-security/privilege-escalation/t1134-access-token-manipulation
2. Cover tracks during Linux Exploitation by leaving zero traces on system logs and filesystem timestamps
https://github.com/mufeedvh/moonwalk
@BlueRedTeam
1. Primary Access Token Manipulation
https://www.ired.team/offensive-security/privilege-escalation/t1134-access-token-manipulation
2. Cover tracks during Linux Exploitation by leaving zero traces on system logs and filesystem timestamps
https://github.com/mufeedvh/moonwalk
@BlueRedTeam
www.ired.team
Primary Access Token Manipulation | Red Team Notes
Defense Evasion, Privilege Escalation by stealing an re-using security access tokens.
#exploit
1. Microsoft Office Word MSHTML RCE
https://github.com/34zY/Microsoft-Office-Word-MSHTML-Remote-Code-Execution-Exploit
2. HSMX Internet Gateway Vulnerability Exploitation including RCE - a guest Wi-Fi system used in hundreds of hotels
https://web.archive.org/web/20211123141312/http://etizazmohsin.com/hsmx.html
@BlueRedTeam
1. Microsoft Office Word MSHTML RCE
https://github.com/34zY/Microsoft-Office-Word-MSHTML-Remote-Code-Execution-Exploit
2. HSMX Internet Gateway Vulnerability Exploitation including RCE - a guest Wi-Fi system used in hundreds of hotels
https://web.archive.org/web/20211123141312/http://etizazmohsin.com/hsmx.html
@BlueRedTeam
GitHub
GitHub - 34zY/Microsoft-Office-Word-MSHTML-Remote-Code-Execution-Exploit: CVE-2021-40444
CVE-2021-40444. Contribute to 34zY/Microsoft-Office-Word-MSHTML-Remote-Code-Execution-Exploit development by creating an account on GitHub.
#Red_Team
d4rk Ghost is a all in one hacking framework . Red Team Pentesting Framework it contains all things
https://github.com/d4rkconsole/d4rk_ghost
@BlueRedTeam
d4rk Ghost is a all in one hacking framework . Red Team Pentesting Framework it contains all things
https://github.com/d4rkconsole/d4rk_ghost
@BlueRedTeam
GitHub
GitHub - abhinavJha103/d4rk_ghost: It is all in One Pentesting tool . It Has modules , Information Gathering exploitation + vulnerability…
It is all in One Pentesting tool . It Has modules , Information Gathering exploitation + vulnerability scanning , proxy scraper and wordpress vulnerability scanning and more - GitHub - abhinavJ...
#tools
#Blue_Team
1. Catalyst is a SOAR system that helps to automate alert handling and incident response processes
https://github.com/SecurityBrewery/catalyst
2. Rogue Assembly Hunter is a utility for discovering 'interesting' .NET CLR modules in running processes
https://github.com/bohops/RogueAssemblyHunter
3. Detecting Anomalous Network Traffic Resulting from a Successful Log4j Attack
https://www.ironnet.com/blog/detecting-anomalous-network-traffic-resulting-from-a-successful-log4j-attack
@BlueRedTeam
#Blue_Team
1. Catalyst is a SOAR system that helps to automate alert handling and incident response processes
https://github.com/SecurityBrewery/catalyst
2. Rogue Assembly Hunter is a utility for discovering 'interesting' .NET CLR modules in running processes
https://github.com/bohops/RogueAssemblyHunter
3. Detecting Anomalous Network Traffic Resulting from a Successful Log4j Attack
https://www.ironnet.com/blog/detecting-anomalous-network-traffic-resulting-from-a-successful-log4j-attack
@BlueRedTeam
GitHub
GitHub - SecurityBrewery/catalyst: ⚡️ Catalyst is a self-hosted, open source incident response platform and ticket system that…
⚡️ Catalyst is a self-hosted, open source incident response platform and ticket system that helps to automate alert handling and incident response processes - SecurityBrewery/catalyst
#Red_Team
1. Inside a PBX - Discovering a Firmware Backdoor
https://blog.redteam-pentesting.de/2021/inside-a-pbx
2. RCE in Visual Studio Code's Remote WSL for Fun and Negative Profit
https://parsiya.net/blog/2021-12-20-rce-in-visual-studio-codes-remote-wsl-for-fun-and-negative-profit
3. Auerswald COMpact Multiple Backdoors
https://www.redteam-pentesting.de/en/advisories/rt-sa-2021-007/-auerswald-compact-multiple-backdoors
@BlueRedTeam
1. Inside a PBX - Discovering a Firmware Backdoor
https://blog.redteam-pentesting.de/2021/inside-a-pbx
2. RCE in Visual Studio Code's Remote WSL for Fun and Negative Profit
https://parsiya.net/blog/2021-12-20-rce-in-visual-studio-codes-remote-wsl-for-fun-and-negative-profit
3. Auerswald COMpact Multiple Backdoors
https://www.redteam-pentesting.de/en/advisories/rt-sa-2021-007/-auerswald-compact-multiple-backdoors
@BlueRedTeam
RedTeam Pentesting - Blog
Inside a PBX - Discovering a Firmware Backdoor
This blog post illustrates how RedTeam Pentesting discovered a real-world backdoor in a widely used Auerswald phone system (see also the advisory and CVE-2021-40859). We will describe the methodology used to find the backdoor by examining the …
#exploit
1. CVE-2021-4061:
Type Confusion in V8
https://github.com/msrkp/exploits/tree/main/CVE-2021-4061
2. CVE-2021-43224:
Windows Common Log File System Driver PoC
https://github.com/KaLendsi/CVE-2021-43224-POC
@BlueRedTeam
1. CVE-2021-4061:
Type Confusion in V8
https://github.com/msrkp/exploits/tree/main/CVE-2021-4061
2. CVE-2021-43224:
Windows Common Log File System Driver PoC
https://github.com/KaLendsi/CVE-2021-43224-POC
@BlueRedTeam
GitHub
exploits/CVE-2021-4061 at main · msrkp/exploits
'>"><img src=x onerror=alert(1) /><b>asd</b>. Contribute to msrkp/exploits development by creating an account on GitHub.
#CVE-2021
#Log4j
#CheetSheet
Log4J CVE-2021-44228 : Mitigation Cheat Sheet
https://github.com/thedevappsecguy/Log4J-Mitigation-CVE-2021-44228--CVE-2021-45046--CVE-2021-45105
@BlueRedTeam
#Log4j
#CheetSheet
Log4J CVE-2021-44228 : Mitigation Cheat Sheet
https://github.com/thedevappsecguy/Log4J-Mitigation-CVE-2021-44228--CVE-2021-45046--CVE-2021-45105
@BlueRedTeam
GitHub
GitHub - thedevappsecguy/Log4J-Mitigation-CVE-2021-44228--CVE-2021-45046--CVE-2021-45105--CVE-2021-44832: Log4J CVE-2021-44228…
Log4J CVE-2021-44228 : Mitigation Cheat Sheet. Contribute to thedevappsecguy/Log4J-Mitigation-CVE-2021-44228--CVE-2021-45046--CVE-2021-45105--CVE-2021-44832 development by creating an account on Gi...
#exploit
1. CVE-2021-44659:
Adding a new pipeline in GoCD server 21.3.0 has a functionality that could be abused to do an un-intended action in order to achieve a SSRF
https://github.com/Mesh3l911/CVE-2021-44659
2. A buffer overflow vulnerability in a babykernel.ko driver. The exploit is written in a way to bypass SMEP protection and the technique used is ret2usr
https://github.com/0x3SC4L4T3/Babykernel-ctf-ret2usr
@BlueRedTeam
1. CVE-2021-44659:
Adding a new pipeline in GoCD server 21.3.0 has a functionality that could be abused to do an un-intended action in order to achieve a SSRF
https://github.com/Mesh3l911/CVE-2021-44659
2. A buffer overflow vulnerability in a babykernel.ko driver. The exploit is written in a way to bypass SMEP protection and the technique used is ret2usr
https://github.com/0x3SC4L4T3/Babykernel-ctf-ret2usr
@BlueRedTeam
#Red_Team
1. macOS Gatekeeper Bypass (CVE-2021-30853)
https://objective-see.com/blog/blog_0x6A.html
2. Responder and IPv6 attacks
https://g-laurent.blogspot.com/2021/12/responder-and-ipv6-attacks.html?m=1
@BlueRedTeam
1. macOS Gatekeeper Bypass (CVE-2021-30853)
https://objective-see.com/blog/blog_0x6A.html
2. Responder and IPv6 attacks
https://g-laurent.blogspot.com/2021/12/responder-and-ipv6-attacks.html?m=1
@BlueRedTeam
Blogspot
Responder and IPv6 attacks
Responder 3.1.1.0 comes with full IPv6 support by default, which allows you to perform more attacks on IPv4 and IPv6 networks. As pointed b...
#Blue_Team
1. This tool reveals hidden desktops and investigate processes/threads utilizing hidden desktops
https://github.com/AgigoNoTana/HiddenDesktopViewer
2. Analysis of Log4jShell Attack
https://www.goggleheadedhacker.com/blog/post/log4jshell-analysis
@BlueRedTeam
1. This tool reveals hidden desktops and investigate processes/threads utilizing hidden desktops
https://github.com/AgigoNoTana/HiddenDesktopViewer
2. Analysis of Log4jShell Attack
https://www.goggleheadedhacker.com/blog/post/log4jshell-analysis
@BlueRedTeam
GitHub
GitHub - AgigoNoTana/HiddenDesktopViewer: This tool reveals hidden desktops and investigate processes/threads utilizing hidden…
This tool reveals hidden desktops and investigate processes/threads utilizing hidden desktops - AgigoNoTana/HiddenDesktopViewer