#Red_Team
1. A PoC to make defender useless by removing its token privileges and lowering the token integrity
https://github.com/pwn1sher/KillDefender
2. SSRF Testing Resources
https://github.com/cujanovic/SSRF-Testing
3. A Nim implementation of reflective PE-Loading from memory
https://github.com/S3cur3Th1sSh1t/Nim-RunPE
@BlueRedTeam
1. A PoC to make defender useless by removing its token privileges and lowering the token integrity
https://github.com/pwn1sher/KillDefender
2. SSRF Testing Resources
https://github.com/cujanovic/SSRF-Testing
3. A Nim implementation of reflective PE-Loading from memory
https://github.com/S3cur3Th1sSh1t/Nim-RunPE
@BlueRedTeam
GitHub
GitHub - pwn1sher/KillDefender: A small POC to make defender useless by removing its token privileges and lowering the token integrity
A small POC to make defender useless by removing its token privileges and lowering the token integrity - pwn1sher/KillDefender
π2
#Blue_Team
Decoding Cobalt Strike:
Understanding Payloads
https://decoded.avast.io/threatintel/decoding-cobalt-strike-understanding-payloads
]-> Repo:
https://github.com/avast/ioc/tree/master/CobaltStrike
@BlueRedTeam
Decoding Cobalt Strike:
Understanding Payloads
https://decoded.avast.io/threatintel/decoding-cobalt-strike-understanding-payloads
]-> Repo:
https://github.com/avast/ioc/tree/master/CobaltStrike
@BlueRedTeam
Gendigital
Decoding Cobalt Strike: Understanding payloads
Identifying and Parsing Cobalt Payloads
#Cobalt_Strike
#C2
Cobalt Strike External C2 Integration With Azure Servicebus, C2 traffic via Azure Servicebus
https://github.com/Flangvik/CobaltBus
@BlueRedTeam
#C2
Cobalt Strike External C2 Integration With Azure Servicebus, C2 traffic via Azure Servicebus
https://github.com/Flangvik/CobaltBus
@BlueRedTeam
GitHub
GitHub - Flangvik/CobaltBus: Cobalt Strike External C2 Integration With Azure Servicebus, C2 traffic via Azure Servicebus
Cobalt Strike External C2 Integration With Azure Servicebus, C2 traffic via Azure Servicebus - Flangvik/CobaltBus
π1
#Red_Team
1. SPF-BYPASS
https://www.redteam.cafe/phishing/long-live-dmarc-email-spoof-issues
2. SIM Hijacking
https://sensepost.com/blog/2022/sim-hijacking
@BlueRedTeam
1. SPF-BYPASS
https://www.redteam.cafe/phishing/long-live-dmarc-email-spoof-issues
2. SIM Hijacking
https://sensepost.com/blog/2022/sim-hijacking
@BlueRedTeam
www.redteam.cafe
Long Live DMARC - Email Spoof issues | Intruder
Spoof emails when SPF is present but DMARC is not allowing you to spoof the sender
β€2
#Red_Team
1. DDoS Attack Script Python3, Cyber Attack With 36 Methods
https://github.com/MHProDev/MHDDoS
2. PackMyPayload -
Emerging Threat of Containerized Malware
https://github.com/mgeeky/PackMyPayload
3. Kerberos Authentication Relaying, OffensiveCon 2022
https://github.com/tyranid/infosec-presentations/blob/master/OffensiveCon/2022/This%20are%20my%20principals.pdf
@BlueRedTeam
1. DDoS Attack Script Python3, Cyber Attack With 36 Methods
https://github.com/MHProDev/MHDDoS
2. PackMyPayload -
Emerging Threat of Containerized Malware
https://github.com/mgeeky/PackMyPayload
3. Kerberos Authentication Relaying, OffensiveCon 2022
https://github.com/tyranid/infosec-presentations/blob/master/OffensiveCon/2022/This%20are%20my%20principals.pdf
@BlueRedTeam
GitHub
GitHub - MatrixTM/MHDDoS: Best DDoS Attack Script Python3, (Cyber / DDos) Attack With 56 Methods
Best DDoS Attack Script Python3, (Cyber / DDos) Attack With 56 Methods - MatrixTM/MHDDoS
π₯1
lateral_movement.pdf
6.5 MB
#Whitepaper
#Blue_Team
#Techniques
"Lateral Movement Analyst Reference", 2020.
// This document is designed to help network defenders understand some of the tools and tactics used by attackers in order to inform security and threat hunting activities.
@BlueRedTeam
#Blue_Team
#Techniques
"Lateral Movement Analyst Reference", 2020.
// This document is designed to help network defenders understand some of the tools and tactics used by attackers in order to inform security and threat hunting activities.
@BlueRedTeam
#exploit
Exploring UNIX pipes for iOS kernel exploit primitives,
and introducing kalloc_data_require
https://tfp0labs.com/blog/unix-pipes-exploitation
]-> Example code for creating read/write primitives from Unix pipes on XNU:
https://github.com/TFP0Labs/pipe_rw
@BlueRedTeam
Exploring UNIX pipes for iOS kernel exploit primitives,
and introducing kalloc_data_require
https://tfp0labs.com/blog/unix-pipes-exploitation
]-> Example code for creating read/write primitives from Unix pipes on XNU:
https://github.com/TFP0Labs/pipe_rw
@BlueRedTeam
TFP0 Labs
Exploring UNIX pipes for iOS kernel exploit primitives, and introducing kalloc_data_require β TFP0 Labs
While playing with Corellium to practice developing exploits with previously-patched bugs , I started to think about how Corellium's hypervisor magic could be used to practice on generalized techniques even without an underlying vulnerability. In theβ¦
#Cobalt_Strike
Agressor script that lists available Cobalt Strike beacon commands and colors them based on their type
https://github.com/outflanknl/HelpColor
@BlueRedTeam
Agressor script that lists available Cobalt Strike beacon commands and colors them based on their type
https://github.com/outflanknl/HelpColor
@BlueRedTeam
GitHub
GitHub - outflanknl/HelpColor: Agressor script that lists available Cobalt Strike beacon commands and colors them based on theirβ¦
Agressor script that lists available Cobalt Strike beacon commands and colors them based on their type - outflanknl/HelpColor
#Cobalt_Strike
A collection of scripts for Cobalt Strike
https://github.com/SamSepiolProxy/CobaltStrikeScripts
@BlueRedTeam
A collection of scripts for Cobalt Strike
https://github.com/SamSepiolProxy/CobaltStrikeScripts
@BlueRedTeam
GitHub
GitHub - SamSepiolProxy/CobaltStrikeScripts: A collection of scripts for Cobalt Strike
A collection of scripts for Cobalt Strike. Contribute to SamSepiolProxy/CobaltStrikeScripts development by creating an account on GitHub.
#Cobalt_Strike
Privat crypt Cobalt Strike and powershell
https://github.com/trewisscotch/Crypt-Cobalt-Strike-Powershell
@BlueRedTeam
Privat crypt Cobalt Strike and powershell
https://github.com/trewisscotch/Crypt-Cobalt-Strike-Powershell
@BlueRedTeam
#AD
This tool can perform specific LDAP/SAMR calls to a domain controller in order to perform AD privesc.
https://github.com/CravateRouge/bloodyAD
@BlueRedTeam
This tool can perform specific LDAP/SAMR calls to a domain controller in order to perform AD privesc.
https://github.com/CravateRouge/bloodyAD
@BlueRedTeam
GitHub
GitHub - CravateRouge/bloodyAD: BloodyAD is an Active Directory Privilege Escalation Framework
BloodyAD is an Active Directory Privilege Escalation Framework - CravateRouge/bloodyAD
Network penetration testing resources and network security : @NetPentesters
Persian Channel : @NetPentester
Persian Channel : @NetPentester
#Red_Team
k1t is a Red Team Weaponization Tool Rapid Deployment BASH Script.
https://github.com/bash-k1t/k1t
@BlueRedTeam
k1t is a Red Team Weaponization Tool Rapid Deployment BASH Script.
https://github.com/bash-k1t/k1t
@BlueRedTeam
GitHub
GitHub - bash-k1t/k1t: k1t is a Red Team Weaponization Tool Rapid Deployment BASH Script.
k1t is a Red Team Weaponization Tool Rapid Deployment BASH Script. - GitHub - bash-k1t/k1t: k1t is a Red Team Weaponization Tool Rapid Deployment BASH Script.
#exploit
1. A Zero-Click RCE Exploit for the Peloton Bike
(And Also Every Other Unpatched Android Device)
https://www.nowsecure.com/blog/2022/02/09/a-zero-click-rce-exploit-for-the-peloton-bike-and-also-every-other-unpatched-android-device
2. An analysis of CVE-2022-21877
https://big5-sec.github.io/posts/an-analysis-of-cve-2022-21877
3. CVE-2022-20699:
Cisco Anyconnect VPN unauth RCE (rwx stack)
https://github.com/Audiobahn/CVE-2022-20699
@BlueRedTeam
1. A Zero-Click RCE Exploit for the Peloton Bike
(And Also Every Other Unpatched Android Device)
https://www.nowsecure.com/blog/2022/02/09/a-zero-click-rce-exploit-for-the-peloton-bike-and-also-every-other-unpatched-android-device
2. An analysis of CVE-2022-21877
https://big5-sec.github.io/posts/an-analysis-of-cve-2022-21877
3. CVE-2022-20699:
Cisco Anyconnect VPN unauth RCE (rwx stack)
https://github.com/Audiobahn/CVE-2022-20699
@BlueRedTeam
Nowsecure
Zero-Click RCE Exploit for the Peloton Bike Identified and Patched
The Peloton Bike ran an unpatched version of Android 7 which led to it being vulnerable to a number of known issues, most significantly CVE-2021-0326, which could allow an attacker within WiFi range to execute arbitrary code on the device with no user interaction.
π1
#Red_Team
1. Dump Information for Process using GetTokenInformation
https://tbhaxor.com/dumping-token-information-in-windows
2. Cloudflare WAF Bypass
https://www.astrocamel.com/web/2022/01/25/my-sqli-adventure-or-why-you-should-make-sure-your-waf-is-configured-properly.html
@BlueRedTeam
1. Dump Information for Process using GetTokenInformation
https://tbhaxor.com/dumping-token-information-in-windows
2. Cloudflare WAF Bypass
https://www.astrocamel.com/web/2022/01/25/my-sqli-adventure-or-why-you-should-make-sure-your-waf-is-configured-properly.html
@BlueRedTeam
tbhaxor's Blog
Dump Information for Process using GetTokenInformation
In this post, you will get a very thorough step-by-step walkthrough on building your own process token dumper in the c++ which will help you in knowing your target better before launching another post exploitation attack.
A collection of various awesome lists for hackers, pentesters and security researchers
https://github.com/Hack-with-Github/Awesome-Hacking
@BlueRedTeam
https://github.com/Hack-with-Github/Awesome-Hacking
@BlueRedTeam
GitHub
GitHub - Hack-with-Github/Awesome-Hacking: A collection of various awesome lists for hackers, pentesters and security researchers
A collection of various awesome lists for hackers, pentesters and security researchers - Hack-with-Github/Awesome-Hacking
π2
#Red_Team
1. AD CS: from ManageCA to RCE
https://www.blackarrow.net/ad-cs-from-manageca-to-rce
2. Bypassing Cylance and other AVs/EDRs by Unhooking Windows APIs
https://www.ired.team/offensive-security/defense-evasion/bypassing-cylance-and-other-avs-edrs-by-unhooking-windows-apis
3. WindowsNoExec - Abusing existing instructions to executing arbitrary code without allocating executable memory
https://www.x86matthew.com/view_post?id=windows_no_exec&s=09
@BlueRedTeam
1. AD CS: from ManageCA to RCE
https://www.blackarrow.net/ad-cs-from-manageca-to-rce
2. Bypassing Cylance and other AVs/EDRs by Unhooking Windows APIs
https://www.ired.team/offensive-security/defense-evasion/bypassing-cylance-and-other-avs-edrs-by-unhooking-windows-apis
3. WindowsNoExec - Abusing existing instructions to executing arbitrary code without allocating executable memory
https://www.x86matthew.com/view_post?id=windows_no_exec&s=09
@BlueRedTeam
Tarlogic Security
BlackArrow - Offensive security services
BlackArrow is the offensive and defensive security services division of Tarlogic Security. A team of high level professionals
#tools
#Blue_Team
master_librarian - A tool to audit Linux system libraries to find public security vulnerabilities
https://github.com/CoolerVoid/master_librarian
@BlueRedTeam
#Blue_Team
master_librarian - A tool to audit Linux system libraries to find public security vulnerabilities
https://github.com/CoolerVoid/master_librarian
@BlueRedTeam
π1