Red Team
- blog.aermored.com Configuring the Software for Our Hardware Implant
Software configuration for secure C2
- blog.aermored.com Hardware Implants as an Initial Access Vector
How to gain initial access via a hardware implant.
From a recent engagement. We turned to hardware implants as an initial access vector to enable remote operations.
- www.bleepingcomputer.com New tool exploits Microsoft Teams bug to send malware to users
A member of U.S. Navy's red team has published a tool called TeamsPhisher that leverages an unresolved security issue in Microsoft Teams to bypass restrictions for incoming files from users outside of a targeted organization, the so-called external tenants.
- Has anyone here taken the new OSCP exam?
In the middle of the depths of studying. Would love reviews or thoughts on the new exam! Words of encouragement welcome 🙂
- www.bleepingcomputer.com Microsoft Teams bug allows malware delivery from external accounts
Security researchers have found a simple way to deliver malware to an organization with Microsoft Teams, despite restrictions in the application for files from external sources.
- github.com JWT authentication bypass via `X-HTTP-Method-Override` header
## Summary ESPv2 contains an authentication bypass vulnerability. API clients can craft a malicious `X-HTTP-Method-Override` header value to bypass JWT authentication in specific cases. ## Ba...
- Linux eBPF backdoor over TCP. Spawn reverse shells, RCE, on prior privileged accessgithub.com GitHub - krisnova/boopkit: Linux eBPF backdoor over TCP. Spawn reverse shells, RCE, on prior privileged access. Less Honkin, More Tonkin.
Linux eBPF backdoor over TCP. Spawn reverse shells, RCE, on prior privileged access. Less Honkin, More Tonkin. - GitHub - krisnova/boopkit: Linux eBPF backdoor over TCP. Spawn reverse shells, RCE, ...
- www.securesystems.de Active Directory Spotlight: Attacking The Microsoft Configuration Manager (SCCM/MECM)
This spotlight covers the Microsoft Configuration Manager (ConfigMgr), also known as SCCM or MECM. Get an intro into the Configuration Manger, an overview and demonstration of known attacks against it, practical tool box knowledge and best practice defensive guidelines.
Probably already posted and well known, but a nice place for all the native binaries baked into windows that can be used.
- Tryhackme's red team thoughtstryhackme.com TryHackMe | Cyber Security Training
An online platform for learning and teaching cyber security, all through your browser.
Hey Red team crew, I'd love to hear everyones thoughts on the tryhackme's red team course. a lot of paid parts, but not all. I'd love to know what you think or if they're better courses
- RedTeam toolkitsgithub.com GitHub - A-poc/RedTeam-Tools: Tools and Techniques for Red Team / Penetration Testing
Tools and Techniques for Red Team / Penetration Testing - GitHub - A-poc/RedTeam-Tools: Tools and Techniques for Red Team / Penetration Testing
No one has posted yet, So I'll be the first and drop this easy start github page.
