Red Team Interview Questions – A Deep Dive Into Red Teaming Essential
Welcome to the Red Team Interview Questions repository! This repository aims to provide a comprehensive list of topics and questions that can be helpful for both interviewers and candidates preparing for red team-related roles. Whether you're looking to assess your knowledge or preparing to interview candidates, these questions cover a wide range of essential topics in the field of...
GeoServer Vulnerability : Reverse Shell Execution For CVE-2024-36401
POC for CVE-2024-36401: RCE for GeoServer version prior to 2.25.1, 2.24.3 and 2.23.5 of GeoServer. This POC is based on the security advisory by phith0n. How It Works Sets up a listener on your machine for incoming reverse shell from the target. This POC will send a post request with the payloads. Attempts to establish a shell on the target server. This technique assumes nc...
Pathfinder : High-Resolution Control-Flow Attacks Exploiting The Conditional Branch Predictor
Researchers delve into the vulnerabilities inherent in Intel's branch prediction algorithms. Highlighting novel control-flow attacks, the study showcases techniques that leverage the Conditional Branch Predictor to manipulate and observe path history in modern CPUs. This pivotal research, conducted by experts from the University of California San Diego, opens new avenues for understanding and securing microarchitectural operations against potential exploits. System...
vArmor : Enhancing Container Security In Cloud-Native Environments
vArmor is a cloud-native container sandbox system. It leverages Linux's AppArmor LSM, BPF LSM and Seccomp technologies to implement enforcers. It can be used to strengthen container isolation, reduce the kernel attack surface, and increase the difficulty and cost of container escape or lateral movement attacks. You can leverage vArmor in the following scenarios to provide sandbox protection for containers within a Kubernetes cluster. In...
DOLOST – Harnessing Cyber Deception For Strategic Security Deployments
Explore the cutting-edge framework 'DOLOST,' designed to innovate the field of cyber deception. This tool automates the deployment of decoys and deceptive environments, enhancing security strategies. Learn how DOLOST not only creates but also meticulously designs these operations to outsmart and trap potential threats. Table Of Contents About Installation Usage Examples Contributing License About DOLOST is a framework designed to automate the creation and deployment of decoys and...
LDAP Firewall – Enhancing Security With Advanced Active Directory Protection
LDAP Firewall is an open-source tool for Windows servers that lets you audit and restrict incoming LDAP requests. Its primary use-cases are to protect Domain Controllers, block LDAP-based attacks and tightly control access to the Active Directory schema (e.g enforcing read-only access for users). The tool is written in C++ and makes use of the Microsoft Detours and JsonCpp packages. Some useful resources to get you started: Introduction...
CVE-2024-36401 : GeoServer Unauthenticated Remote Code Execution In Evaluating Property Name Expressions
GeoServer is an open-source software server written in Java that provides the ability to view, edit, and share geospatial data. It is designed to be a flexible, efficient solution for distributing geospatial data from a variety of sources such as Geographic Information System (GIS) databases, web-based data, and personal datasets. In the GeoServer version prior to 2.25.1, 2.24.3 and 2.23.5...
BetterScan-CE Wiki : Integrating Comprehensive Security Scans Into DevOps
It is a Code and Infrastructure (IaC) and Cloud-native Scanning/SAST/Static Analysis/Linting solution using many tools/Scanners with One Report. You can also add any tool to it. Currently, it supports many languages and tech stacks. If you like it, please give it a GitHub star/fork/watch/contribute. This will ensure continuous development. Run this command in your code directory (checkout from Git - .git...
Betterscan – Comprehensive Security Orchestration For Code And Infrastructure
Scan your source code and infra IaC against top security risks Betterscan is a orchestration toolchain that uses state of the art tools to scan your source code and infrastructure IaC and analyzes your security and compliance risks. Currently supports: PHP, Java, Scala, Python, PERL, Ruby, .NET Full Framework, C#, C, C++, Swift, Kotlin, Apex (Salesforce), Javascript, Typescript, GO, Infrastructure as a Code (IaC) Security and Best Practices (Docker, Kubernetes (k8s), Terraform AWS, GCP, Azure), Secret Scanning (166+ secret types), Dependency...
SQLRecon – Comprehensive Guide To SQL Server Exploitation And Defense
SQLRecon is a Microsoft SQL Server toolkit that is designed for offensive reconnaissance and post-exploitation. For detailed information on how to use each technique, refer to the wiki. You can download a copy of SQLRecon from the releases page. Alternatively, feel free to compile the solution yourself. This should be as straight forward as cloning the repo, double clicking the solution file and...
