Accenture / jenkins-attack-framework

Related projects ⓘ

Alternatives and complementary repositories for jenkins-attack-framework

• NetSPI / aws_consoler
  A utility to convert your AWS CLI credentials into AWS console access.
  ☆220Updated 4 years ago
• silentsignal / burp-log4shell
  Log4Shell scanner for Burp Suite
  ☆481Updated last year
• BishopFox / GadgetProbe
  Probe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.
  ☆585Updated 3 years ago
• gl4ssesbo1 / Nebula
  Nebula is a cloud C2 Framework, which at the moment offers reconnaissance, enumeration, exploitation, post exploitation on AWS, but still…
  ☆404Updated 3 weeks ago
• mhaskar / DNSStager
  Hide your payload in DNS
  ☆603Updated last year
• 0xC01DF00D / Collabfiltrator
  Exfiltrate blind remote code execution output over DNS via Burp Collaborator.
  ☆249Updated 2 weeks ago
• woodpecker-appstore / log4j-payload-generator
  Log4j jndi injects the Payload generator
  ☆489Updated 2 years ago
• Static-Flow / BurpSuite-Team-Extension
  This Burpsuite plugin allows for multiple web app testers to share their proxy history with each other in real time. Requests that comes …
  ☆252Updated 2 years ago
• httpvoid / CVE-Reverse
  ☆278Updated 3 years ago
• BishopFox / rmiscout
  RMIScout uses wordlist and bruteforce strategies to enumerate Java RMI functions and exploit RMI parameter unmarshalling vulnerabilities
  ☆422Updated 2 years ago
• RhinoSecurityLabs / Cloud-Security-Research
  Cloud-related research releases from the Rhino Security Labs team.
  ☆356Updated 4 years ago
• shabarkin / aws-enumerator
  The AWS Enumerator was created for service enumeration and info dumping for investigations of penetration testers during Black-Box testin…
  ☆181Updated 2 years ago
• NotSoSecure / cloud-service-enum
  ☆232Updated 4 months ago
• noperator / CVE-2019-18935
  RCE exploit for a .NET JSON deserialization vulnerability in Telerik UI for ASP.NET AJAX.
  ☆348Updated 2 years ago
• BishopFox / smogcloud
  Find cloud assets that no one wants exposed 🔎 ☁️
  ☆332Updated 4 years ago
• epi052 / recon-pipeline
  An automated target reconnaissance pipeline.
  ☆428Updated last year
• qtc-de / remote-method-guesser
  Java RMI Vulnerability Scanner
  ☆828Updated 4 months ago
• akabe1 / OAUTHScan
  Burp Suite Extension useful to verify OAUTHv2 and OpenID security
  ☆169Updated 3 weeks ago
• qtc-de / beanshooter
  JMX enumeration and attacking tool.
  ☆392Updated last month
• chipik / SAP_RECON
  PoC for CVE-2020-6287, CVE-2020-6286 (SAP RECON vulnerability)
  ☆215Updated 4 years ago
• NotSoSecure / Blacklist3r
  project-blacklist3r
  ☆499Updated 2 years ago
• assetnote / blind-ssrf-chains
  An exhaustive list of all the possible ways you can chain your Blind SSRF vulnerability
  ☆804Updated 2 years ago
• DataDog / security-labs-pocs
  Proof of concept code for Datadog Security Labs referenced exploits.
  ☆417Updated last year
• GoSecure / dtd-finder
  List DTDs and generate XXE payloads using those local DTDs.
  ☆611Updated 9 months ago
• grines / scour
  ☆125Updated 4 months ago
• Charlie-belmer / nosqli
  NoSql Injection CLI tool, for finding vulnerable websites using MongoDB.
  ☆356Updated 3 years ago
• PortSwigger / autowasp
  BurpSuite Extension: A one-stop pen testing checklist and logger tool
  ☆263Updated last year
• whitel1st / docem
  A tool to embed XXE and XSS payloads in docx, odt, pptx, xlsx files (oxml_xxe on steroids)
  ☆527Updated 9 months ago
• RhinoSecurityLabs / ccat
  Cloud Container Attack Tool (CCAT) is a tool for testing security of container environments.
  ☆591Updated 5 years ago
• rsrdesarrollo / generator-burp-extension
  Everything you need about Burp Extension Generation
  ☆152Updated last year