Accenture / jenkins-attack-framework

Related projects: ⓘ

• BishopFox / GadgetProbe
  Probe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.
  ☆581Updated 3 years ago
• gl4ssesbo1 / Nebula
  Nebula is a cloud C2 Framework, which at the moment offers reconnaissance, enumeration, exploitation, post exploitation on AWS, but still…
  ☆391Updated last month
• NetSPI / aws_consoler
  A utility to convert your AWS CLI credentials into AWS console access.
  ☆212Updated 4 years ago
• silentsignal / burp-log4shell
  Log4Shell scanner for Burp Suite
  ☆481Updated 11 months ago
• BishopFox / rmiscout
  RMIScout uses wordlist and bruteforce strategies to enumerate Java RMI functions and exploit RMI parameter unmarshalling vulnerabilities
  ☆420Updated 2 years ago
• mhaskar / DNSStager
  Hide your payload in DNS
  ☆601Updated last year
• h4wkst3r / SCMKit
  Source Code Management Attack Toolkit
  ☆209Updated last year
• josehelps / git-wild-hunt
  A tool to hunt for credentials in github wild AKA git*hunt
  ☆291Updated last year
• 0xC01DF00D / Collabfiltrator
  Exfiltrate blind remote code execution output over DNS via Burp Collaborator.
  ☆247Updated 2 years ago
• DataDog / security-labs-pocs
  Proof of concept code for Datadog Security Labs referenced exploits.
  ☆417Updated 11 months ago
• BishopFox / smogcloud
  Find cloud assets that no one wants exposed 🔎 ☁️
  ☆330Updated 4 years ago
• Static-Flow / BurpSuite-Team-Extension
  This Burpsuite plugin allows for multiple web app testers to share their proxy history with each other in real time. Requests that comes …
  ☆252Updated last year
• ropnop / impacket_static_binaries
  Standalone binaries for Linux/Windows of Impacket's examples
  ☆710Updated last year
• elttam / semgrep-rules
  ☆172Updated 6 months ago
• assetnote / blind-ssrf-chains
  An exhaustive list of all the possible ways you can chain your Blind SSRF vulnerability
  ☆772Updated 2 years ago
• RhinoSecurityLabs / Cloud-Security-Research
  Cloud-related research releases from the Rhino Security Labs team.
  ☆350Updated 4 years ago
• Charlie-belmer / nosqli
  NoSql Injection CLI tool, for finding vulnerable websites using MongoDB.
  ☆351Updated 2 years ago
• ARPSyndicate / kenzer
  automated web assets enumeration & scanning [DEPRECATED]
  ☆285Updated last year
• shabarkin / aws-enumerator
  The AWS Enumerator was created for service enumeration and info dumping for investigations of penetration testers during Black-Box testin…
  ☆172Updated 2 years ago
• NotSoSecure / Blacklist3r
  project-blacklist3r
  ☆473Updated 2 years ago
• noperator / CVE-2019-18935
  RCE exploit for a .NET JSON deserialization vulnerability in Telerik UI for ASP.NET AJAX.
  ☆342Updated 2 years ago
• httpvoid / CVE-Reverse
  ☆277Updated 2 years ago
• duc-nt / RCE-0-day-for-GhostScript-9.50
  RCE 0-day for GhostScript 9.50 - Payload generator
  ☆539Updated 3 years ago
• qtc-de / remote-method-guesser
  Java RMI Vulnerability Scanner
  ☆811Updated 2 months ago
• qtc-de / beanshooter
  JMX enumeration and attacking tool.
  ☆382Updated 5 months ago
• woodpecker-appstore / log4j-payload-generator
  Log4j jndi injects the Payload generator
  ☆481Updated 2 years ago
• m6a-UdS / dvca
  Damn Vulnerable Cloud Application
  ☆183Updated 6 years ago
• NotSoSecure / cloud-service-enum
  ☆222Updated 2 months ago
• akabe1 / OAUTHScan
  Burp Suite Extension useful to verify OAUTHv2 and OpenID security
  ☆169Updated 3 months ago
• ropnop / go-windapsearch
  Utility to enumerate users, groups and computers from a Windows domain through LDAP queries
  ☆343Updated 3 years ago