Accenture / jenkins-attack-framework
☆554Updated 3 years ago
Related projects: ⓘ
- Probe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.☆581Updated 3 years ago
- Nebula is a cloud C2 Framework, which at the moment offers reconnaissance, enumeration, exploitation, post exploitation on AWS, but still…☆391Updated last month
- A utility to convert your AWS CLI credentials into AWS console access.☆212Updated 4 years ago
- Log4Shell scanner for Burp Suite☆481Updated 11 months ago
- RMIScout uses wordlist and bruteforce strategies to enumerate Java RMI functions and exploit RMI parameter unmarshalling vulnerabilities☆420Updated 2 years ago
- Hide your payload in DNS☆601Updated last year
- Source Code Management Attack Toolkit☆209Updated last year
- A tool to hunt for credentials in github wild AKA git*hunt☆291Updated last year
- Exfiltrate blind remote code execution output over DNS via Burp Collaborator.☆247Updated 2 years ago
- Proof of concept code for Datadog Security Labs referenced exploits.☆417Updated 11 months ago
- Find cloud assets that no one wants exposed 🔎 ☁️☆330Updated 4 years ago
- This Burpsuite plugin allows for multiple web app testers to share their proxy history with each other in real time. Requests that comes …☆252Updated last year
- Standalone binaries for Linux/Windows of Impacket's examples☆710Updated last year
- ☆172Updated 6 months ago
- An exhaustive list of all the possible ways you can chain your Blind SSRF vulnerability☆772Updated 2 years ago
- Cloud-related research releases from the Rhino Security Labs team.☆350Updated 4 years ago
- NoSql Injection CLI tool, for finding vulnerable websites using MongoDB.☆351Updated 2 years ago
- automated web assets enumeration & scanning [DEPRECATED]☆285Updated last year
- The AWS Enumerator was created for service enumeration and info dumping for investigations of penetration testers during Black-Box testin…☆172Updated 2 years ago
- project-blacklist3r☆473Updated 2 years ago
- RCE exploit for a .NET JSON deserialization vulnerability in Telerik UI for ASP.NET AJAX.☆342Updated 2 years ago
- ☆277Updated 2 years ago
- RCE 0-day for GhostScript 9.50 - Payload generator☆539Updated 3 years ago
- Java RMI Vulnerability Scanner☆811Updated 2 months ago
- JMX enumeration and attacking tool.☆382Updated 5 months ago
- Log4j jndi injects the Payload generator☆481Updated 2 years ago
- Damn Vulnerable Cloud Application☆183Updated 6 years ago
- ☆222Updated 2 months ago
- Burp Suite Extension useful to verify OAUTHv2 and OpenID security☆169Updated 3 months ago
- Utility to enumerate users, groups and computers from a Windows domain through LDAP queries☆343Updated 3 years ago