Frichetten / gitlab-runner-research
Research on abusing GitLab Runners
☆22Updated 4 years ago
Related projects ⓘ
Alternatives and complementary repositories for gitlab-runner-research
- C# and Impacket implementation (here with Kerberos auth support) of PrintNightmare CVE-2021-1675/CVE-2021-34527☆29Updated 3 years ago
- A multithreaded, queued SSH key and/or password spraying tool.☆17Updated last year
- cvet is a Python utility for pulling actionable vulnerabilities from cvetrends.com☆38Updated 2 years ago
- Simple CLI tool for the generation of downloader oneliners for UNIX-like or Windows systems☆38Updated 3 years ago
- A tool to password spray Jenkins instances☆52Updated 5 years ago
- Code for profiling sandboxes - Initially an idea to profile sandboxes, the code is written to take enviromental variables and send them b…☆19Updated 7 months ago
- Bypass Constrained Language Mode in PowerShell☆27Updated 5 years ago
- A tool to parse, deduplicate, and query multiple port scans.☆57Updated last year
- A simple program to query nmap xml files in the terminal.☆26Updated 4 years ago
- ansible roles to download and install empire (BC-Security),deathstar(byt3bl33der) and starkiller (BC-Security)☆23Updated 2 years ago
- ☆15Updated 2 months ago
- A little implant which SSH's back with a shell☆36Updated 2 years ago
- Parses Nessus .nessus files for exploitable vulnerabilities and outputs a report file in format MM-DD-YYYY-nessus.csv☆38Updated last year
- Extract payload URLs from Follina (CVE-2022-30190) docx and rtf files☆31Updated 2 years ago
- Use rpc null sessions to retrieve machine list, domain admin list, domain controllers☆13Updated last year
- A Burp Suite extension for headless, unattended scanning.☆36Updated 4 years ago
- A small Python-Script to extract NetNTLMv2 Hashes from NTMLssp-HTTP-Authentications, which were captured in a pcap.☆23Updated last year
- Notification webhook for GoPhish☆52Updated 5 months ago
- Study notes on Windows NTLM Reflection and token stealing based EOPs.☆17Updated 3 years ago
- Use python to perform Kerberos pre-auth bruteforcing☆11Updated 2 years ago
- Zoom Persistence Aggressor and Handler☆53Updated 3 years ago
- Modified version of PEAS client for offensive operations☆38Updated last year
- PoC for CVE-2021-4034 dubbed pwnkit☆33Updated 2 years ago
- ☆29Updated 2 years ago
- Automation of Active Directory penetration testing tasks on top of BloodHound CE☆30Updated last year
- Go client for Elasticsearch OSINT platform☆15Updated last year
- Exploits made practicing for OSCE☆22Updated 3 years ago
- Perform Windows domain enumeration via LDAP☆36Updated 2 years ago