Frichetten / gitlab-runner-research
Research on abusing GitLab Runners
☆22Updated 4 years ago
Related projects ⓘ
Alternatives and complementary repositories for gitlab-runner-research
- A tool to parse, deduplicate, and query multiple port scans.☆57Updated last year
- A multithreaded, queued SSH key and/or password spraying tool.☆17Updated last year
- Parses Nessus .nessus files for exploitable vulnerabilities and outputs a report file in format MM-DD-YYYY-nessus.csv☆38Updated last year
- Extract payload URLs from Follina (CVE-2022-30190) docx and rtf files☆31Updated 2 years ago
- FireProx written in Go☆17Updated 7 months ago
- Simple CLI tool for the generation of downloader oneliners for UNIX-like or Windows systems☆38Updated 3 years ago
- cvet is a Python utility for pulling actionable vulnerabilities from cvetrends.com☆38Updated 2 years ago
- A multi-threaded password sprayer based on Medusa, built for distributed spraying.☆37Updated 3 years ago
- Talk slides and material☆29Updated 7 months ago
- Slides from my talk at the Adversary Village, Defcon 30☆29Updated 2 years ago
- Convert ldapdomaindump to Bloodhound☆76Updated 10 months ago
- C# and Impacket implementation (here with Kerberos auth support) of PrintNightmare CVE-2021-1675/CVE-2021-34527☆29Updated 3 years ago
- Bypass Constrained Language Mode in PowerShell☆27Updated 5 years ago
- ☆16Updated 2 years ago
- A collection of tools using OCR to extract potential usernames from RDP screenshots.☆27Updated 6 months ago
- A simple program to query nmap xml files in the terminal.☆26Updated 4 years ago
- autocrack adds queue support for hashcat cracking.☆42Updated last year
- ☆54Updated 3 years ago
- A tool to tunnel TCP traffic over WinRM☆17Updated 3 years ago
- Red Teaming & Active Directory Cheat Sheet.☆39Updated last year
- AutoPoC Generator HoneyPoC☆32Updated 4 months ago
- Notification webhook for GoPhish☆52Updated 5 months ago
- Study notes on Windows NTLM Reflection and token stealing based EOPs.☆17Updated 3 years ago
- CyberWarFare Labs hands-on workshop on the topic "Detecting Adversarial Tradecrafts/Tools by leveraging ETW"☆46Updated 2 years ago
- passat - password auditing tool. Does statistical analyses on large sets of cracked passwords.☆24Updated 2 years ago
- A script that parses PowerView's output for GPO analysis. Integrated into bloodhound to find misconfigurations of URA, SMB signing etc☆12Updated 4 years ago
- Tool to perform GCP Domain Wide Delegation abuse and access Gmail and Drive data☆43Updated 11 months ago
- Ransomware Simulator for testing Blue Team Detections☆35Updated 2 years ago
- Use rpc null sessions to retrieve machine list, domain admin list, domain controllers☆13Updated last year