carlospolop / Bruteforce-GCP-Permissions
Use the GCP testIamPermissions functionality to bruteforce and discover your permissions
☆15Updated 2 weeks ago
Related projects: ⓘ
- ☆27Updated last year
- ☆50Updated 11 months ago
- Burp Suite Extension for inserting a magic byte into responder's request☆20Updated 11 months ago
- ☆10Updated last month
- Tool to perform GCP Domain Wide Delegation abuse and access Gmail and Drive data☆42Updated 10 months ago
- dauthi is a tool that takes advantage of API functionality across a variety of MDM solutions to perform user enumeration and single-facto…☆34Updated 4 months ago
- A BurpSuite extension to deploy an OpenVPN config file to DigitalOcean and set up a SOCKS proxy to route traffic through it☆45Updated 6 months ago
- A tool for quickly evaluating IAM permissions in AWS.☆57Updated 10 months ago
- ☆19Updated this week
- ysoserial.net docker image☆27Updated 7 months ago
- cvet is a Python utility for pulling actionable vulnerabilities from cvetrends.com☆37Updated 2 years ago
- A python library to interact with Pwndoc instances for pentest reports generation☆12Updated last month
- Make better use of the embedded browser that comes by default with Burp☆38Updated 8 months ago
- RedInfraCraft automates the deployment of powerful red team infrastructures! It streamlines the setup of C2s, makes it easy to create adv…☆47Updated 3 weeks ago
- Password spraying tool for Microsoft Online accounts (Entra/Azure/O365)☆25Updated 6 months ago
- ☆14Updated last year
- Encode and Fuzz Custom Protobuf Messages in Burp Suite☆30Updated last year
- ☆31Updated this week
- Simple PoC for demonstrating Race Conditions on Websockets☆49Updated last year
- A not-curated list of cloud hacking labs☆19Updated 5 months ago
- Webshell agent in aspx and php☆16Updated this week
- User enumeration and password spraying tool for testing Azure AD☆67Updated 2 years ago
- Hunt SSL Certificates for interesting keywords on major cloud service providers / internet☆32Updated 8 months ago
- Dump Kerberos tickets from the KCM database of SSSD☆30Updated last week
- Script written in python to perform Resource-Based Constrained Delegation (RBCD) attack by leveraging Impacket toolkit.☆19Updated 3 years ago
- Simple bash Script to automate initial recon using (httpx, puredns, regulator, wayback, katana, aquatone)☆33Updated last year
- Cobalt Strike BOFS☆16Updated 8 months ago
- S3 bucket enumerator☆29Updated 5 years ago
- Vulnerable Windows Application☆15Updated 9 months ago
- Proof of Concept for Path Traversal in Apache Struts ("CVE-2023-50164")☆57Updated 9 months ago