dnoiz1 / git-money
A tool for enumerating and retrieving exposed git repositories to recover source trees from external environments. Can utilise File Include vulnerabilities
☆21Updated 4 years ago
Alternatives and similar repositories for git-money:
Users that are interested in git-money are comparing it to the libraries listed below
- Zone transfers for rwhois☆20Updated 5 years ago
- LetMeOutOfYour.net Resources☆20Updated 4 years ago
- During pentesting I often miss screenshots of events for reports due to the quick pace of testing and a lack of foreknowledge about what …☆25Updated 5 years ago
- Jira Secret Hunter - Helps you find credentials and sensitive contents in Jira tickets☆43Updated 2 years ago
- Extract credentials from lsass remotely☆16Updated 5 years ago
- An nmap script to produce target lists for use with various tools.☆33Updated 3 years ago
- Script to parse multiple Nmap .gnmap exports into various plain-text formats for easy analysis.☆23Updated 10 years ago
- This tool aims at automating the identification of potential service running behind ports identified manually either through manual scan …☆50Updated 4 years ago
- s3eker is an extensible way to find open S3 buckets.☆17Updated 4 years ago
- A multi-threaded scanner that helps identify CORS flaws/misconfigurations☆19Updated 5 years ago
- parsers to make life easier☆12Updated 4 years ago
- Ansible scripts to build an attack box☆22Updated 6 years ago
- Collection of things I've written on pentests to make life easier.☆16Updated 5 years ago
- This extension redacts potentially sensitive header and parameter values from requests using Shannon Entropy analysis.☆12Updated 4 years ago
- An enumeration and exploitation toolkit using RFC calls to SAP☆37Updated 5 years ago
- NMAP NSE script that scans for http(s) server, takes a screenshot of them, and organizes the results into an HTML report.☆27Updated 10 years ago
- Modifed PowerSploit/PowerView to search files and match RegEx for Sensitive info (PII, PCI, Passwords, Usernames, SNMP Strings, etc.)☆14Updated 6 years ago
- Identify common attack paths to get Domain Administrator☆22Updated 5 years ago
- A tool for checking a hash:pass pot file for hashes from a user:hash file☆12Updated 8 years ago
- Slides of the talk on Injection attacks in apps with NoSQL Backends, given at null OWASP Bangalore monthly meet on 27th April 2019☆22Updated 5 years ago
- Docker container escape enumeration tool.☆10Updated 4 years ago
- Burp Suite Professional extension in Java for Tabnabbing attack☆13Updated 6 years ago
- A playground to practice SSRF Attacks against web apps☆17Updated 6 years ago
- ☆10Updated 6 years ago
- This is a lazy enumeration script made to make bug bounty enum & pentest flyovers easy as cake!☆14Updated 4 years ago
- Simple S3 Bucket Testing Software☆31Updated 3 years ago
- A Burp Extender plugin that will allow you to tamper with requests containing compressed, serialized java objects.☆24Updated 5 years ago
- ☆19Updated 4 years ago
- Deploy a Private Burpsuite Collaborator using boto3 Python Library☆57Updated 5 years ago
- C# utility that uses WMI to run "cmd.exe /c netstat -n", save the output to a file, then use SMB to read and delete the file remotely☆38Updated 5 years ago