dnoiz1 / git-money
A tool for enumerating and retrieving exposed git repositories to recover source trees from external environments. Can utilise File Include vulnerabilities
☆20Updated 4 years ago
Related projects: ⓘ
- Zone transfers for rwhois☆20Updated 5 years ago
- LetMeOutOfYour.net Resources☆19Updated 4 years ago
- automatic scan for hackthebox☆14Updated 4 years ago
- Jira Secret Hunter - Helps you find credentials and sensitive contents in Jira tickets☆41Updated last year
- NMAP NSE script that scans for http(s) server, takes a screenshot of them, and organizes the results into an HTML report.☆28Updated 10 years ago
- This extension redacts potentially sensitive header and parameter values from requests using Shannon Entropy analysis.☆12Updated 3 years ago
- Build a phishing server (Gophish) together with SMTP-redirector (Postfix) automatically in Digital Ocean with terraform and ansible..☆18Updated 3 years ago
- Screenshot Shenanigans☆24Updated 6 years ago
- Ansible scripts to build an attack box☆22Updated 5 years ago
- WStalker: an easy proxy☆25Updated 4 years ago
- s3eker is an extensible way to find open S3 buckets.☆17Updated 4 years ago
- During pentesting I often miss screenshots of events for reports due to the quick pace of testing and a lack of foreknowledge about what …☆25Updated 5 years ago
- ☆24Updated this week
- An nmap script to produce target lists for use with various tools.☆33Updated 3 years ago
- This is a Burpsuite plugin built to enable you to import your directory bruteforcing results into burp for easy viewing later. This is an…☆35Updated last year
- ☆33Updated 4 years ago
- A threaded, recursive, web directory brute-force scanner over HTTP/2.☆35Updated 4 years ago
- A rogue DNS detector☆23Updated 11 months ago
- Simple S3 Bucket Testing Software☆31Updated 2 years ago
- Script to parse multiple Nmap .gnmap exports into various plain-text formats for easy analysis.☆22Updated 10 years ago
- Data exfiltration utility for testing detection capabilities☆57Updated 2 years ago
- ☆27Updated this week
- ☆23Updated this week
- An enumeration and exploitation toolkit using RFC calls to SAP☆36Updated 4 years ago
- A collection of Metasploit plugins I have written for various reasons.☆15Updated 3 years ago
- ☆15Updated this week
- Pythonize Intruder Payload☆13Updated 3 years ago
- How to set up a local copy of Have-I-Been-Pwned's password checking service☆19Updated 3 years ago
- A multi-threaded scanner that helps identify CORS flaws/misconfigurations☆18Updated 4 years ago