evict / poc_CVE-2018-1002105
PoC for CVE-2018-1002105.
☆223Updated 5 years ago
Related projects: ⓘ
- Test utility for cve-2018-1002105☆195Updated 5 years ago
- ☆235Updated 5 years ago
- A security testing Slackbot built with a Kubernetes backend on the Google Cloud Platform☆166Updated this week
- Unweaponized Proof of Concept for CVE-2019-5736 (Docker escape)☆207Updated 5 years ago
- Writeup of CVE-2017-1002101 with sample "exploit"/escape☆35Updated 6 years ago
- ☆213Updated 8 years ago
- DEF CON 26 Workshop - Attacking & Auditing Docker Containers Using Open Source☆106Updated 4 years ago
- AWS Extender (Cloud Storage Tester) is a Burp plugin to assess permissions of cloud storage containers on AWS, Google Cloud and Azure.☆240Updated 2 years ago
- TLS Redirection☆115Updated 6 years ago
- Executes commands in a container on a kubelet endpoint that allows anonymous authentication (default)☆113Updated 5 years ago
- Jenkins RCE Proof-of-Concept: SECURITY-1266 / CVE-2019-1003000 (Script Security), CVE-2019-1003001 (Pipeline: Groovy), CVE-2019-1003002 (…☆309Updated 5 years ago
- HTTPWookiee is an HTTP server and proxy stress tool (respect of RFC, HTTP Smuggling issues, etc). If you run an HTTP server project conta…☆49Updated 6 years ago
- Python automation of Docker.sock abuse☆210Updated last year
- JWT fuzzer☆104Updated 6 years ago
- This repository includes a set of scripts to install a Burp Collaborator Server in a docker environment, using a LetsEncrypt wildcard cer…☆279Updated 2 months ago
- JWT Fuzzer for BurpSuite. Adds an Intruder hook for on-the-fly JWT fuzzing.☆98Updated 5 years ago
- An exploit for Apache Struts CVE-2018-11776☆300Updated 6 years ago
- Testing/collecting some container breakouts☆93Updated 5 years ago
- Container Blackbox Security Auditing Tool: enumerates security configuration from within the target container☆84Updated 5 years ago
- A POC for DNS spoofing in kubernetes clusters. Runs with minimum capabilities, on default installations of kuberentes.☆74Updated 5 years ago
- ☆160Updated 6 years ago
- Working Python test and PoC for CVE-2018-11776, includes Docker lab☆126Updated 6 years ago
- HTML5 WebSocket message fuzzer☆141Updated 5 years ago
- A penetration testing tool to enumerate and analyse Amazon S3 Buckets owned by a domain.☆110Updated 5 years ago
- A tool for automatically gathering sensitive information from exposed Jenkins servers☆103Updated last year
- Burp extension to detect alias traversal via NGINX misconfiguration at scale.☆251Updated 2 years ago
- CVE-2017-9506 - SSRF☆184Updated 2 years ago
- Kubolt utility for scanning public kubernetes clusters☆109Updated 3 months ago
- CVE-2019-5736 POCs☆81Updated 4 years ago
- Automated GKE Kubelet Impersonation and Cluster Secret Stealer via kube-env☆102Updated 5 years ago