Google Compute Engine (GCE) VM takeover via DHCP flood - gain root access by getting SSH keys added by google_guest_agent
☆534Jul 30, 2021Updated 4 years ago
Alternatives and similar repositories for gcp-dhcp-takeover-code-exec
Users that are interested in gcp-dhcp-takeover-code-exec are comparing it to the libraries listed below
Sorting:
- This repo gives an overview of some GCP metadata API attack and defend patterns☆79Mar 23, 2020Updated 5 years ago
- ☆705Nov 27, 2024Updated last year
- Reverse proxies cheatsheet☆1,854Nov 4, 2023Updated 2 years ago
- Automated GKE Kubelet Impersonation and Cluster Secret Stealer via kube-env☆102Sep 10, 2019Updated 6 years ago
- ☆2,511Jan 2, 2023Updated 3 years ago
- NAT Slipstreaming allows an attacker to remotely access any TCP/UDP services bound to a victim machine, bypassing the victim’s NAT/firewa…☆1,970Jan 14, 2023Updated 3 years ago
- CVE-2021-1675 Detection Info☆215May 20, 2023Updated 2 years ago
- A container analysis and exploitation tool for pentesters and engineers.☆675Sep 27, 2023Updated 2 years ago
- Collections of Orange Tsai's public presentation slides.☆751Jan 1, 2025Updated last year
- This is a PoC exploit for CVE-2020-8559 Kubernetes Vulnerability☆54Jul 23, 2020Updated 5 years ago
- Proof of concept for CVE-2021-31166, a remote HTTP.sys use-after-free triggered remotely.☆828Jun 12, 2021Updated 4 years ago
- Kubernetes POC for utilizing write mount to /var/log for getting a root on the host☆100Nov 18, 2020Updated 5 years ago
- This project hosts security advisories and their accompanying proof-of-concepts related to research conducted at Google which impact non-…☆4,378Mar 3, 2026Updated last week
- A DNS rebinding attack framework.☆1,266Dec 4, 2025Updated 3 months ago
- A Logging Daemon☆11Jan 5, 2022Updated 4 years ago
- This repo has been replaced by https://www.cloudvulndb.org☆726Jun 29, 2022Updated 3 years ago
- Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, pwnkit, dirty pipe, +w docker.sock☆7,111Mar 12, 2024Updated last year
- Establishes mutually trusted TLS connections based on a pre-shared connection key.☆51Mar 21, 2024Updated last year
- ☆170May 20, 2021Updated 4 years ago
- ☆448Oct 3, 2024Updated last year
- Catalog Red Team techniques that cause popups in various macOS versions☆15Nov 18, 2024Updated last year
- An offensive bash script which tries to find GENERIC privesc vulnerabilities and issues.☆13Oct 17, 2017Updated 8 years ago
- ☆51Jun 13, 2024Updated last year
- Prototype Pollution and useful Script Gadgets☆1,589Jan 27, 2024Updated 2 years ago
- Linux eBPF backdoor over TCP. Spawn reverse shells, RCE, on prior privileged access. Less Honkin, More Tonkin.☆1,664Oct 19, 2023Updated 2 years ago
- Viewgen is a ViewState tool capable of generating both signed and encrypted payloads with leaked validation keys☆657Feb 1, 2025Updated last year
- Electron Research☆73Feb 9, 2022Updated 4 years ago
- Full exploit chain (CVE-2019-11708 & CVE-2019-9810) against Firefox on Windows 64-bit.☆625Jun 13, 2020Updated 5 years ago
- ☆1,200Sep 2, 2022Updated 3 years ago
- Simple patcher tool to turn off TLS handshake validation in golang binaries☆12Apr 23, 2022Updated 3 years ago
- ☆694Jul 4, 2022Updated 3 years ago
- HTTP request smuggling attack helper/CLI tools to manipulate HTTP packets☆35Sep 23, 2022Updated 3 years ago
- Notes about attacking Jenkins servers☆2,091Jul 10, 2024Updated last year
- A tool to exploit .NET Remoting Services☆534Jul 31, 2024Updated last year
- C# and Impacket implementation of PrintNightmare CVE-2021-1675/CVE-2021-34527☆1,967Jul 20, 2021Updated 4 years ago
- Client-Side Prototype Pollution Tools☆86Sep 21, 2021Updated 4 years ago
- Issues with WebSocket reverse proxying allowing to smuggle HTTP requests☆392Aug 15, 2024Updated last year
- HTTP Request Smuggling over HTTP/2 Cleartext (h2c)☆782May 10, 2022Updated 3 years ago
- Cloud Container Attack Tool (CCAT) is a tool for testing security of container environments.☆645Nov 21, 2019Updated 6 years ago