kh4sh3i / ElasticSearch-PentestingLinks
ElasticSearch exploit and Pentesting guide for penetration tester
☆29Updated 3 years ago
Alternatives and similar repositories for ElasticSearch-Pentesting
Users that are interested in ElasticSearch-Pentesting are comparing it to the libraries listed below
Sorting:
- A python3 script searching for secret on swaggerhub☆66Updated 3 years ago
- A BurpSuite extension to deploy an OpenVPN config file to DigitalOcean and set up a SOCKS proxy to route traffic through it☆51Updated last month
- ☆27Updated 3 years ago
- User enumeration and password spraying tool for testing Azure AD☆70Updated 3 years ago
- A Burp Suite extension for finding DNS vulnerabilities in web applications!☆94Updated 2 years ago
- ☆57Updated 3 years ago
- Determine the running software version of a remote F5 BIG-IP management interface.☆69Updated last year
- The great Microsoft exchange hack: A penetration tester’s guide (exchange penetration testing)☆119Updated 3 months ago
- This script implements the Proof of Concept attack from the Checkpoint research "NTLM Credentials Theft via PDF Files"☆27Updated 7 years ago
- ☆27Updated 2 years ago
- A "Spring4Shell" vulnerability scanner.☆49Updated 10 months ago
- This tool is designed to test for file upload and XXE vulnerabilities by poisoning XLSX files.☆81Updated last year
- Automating Juicy Potato Local Privilege Escalation CMD exploit for penetration testers.☆48Updated 2 years ago
- Perform TE.CL HTTP Request Smuggling attacks by crafting HTTP Request automatically.☆73Updated 3 years ago
- CoWitness is a powerful web application testing tool that enhances the accuracy and efficiency of your testing efforts. It allows you to …☆125Updated last year
- A Proof-Of-Concept for the CVE-2023-43770 vulnerability.☆33Updated 2 years ago
- Open-Source Phishing Toolkit☆19Updated 4 years ago
- ☆74Updated last year
- 「💥」CVE-2022-33891 - Apache Spark Command Injection☆26Updated 3 years ago
- PassMute - A multi featured Password Transmutation/Mutator Tool☆53Updated 2 years ago
- ☆41Updated 2 years ago
- Nmapurls parses Nmap xml reports from either piped input or command line arg and outputs a list of http(s) URL's to be used in an automat…☆42Updated 5 months ago
- Help recon of hostnames from specific ASN or CIDR, thanks to Robtex and BGP.HE☆54Updated last year
- CVE-2022-22963 is a vulnerability in the Spring Cloud Function Framework for Java that allows remote code execution. This python script w…☆24Updated 2 years ago
- A powerful AWS Cognito analysis and session hijacking toolkit designed for security researchers and penetration testers. CognitoHunter sp…☆21Updated 10 months ago
- ☆57Updated last year
- Make better use of the embedded browser that comes by default with Burp☆45Updated last year
- cve-2022-42889 Text4Shell CVE-2022-42889 affects Apache Commons Text versions 1.5 through 1.9. It has been patched as of Commons Text ver…☆39Updated 3 years ago
- Just learning around new stuff mostly Red Teaming and such but will try to see if I can update or simplify them more, nothing too exotic …☆43Updated 3 years ago
- A fast enumeration tool for publicly exposed Azure Storage blobs.☆114Updated 2 years ago