nccgroup / gitpwnd
GitPwnd is a network penetration tool that lets you use a git repo for command and control of compromised machines
☆143Updated last year
Related projects: ⓘ
- Test a network's egress controls with various levels of success and failure.☆101Updated 2 years ago
- penetration testing scripts☆137Updated 5 years ago
- Proof-of-concept JavaScript malware implemented as a Proxy Auto-Configuration (PAC) File☆158Updated 8 years ago
- Testing/collecting some container breakouts☆93Updated 5 years ago
- Feed the tool a .nessus file and it will automatically get you MSF shell☆232Updated last year
- ☆55Updated 4 years ago
- A project designed to parse public source code repositories and find various types of vulnerabilities.☆188Updated 6 years ago
- PwnableWeb is a suite of web applications for use in information security training.☆87Updated 10 years ago
- Burp and ZAP plugin to analyse Content-Security-Policy headers or generate template CSP configuration from crawling a Website☆135Updated 4 years ago
- ☆148Updated last year
- yotter - bash script that performs recon and then uses dirb to discover directories that might lead to information leakage☆122Updated 6 years ago
- A tool to enumerate S3 buckets manually or via certstream☆80Updated last year
- You're a #pentester and you totally pwn that linux box, congrats! Now what? You can launch gimmecredz.sh which will try to extract all p…☆168Updated 4 years ago
- GreyNoise Query Language☆78Updated 5 years ago
- GPG Reaper - Obtain/Steal/Restore GPG Private Keys from gpg-agent cache/memory☆92Updated 6 years ago
- Very crude and poorly written HTTP(s) and SMTP bin☆92Updated 3 years ago
- ☆122Updated 6 years ago
- Extreme Vulnerable Node Application☆94Updated 5 years ago
- Common Findings Database☆100Updated 5 years ago
- malicious file maker/sender to create and send malicious attachments to test your email filter/alerting☆67Updated 6 years ago
- OSINT Threat Intel Interface - CLI for HoneyDB☆112Updated 5 years ago
- This tool can be used to enumerate the subdomains associated with a company by aggregating the results of multiple OSINT (Open Source Int…☆140Updated last year
- AWS Extender CLI is a command-line script to test S3 buckets as well as Google Storage buckets and Azure Storage containers for common mi…☆81Updated 4 years ago
- Tool for breaking into web applications.☆88Updated 5 years ago
- A simple tool for offline searching of default credentials for network devices, web applications and more.☆165Updated 6 years ago
- The SSH Multiplex Backdoor Tool☆62Updated 4 years ago
- Guesses hash types, picks some sensible dictionaries and rules for hashcat☆93Updated 10 months ago
- The Unofficial Burp Extension for DNSDumpster.com☆70Updated 6 years ago
- A DB of known Web Application Admin URLS, Username/Password Combos and Exploits☆153Updated 9 years ago
- An exploitation shell focusing on exploiting command injection vulnerabilities, eg., LFI, RFI, SSTI, etc.☆166Updated 7 months ago