nccgroup / whalescanView external linksLinks
Whalescan is a vulnerability scanner for Windows containers, which performs several benchmark checks, as well as checking for CVEs/vulnerable packages on the container
☆156Jun 9, 2023Updated 2 years ago
Alternatives and similar repositories for whalescan
Users that are interested in whalescan are comparing it to the libraries listed below
Sorting:
- Welcome to the NCC Group Threat Intelligence Alert repo, here you will find the alerts which we have raised to our customers regarding in…☆25Feb 6, 2023Updated 3 years ago
- ☆19Oct 5, 2020Updated 5 years ago
- Transparently log all data passed into known JavaScript sinks - Sink Logger extension for Burp.☆49Jul 20, 2022Updated 3 years ago
- OpenVPN Connect for Windows (MSI) - 3.1.0.361 - Privilege Escalation☆26Feb 28, 2020Updated 5 years ago
- Building ActiveDirectory Lab for practicing various attack vectors used during Red Team engagement.☆38Feb 16, 2020Updated 5 years ago
- ☆16Jul 7, 2020Updated 5 years ago
- Simple reverse shell over Slack☆57Apr 18, 2021Updated 4 years ago
- Outlook persistence using VSTO add-ins☆87Jan 9, 2021Updated 5 years ago
- ZipArchive 2.1.4 dir traversal 0-Day☆17Aug 30, 2018Updated 7 years ago
- Library Secruity dependency Checker☆12Sep 13, 2019Updated 6 years ago
- A CLI tool for querying passive DNS services☆42Dec 15, 2023Updated 2 years ago
- CVE-2018-11311 | mySCADA myPRO 7 Hardcoded FTP Username and Password Vulnerability☆12Jul 2, 2018Updated 7 years ago
- CVE-2019-12949☆26Jun 28, 2019Updated 6 years ago
- ☆157Jun 15, 2022Updated 3 years ago
- ☆11Jul 16, 2017Updated 8 years ago
- Cobalt Strike/C2 Servers☆13Apr 22, 2021Updated 4 years ago
- Advanced Burp Suite Logging Extension☆689May 31, 2024Updated last year
- Some of my public exploits☆52Sep 15, 2020Updated 5 years ago
- Small Python library that makes it easy to exploit race conditions in web apps with Requests.☆161May 22, 2023Updated 2 years ago
- A password spraying tool for Microsoft Online accounts (Azure/O365). The script logs if a user cred is valid, if MFA is enabled on the ac…☆1,073Mar 19, 2024Updated last year
- Red Team C2 Infrastructure built in AWS using Ansible!☆232Oct 4, 2020Updated 5 years ago
- 内网渗透中快速获取数据库所有库名,表名,列名。具体判断后再去翻数据,节省时间。适用于mysql,mssql。☆197Nov 11, 2019Updated 6 years ago
- A collection of Cobalt Strike Malleable C2 profiles☆36Oct 13, 2020Updated 5 years ago
- Pass list of urls with FUZZ in and it will check if it has found a potential SSRF.☆112Feb 14, 2022Updated 4 years ago
- This is an example library to show how to fuzz with AFL++ only the code modified by the last commit.☆17Mar 2, 2020Updated 5 years ago
- Pattern recognition for hosts, services, and content☆14Aug 19, 2022Updated 3 years ago
- Vulnerability research on the CA UIM Nimbus protocol☆15Sep 28, 2020Updated 5 years ago
- Terraform configuration to build a Burp Private Collaborator Server☆29Sep 16, 2018Updated 7 years ago
- PoC Code for CVE-2018-16712 (exploit by MmMapIoSpace)☆25Dec 1, 2018Updated 7 years ago
- A tool designed to assist with finding all sinks and sources of a web application and display these results in a digestible manner.☆558Mar 6, 2023Updated 2 years ago
- ☆576Jul 12, 2025Updated 7 months ago
- ☆284Nov 12, 2021Updated 4 years ago
- jnlpdownloader is a Python script that takes a URL to a JNLP and downloads all the associated JARs and native libraries. Another Java ba…☆14Aug 16, 2021Updated 4 years ago
- Evil snippets of Underhanded Red Team tactics☆11Jul 5, 2017Updated 8 years ago
- Corpora used to seed NSS' fuzzing targets☆10Feb 1, 2026Updated 2 weeks ago
- Enumerate valid usernames from Office 365 using ActiveSync, Autodiscover v1, or office.com login page.☆292May 2, 2024Updated last year
- Slides and Code for the BHUSA 2019 talk: Flying a False Flag☆239Nov 8, 2019Updated 6 years ago
- Fuzzing Browsers☆314Dec 5, 2022Updated 3 years ago
- Encima De la Mosca HTTP proxy POC for infecting files on-the-fly and SSLstrip2☆41Sep 1, 2018Updated 7 years ago