ropnop / pentest_charts
Some helpful Helm Charts for pentesters
☆38Updated 5 years ago
Related projects: ⓘ
- Writeup of CVE-2017-1002101 with sample "exploit"/escape☆35Updated 6 years ago
- Jekyll Files for cloudsecwiki.com☆49Updated 3 years ago
- Executes commands in a container on a kubelet endpoint that allows anonymous authentication (default)☆113Updated 5 years ago
- PoC for gaining persistency on vulnerable Lambdas☆30Updated 3 years ago
- Serverless Workshop☆16Updated last year
- Proof of Concept exploit for Kubernetes CVE-2020-8559☆20Updated 4 years ago
- Container Blackbox Security Auditing Tool: enumerates security configuration from within the target container☆84Updated 5 years ago
- Proof-of-concept CORS exploitation tool.☆34Updated 5 years ago
- 🔐 A concurrent, command-line AWS S3 Fuzzer. Written in Go.☆44Updated 6 years ago
- Exploit CVE-2021-25735: Kubernetes Validating Admission Webhook Bypass☆18Updated 3 years ago
- Burp Extension for AWS Signing☆85Updated 3 months ago
- List of special metadata IPs used in cloud services☆11Updated 5 years ago
- Terraform configuration to build a Burp Private Collaborator Server☆25Updated 6 years ago
- This is a PoC exploit for CVE-2020-8559 Kubernetes Vulnerability☆53Updated 4 years ago
- Reconnaissance test in Kubernetes clusters☆21Updated 5 years ago
- Proof of concept for CVE-2020-15257 in containerd.☆16Updated 3 years ago
- Whitebox evaluation of effective S3 object permissions, to identify publicly accessible files.☆74Updated 2 years ago
- Based on Lightspin proprietary data, research, and our tracking of cloud security trends in the market, our research team has compiled a …☆38Updated 2 years ago
- Terraform resources for building HTTP, DNS, phishing, and mail server red team infrastructure☆93Updated 5 years ago
- Deliberately insecure Kubernetes test clusters built using kind☆11Updated 5 years ago
- A Burp extension to show the Collaborator client in a tab☆36Updated last year
- WARNING: This is a vulnerable application to test the exploit for the Spring Break vulnerability (CVE-2017-8046). Run it at your own risk…☆11Updated 5 years ago
- insject is a tool for poking at containers. It enables you to run an arbitrary command in a container or any mix of Linux namespaces.☆49Updated 2 years ago
- ☆25Updated 3 years ago
- Assorted tools for security-related task for git repositories☆59Updated 2 years ago
- Full TTY reverse shell over SSH☆57Updated 4 years ago
- Fork of https://github.com/PortSwigger/param-miner for header smuggling research☆12Updated 2 years ago
- Terraform configuration to build a Burp Private Collaborator Server☆29Updated 6 years ago
- A simple scanner to find and brute force tomcat manager logins☆28Updated 4 years ago
- Manual JavaScript Linting is a Bug☆49Updated 3 years ago