stafordtituss / HazProne
HazProne is a Cloud Pentesting Framework that emulates close to Real-World Scenarios by deploying Vulnerable-By-Demand AWS resources enabling you to pentest Vulnerabilities within, and hence, gain a better understanding of what could go wrong and why!!
☆39Updated 2 years ago
Alternatives and similar repositories for HazProne:
Users that are interested in HazProne are comparing it to the libraries listed below
- cvet is a Python utility for pulling actionable vulnerabilities from cvetrends.com☆39Updated 2 years ago
- Enumerate AWS permissions and resources.☆67Updated 2 years ago
- This is a repository for Penetration Test, Purple Team Exercise and Red Team☆17Updated last year
- ☆27Updated last year
- Manage attack surface data on Elasticsearch☆21Updated last year
- ☆12Updated 3 years ago
- ☆17Updated last year
- Collection of Tools & Techniques for analyzing URLs☆30Updated last year
- Intentionally Vulnerable Nodejs Application & APIs☆22Updated 2 years ago
- Virtual Security Operations Center☆50Updated last year
- A "Spring4Shell" vulnerability scanner.☆50Updated last week
- Exploit for Symfony CVE-2024-50340 (forked eos)☆27Updated 2 months ago
- EC2StepShell is an AWS post-exploitation tool for getting high privileges reverse shells in public or private EC2 instances.☆62Updated 4 months ago
- User enumeration and password spraying tool for testing Azure AD☆69Updated 2 years ago
- This repository has workflows created for https://github.com/RikunjSindhwad/Task-Ninja☆23Updated 5 months ago
- My talks...☆23Updated 3 months ago
- Enumerate AWS cloud resources based on provided credential☆50Updated 2 years ago
- Perform TE.CL HTTP Request Smuggling attacks by crafting HTTP Request automatically.☆67Updated 2 years ago
- Assorted scripts I made for Red Teaming / Pen Testing☆13Updated 7 months ago
- A tool for quickly evaluating IAM permissions in AWS.☆57Updated last year
- "Terrible Thick Client" is a vulnerable application developed in C# .NET framework.☆19Updated last year
- Just learning around new stuff mostly Red Teaming and such but will try to see if I can update or simplify them more, nothing too exotic …☆38Updated 2 years ago
- ☆32Updated last month
- A collection of commands, scripts, tips, tricks, and other information compiled during my journey to obtaining the OSCP certification.☆23Updated 4 years ago
- Script to automate, when possible, the passive reconnaissance performed on a website prior to an assessment.☆37Updated 3 weeks ago
- ElasticSearch exploit and Pentesting guide for penetration tester☆24Updated 2 years ago
- A set of scripts to install a Burp Collaborator Server in a docker environment, using a LetsEncrypt wildcard certificate in as simple a p…☆28Updated 2 weeks ago
- ☆16Updated 2 years ago
- moniorg is a tool that leverages crt.sh website to monitor domains of a target☆47Updated last year
- Template used for my OSCP exam.☆26Updated 2 years ago