vp777 / procrustes
A bash script that automates the exfiltration of data over dns in case we have blind command execution on a server with egress filtering
☆209Updated 4 years ago
Alternatives and similar repositories for procrustes:
Users that are interested in procrustes are comparing it to the libraries listed below
- Burp with Friends☆101Updated 2 years ago
- Linux privilege escalation via LXD☆132Updated 4 years ago
- d(ockerp)wn - a docker pwn tool manager☆155Updated 3 years ago
- Boomerang is a tool to expose multiple internal servers to web/cloud. Agent & Server are pretty stable and can be used in Red Team for Mu…☆219Updated 4 years ago
- Corsair_scan is a security tool to test Cross-Origin Resource Sharing (CORS).☆123Updated last year
- ☆147Updated 3 years ago
- Everything you need about Burp Extension Generation☆152Updated 2 years ago
- JIRA Secure Attachment Looter☆69Updated 4 years ago
- Find cloud assets that no one wants exposed 🔎 ☁️☆335Updated 4 years ago
- DEPRECATED, please use the new repository from OWASP: https://github.com/OWASP/raider☆138Updated 3 years ago
- Weaponizing Live CT logs for automated monitoring of assets☆132Updated 3 years ago
- DupeKeyInjector☆135Updated 2 years ago
- Terraform resources for building HTTP, DNS, phishing, and mail server red team infrastructure☆94Updated 5 years ago
- EagleShell is a high-quality tool that aims to improve your pentest.☆77Updated 4 years ago
- Exfiltrate blind Remote Code Execution and SQL injection output over DNS via Burp Collaborator.☆266Updated 3 weeks ago
- Burp Automator - A Burp Suite Automation Tool. It provides a high level CLI and Python interfaces to Burp Suite scanner and can be used t…☆193Updated 10 months ago
- CVE-2019-19781 - Remote Code Execution on Citrix ADC Netscaler exploit☆156Updated 4 years ago
- Tools to assess the DNS security of web applications☆127Updated 2 years ago
- SNIcat☆126Updated 3 years ago
- Swiss army knife Webserver in Golang. Keep simple like the python SimpleHTTPServer but with many features☆195Updated 8 months ago
- HoneyCreds network credential injection to detect responder and other network poisoners.☆216Updated 3 years ago
- This Burpsuite plugin allows for multiple web app testers to share their proxy history with each other in real time. Requests that comes …☆256Updated 2 years ago
- Programmatically create hunting rules for deserialization exploitation with multiple keywords, gadget chains, object types, encodings, an…☆141Updated last year
- Whalescan is a vulnerability scanner for Windows containers, which performs several benchmark checks, as well as checking for CVEs/vulner…☆155Updated last year
- Exploit for Pulse Connect Secure SSL VPN arbitrary file read vulnerability (CVE-2019-11510)☆138Updated 5 years ago
- Searching for virtual hosts among non-resolvable domains☆87Updated 4 years ago
- Red Team C2 Infrastructure built in AWS using Ansible!☆225Updated 4 years ago
- A lab to play with authentication and authorisation problems☆95Updated last year
- Abuse CVE-2020-1472 (Zerologon) to take over a domain and then repair the local stored machine account password.☆176Updated last year
- Various Payload wordlists☆235Updated 4 years ago