Skip to content

@NetSPI NetSPI

Change the repository type filter

All

    Repositories list

    117 repositories

    • PowerHuntShares

      Public
      PowerHuntShares is an audit script designed in inventory, analyze, and report excessive privileges configured on Active Directory domains.
      PowerShell
      Other
      7655661Updated Oct 7, 2024Oct 7, 2024

    • zaproxy

      Public
      The ZAP by Checkmarx Core project
      Java
      Apache License 2.0
      2.2k000Updated Oct 3, 2024Oct 3, 2024

    • MicroBurst

      Public
      A collection of scripts for assessing Microsoft Azure security
      PowerShell
      Other
      3132k31Updated Sep 23, 2024Sep 23, 2024

    • gcpwn

      Public
      Enumeration/exploit/analysis/download/etc pentesting framework for GCP; modeled like Pacu for AWS; a product of numerous hours via @WebbinRoot
      Python
      BSD 3-Clause "New" or "Revised" License
      1619800Updated Sep 9, 2024Sep 9, 2024

    • PowerUpSQL

      Public
      PowerUpSQL: A PowerShell Toolkit for Attacking SQL Server
      PowerShell
      Other
      4602.4k193Updated Aug 20, 2024Aug 20, 2024

    • BypassFuzzer

      Public
      Fuzz 401/403/404 pages for bypasses
      Python
      27000Updated Aug 9, 2024Aug 9, 2024

    • PESecurity

      Public
      PowerShell module to check if a Windows binary (EXE/DLL) has been compiled with ASLR, DEP, SafeSEH, StrongNaming, and Authenticode.
      PowerShell
      MIT License
      14762161Updated Jul 31, 2024Jul 31, 2024

    • Scheduled-Task

      Public
      Native Binary for Creating a Scheduled Task
      centralattack-sim
      C++
      BSD 3-Clause "New" or "Revised" License
      0201Updated Jul 25, 2024Jul 25, 2024

    • bambdas

      Public
      Bambdas collection for Burp Suite Professional and Community.
      Java
      GNU Lesser General Public License v3.0
      28000Updated Jul 11, 2024Jul 11, 2024

    • FuncoPop

      Public
      Tools for attacking Azure Function Apps
      PowerShell
      Other
      66200Updated Jun 20, 2024Jun 20, 2024

    • AWSSigner

      Public
      Burp Extension for AWS Signing
      Java
      MIT License
      368663Updated Jun 14, 2024Jun 14, 2024

    • WikiJekyllTheme

      Public
      Wiki theme for various NetSPI wikis
      jekyll-theme
      HTML
      MIT License
      3100Updated May 20, 2024May 20, 2024

    • SQLInjectionWiki

      Public
      A wiki focusing on aggregating and documenting various SQL injection methods
      mysqlsqlwikiinjectionoraclesqlimssqlsqlservernetspi
      HTML
      14876322Updated May 8, 2024May 8, 2024

    • PowerHunt

      Public
      PowerHunt is a modular threat hunting framework written in PowerShell that leverages PowerShell Remoting for data collection on scale.
      PowerShell
      Other
      106130Updated Mar 25, 2024Mar 25, 2024

    • AutoDirbuster

      Public
      Automatically run and save ffuf scans for multiple IPs
      Python
      Other
      217400Updated Mar 19, 2024Mar 19, 2024

    • ruler

      Public
      A tool to abuse Exchange services
      Go
      Other
      357900Updated Mar 18, 2024Mar 18, 2024

    • silkwasm

      Public
      HTML Smuggling with Web Assembly
      Go
      BSD 3-Clause "New" or "Revised" License
      11800Updated Feb 20, 2024Feb 20, 2024

    • JavaSerialKiller

      Public
      Burp extension to perform Java Deserialization Attacks
      Java
      MIT License
      9720816Updated Feb 2, 2024Feb 2, 2024

    • vbamc

      Public
      Visual Basic for Applications macro project compiler.
      C#
      MIT License
      2100Updated Jan 23, 2024Jan 23, 2024

    • PowerShell

      Public
      NetSPI PowerShell Scripts
      PowerShell
      10432300Updated Jan 15, 2024Jan 15, 2024

    • BetaFast

      Public
      Vulnerable thick client applications used as examples in the Introduction to Hacking Desktop Applications blog series
      C#
      GNU General Public License v3.0
      129903Updated Jan 9, 2024Jan 9, 2024

    • GOAD

      Public
      game of active directory
      JavaScript
      GNU General Public License v3.0
      719000Updated Jan 3, 2024Jan 3, 2024

    • MonkeyWorks

      Public
      C#
      BSD 3-Clause "New" or "Revised" License
      286000Updated Dec 20, 2023Dec 20, 2023

    • XPath-Injection-Lab

      Public
      C#
      0200Updated Nov 3, 2023Nov 3, 2023

    • DetectionRules

      Public
      This is a single location to store detection rules of various types.
      0400Updated Oct 30, 2023Oct 30, 2023

    • BAS-Rubeus

      Public
      Trying to tame the three-headed dog.
      C#
      Other
      776100Updated Aug 15, 2023Aug 15, 2023

    • NetblockTool

      Public
      Find netblocks owned by a company
      Python
      Other
      6433830Updated Aug 3, 2023Aug 3, 2023

    • shopizer-admin

      Public
      SCSS
      MIT License
      149000Updated Jun 16, 2023Jun 16, 2023

    • ESC

      Public
      Evil SQL Client (ESC) is an interactive .NET SQL console client with enhanced SQL Server discovery, access, and data exfiltration features. While ESC can be a handy SQL Client for daily tasks, it was originally designed for targeting SQL Servers during penetration tests and red team engagements. The intent of the project is to provide an .exe, b…
      C#
      Other
      4027820Updated Apr 25, 2023Apr 25, 2023

    • cmdsql

      Public
      ASP.NET
      Other
      235400Updated Jan 30, 2023Jan 30, 2023