NetSPI

Minneapolis, MN

https://www.netspi.com

NetSPI's repositories

PowerUpSQL

PowerUpSQL: A PowerShell Toolkit for Attacking SQL Server

Language:PowerShellNOASSERTION2445 107 51

MicroBurst

A collection of scripts for assessing Microsoft Azure security

Language:PowerShellNOASSERTION2021 58 22

SQLInjectionWiki

A wiki focusing on aggregating and documenting various SQL injection methods

Language:HTML763 79 3

PESecurity

PowerShell module to check if a Windows binary (EXE/DLL) has been compiled with ASLR, DEP, SafeSEH, StrongNaming, and Authenticode.

Language:PowerShellMIT621 82 18

PowerHuntShares

PowerHuntShares is an audit script designed in inventory, analyze, and report excessive privileges configured on Active Directory domains.

Language:PowerShellNOASSERTION555 9 10

NetblockTool

Find netblocks owned by a company

Language:PythonNOASSERTION337 11 10

PowerShell

NetSPI PowerShell Scripts

Language:PowerShell323 74 1

ESC

Evil SQL Client (ESC) is an interactive .NET SQL console client with enhanced SQL Server discovery, access, and data exfiltration features. While ESC can be a handy SQL Client for daily tasks, it was originally designed for targeting SQL Servers during penetration tests and red team engagements. The intent of the project is to provide an .exe, but also sample files for execution through mediums like msbuild and PowerShell.

Language:C#NOASSERTION278 10 2

JavaSerialKiller

Burp extension to perform Java Deserialization Attacks

Language:JavaMIT208 21 2

gcpwn

Enumeration/exploit/analysis/download/etc pentesting framework for GCP; modeled like Pacu for AWS; a product of numerous hours via @WebbinRoot

Language:PythonBSD-3-Clause198 2 1

BetaFast

Vulnerable thick client applications used as examples in the Introduction to Hacking Desktop Applications blog series

Language:C#GPL-3.098 30

AWSSigner

Burp Extension for AWS Signing

Language:JavaMIT85 18 23

AutoDirbuster

Automatically run and save ffuf scans for multiple IPs

Language:PythonNOASSERTION74 70

FuncoPop

Tools for attacking Azure Function Apps

Language:PowerShellNOASSERTION61 3 1

PowerHunt

PowerHunt is a modular threat hunting framework written in PowerShell that leverages PowerShell Remoting for data collection on scale.

Language:PowerShellNOASSERTION61 9 3

MonkeyWorks

Language:C#BSD-3-Clause60 70

cmdsql

Language:ASP.NETNOASSERTION54 620

silkwasm

HTML Smuggling with Web Assembly

Language:GoBSD-3-Clause18 20

ruler

A tool to abuse Exchange services

Language:GoNOASSERTION9 10

DetectionRules

This is a single location to store detection rules of various types.

4 30

Scheduled-Task

Native Binary for Creating a Scheduled Task

Language:C++BSD-3-Clause2 80

BAS-Rubeus

Trying to tame the three-headed dog.

Language:C#NOASSERTION1 10

DInvoke

Dynamically invoke arbitrary unmanaged code from managed code without PInvoke.

Language:C#MIT1 10

vbamc

Visual Basic for Applications macro project compiler.

Language:C#MIT1 10

WikiJekyllTheme

Wiki theme for various NetSPI wikis

Language:HTMLMIT100

XPath-Injection-Lab

Language:C#1 20

bambdas

Bambdas collection for Burp Suite Professional and Community.

Language:JavaLGPL-3.0000

BypassFuzzer

Fuzz 401/403/404 pages for bypasses

Language:Python000

GOAD

game of active directory

Language:JavaScriptGPL-3.0010

shopizer-admin

Language:SCSSMIT010