Lucene search
K

5 matches found

Pen Test Partners Blog
Pen Test Partners Blog
added 2022/05/31 5:4 a.m.16 views

Your cloud? My cloud now

A true story on taking over a client’s Azure tenant via a successful phish. TL;DR A tempting phish got lots of users to disclose their passwords, and a lack of training resulted in the victims accepting the Microsoft push-based multi-factor authentication. This resulted in gaining access to Slack...

6.9AI score
Exploits0
Kitploit
Kitploit
added 2020/07/26 1:0 p.m.29 views

reNgine - An Automated Reconnaissance Framework Meant For Gathering Information During Penetration Testing Of Web Applications

reNgine is an automated reconnaissance framework meant for gathering information during penetration testing of web applications. reNgine has customizable scan engines, which can be used to scan the websites, endpoints, and gather information. The beauty of reNgine is that it gathers everything in...

6.9AI score
Exploits0References11
Kitploit
Kitploit
added 2020/06/24 9:30 p.m.320 views

Sifter 7.4 - OSINT, Recon & Vulnerability Scanner

Sifter is a osint, recon & vulnerability scanner. It combines a plethara of tools within different module sets in order to quickly perform recon tasks, check network firewalling, enumerate remote and local hosts, and scan for the 'blue' vulnerabilities within microsft and if unpatched, exploit...

7.8CVSS8.6AI score0.07667EPSS
Exploits5References7
Kitploit
Kitploit
added 2020/03/11 11:33 a.m.78 views

Sifter - A OSINT, Recon And Vulnerability Scanner

Sifter is a osint, recon & vulnerability scanner. It combines a plethara of tools within different module sets in order to quickly perform recon tasks, check network firewalling, enumerate remote and local hosts, and scan for the 'blue' vulnerabilities within microsft and if unpatched, exploit...

7.2AI score
Exploits0References2
Kitploit
Kitploit
added 2018/04/08 1:16 p.m.18 views

goGetBucket - A Penetration Testing Tool To Enumerate And Analyse Amazon S3 Buckets Owned By A Domain

When performing a recon on a domain - understanding assets they own is very important. AWS S3 bucket permissions have been confused time and time again, and have allowed for the exposure of sensitive material. What this tool does, is enumerate S3 bucket names using common patterns I have identifi...

6.9AI score
Exploits0References2
Rows per page
Query Builder