Category: Web Exploitation

Kubolt: scanning public kubernetes clusters

Kubolt is a simple utility for scanning public unauthenticated kubernetes clusters and runs commands inside containers. Why? Sometimes, the kubelet port 10250 is open to unauthorized access and makes it possible to run commands...

Serverless Blind XSS

xless: The Serverless Blind XSS App

XLESS – The Serverless Blind XSS App xless is a serverless blind XSS app that can be used to identify blind XSS vulnerabilities using your own deployed version of the app. There is no need to...

JMX exploitation toolkit

sjet: siberas JMX exploitation toolkit

sJET siberas JMX Exploitation Toolkit sJET allows easy exploitation of insecure configured JMX services. Download Prerequirement Jython 2.7 git clone https://github.com/siberas/sjet.git Usage SJET implements a CLI interface (using argparse): jython sjet.py targetHost targetPort password MODE (modeOptions)...