Skip to content

@NetSPI NetSPI

Change the repository type filter

All

    Repositories list

    138 repositories

    • bambdas

      Public
      Bambdas collection for Burp Suite Professional and Community.
      Java
      GNU Lesser General Public License v3.0
      77001Updated Dec 12, 2025Dec 12, 2025

    • NetSIP

      Public
      NetSIP is a Python-powered SIP repeater that lets you craft, replay, and inspect SIP traffic.
      Python
      GNU General Public License v3.0
      0200Updated Nov 6, 2025Nov 6, 2025

    • MicroBurst

      Public
      A collection of scripts for assessing Microsoft Azure security
      PowerShell
      BSD 3-Clause "New" or "Revised" License
      3352.3k41Updated Oct 29, 2025Oct 29, 2025

    • FuncoPop

      Public
      Tools for attacking Azure Function Apps
      PowerShell
      Other
      118811Updated Oct 28, 2025Oct 28, 2025

    • PXEThief

      Public
      PXEThief is a set of tooling that can extract passwords from the Operating System Deployment functionality in Microsoft Endpoint Configuration Manager
      Python
      GNU General Public License v3.0
      65000Updated Oct 28, 2025Oct 28, 2025

    • PowerHuntShares

      Public
      PowerHuntShares is an audit script designed in inventory, analyze, and report excessive privileges configured on Active Directory domains.
      PowerShell
      Other
      109954100Updated Oct 15, 2025Oct 15, 2025

    • BurpExtractor

      Public
      A Burp extension for generic extraction and reuse of data within HTTP requests and responses.
      Java
      339583Updated Oct 7, 2025Oct 7, 2025

    • whois-parser

      Public
      Whois parser for domain whois information parsing in Go(Golang).
      Go
      Apache License 2.0
      100000Updated Sep 25, 2025Sep 25, 2025

    • ATEAM

      Public
      Python
      BSD 3-Clause "New" or "Revised" License
      1413320Updated Sep 9, 2025Sep 9, 2025

    • Snaffler

      Public
      a tool for pentesters to help find delicious candy, by @l0ss and @Sh3r4 ( Twitter: @/mikeloss and @/sh3r4_hax )
      C#
      GNU General Public License v3.0
      258100Updated Sep 8, 2025Sep 8, 2025

    • egressTester

      Public
      Allows testing all egress ports, an updated version of egressbuster
      0000Updated Sep 4, 2025Sep 4, 2025

    • MSSQLHound

      Public
      PowerShell collector for adding MSSQL attack paths to BloodHound with OpenGraph
      PowerShell
      GNU General Public License v3.0
      17100Updated Jul 30, 2025Jul 30, 2025

    • CVE-2025-4660

      Public
      PoC for CVE-2025-4660 demonstrating exploitation of the Forescout SecureConnector on Windows
      Python
      BSD 3-Clause "New" or "Revised" License
      41600Updated Jul 16, 2025Jul 16, 2025

    • set_sail

      Public
      SailPoint IQService - RCE via Default Encryption Key
      Python
      Other
      3100Updated Jul 8, 2025Jul 8, 2025

    • BAS-Public-Tools

      Public
      0000Updated Jun 18, 2025Jun 18, 2025

    • gcpwn

      Public
      Enumeration/exploit/analysis/download/etc pentesting framework for GCP; modeled like Pacu for AWS; a product of numerous hours via @WebbinRoot
      Python
      BSD 3-Clause "New" or "Revised" License
      2727400Updated May 16, 2025May 16, 2025

    • wopper

      Public
      Automatically upload, execute, and delete a PHP file using Wordpress administrator credentials.
      Shell
      BSD 3-Clause "New" or "Revised" License
      0300Updated Apr 23, 2025Apr 23, 2025

    • test-setup-public

      Public
      0000Updated Apr 22, 2025Apr 22, 2025

    • BOF-PE

      Public
      An example reference design for a proposed BOF PE
      redteampost-ex
      C++
      BSD 3-Clause "New" or "Revised" License
      2319001Updated Apr 17, 2025Apr 17, 2025

    • trufflehog-integration-netspi

      Public
      NetSPi fork of the official TruffleHog Burp Suite Extension. Scan Burp Suite traffic for 800+ different types of secrets (API keys, passwords, SSH keys, etc) using TruffleHog.
      Python
      18000Updated Mar 11, 2025Mar 11, 2025

    • Challenges

      Public
      1000Updated Mar 7, 2025Mar 7, 2025

    • PowerShell

      Public
      NetSPI PowerShell Scripts
      PowerShell
      10833901Updated Jan 24, 2025Jan 24, 2025

    • AWSSigner

      Public
      Burp Extension for AWS Signing
      Java
      MIT License
      409072Updated Jan 10, 2025Jan 10, 2025

    • Open-LLM-Security-Benchmark

      Public
      HTML
      Other
      42100Updated Dec 16, 2024Dec 16, 2024

    • BypassFuzzer

      Public
      Fuzz 401/403/404 pages for bypasses
      Python
      47400Updated Dec 14, 2024Dec 14, 2024

    • PowerHunt

      Public
      PowerHunt is a modular threat hunting framework written in PowerShell that leverages PowerShell Remoting for data collection on scale.
      PowerShell
      Other
      147130Updated Dec 12, 2024Dec 12, 2024

    • PowerUpSQL

      Public
      PowerUpSQL: A PowerShell Toolkit for Attacking SQL Server
      PowerShell
      Other
      4782.7k214Updated Dec 12, 2024Dec 12, 2024

    • forceworkbench

      Public
      Web-based suite of tools for administrators and developers to interact with the Force.com APIs
      PHP
      BSD 3-Clause "New" or "Revised" License
      263000Updated Dec 10, 2024Dec 10, 2024

    • zap-extensions

      Public
      ZAP Add-ons
      HTML
      Apache License 2.0
      759000Updated Oct 22, 2024Oct 22, 2024

    • community-scripts

      Public
      A collection of ZAP scripts and tips provided by the community - pull requests very welcome!
      JavaScript
      Apache License 2.0
      255100Updated Oct 18, 2024Oct 18, 2024