pwn_jenkins
Notes about attacking Jenkins servers (by gquere)
Our great sponsors
jenkins-attack-framework | pwn_jenkins | |
---|---|---|
1 | 2 | |
543 | 1,890 | |
0.0% | - | |
2.7 | 5.7 | |
almost 3 years ago | 22 days ago | |
Python | Python | |
MIT License | - |
The number of mentions indicates the total number of mentions that we've tracked plus the number of user suggested alternatives.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
jenkins-attack-framework
Posts with mentions or reviews of jenkins-attack-framework.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2021-05-05.
pwn_jenkins
Posts with mentions or reviews of pwn_jenkins.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2021-05-05.
-
CorePlague: Severe Vulnerabilities in Jenkins Server Lead to Remote Code Execution
I did add it to the list though.
-
JAF is an internally developed, red team-oriented tool from Accenture for interacting with Jenkins build servers.
I'm maintaining a list of scripts and exploits for Jenkins here: https://github.com/gquere/pwn_jenkins
What are some alternatives?
When comparing jenkins-attack-framework and pwn_jenkins you can also consider the following projects:
jenkins-job-wrecker - convert Jenkins job XML to JJB YAML
RomBuster - RomBuster is a router exploitation tool that allows to disclosure network router admin password.
CVE-2021-41773 - Apache2 2.4.49 - LFI & RCE Exploit - CVE-2021-41773
jklint - A Jenkinsfile linter CLI saving time linting Jenkinsfiles by only typing 1 argument in the command line.
jenkins-update-center - Jenkins mirror update center generator
DogWalk-rce-poc - š¾Dogwalk PoC (using diagcab file to obtain RCE on windows)
altwalker-jenkins-example - An example of a simple Jenkins Pipeline for AltWalker.