pwn_jenkins
jenkins-update-center
pwn_jenkins | jenkins-update-center | |
---|---|---|
2 | 1 | |
1,894 | 38 | |
- | - | |
5.7 | 9.5 | |
about 1 month ago | 8 days ago | |
Python | Python | |
- | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
pwn_jenkins
-
CorePlague: Severe Vulnerabilities in Jenkins Server Lead to Remote Code Execution
I did add it to the list though.
-
JAF is an internally developed, red team-oriented tool from Accenture for interacting with Jenkins build servers.
I'm maintaining a list of scripts and exploits for Jenkins here: https://github.com/gquere/pwn_jenkins
jenkins-update-center
-
local update server - complains about digest?
I have not found any solutions to this part of the "corporate jenkins update site" instructions/recommendations found in several sites: https://github.com/ikedam/backend-update-center2/wiki/How-to-create-your-own-Jenkins-Update-Center https://github.com/lework/jenkins-update-center https://medium.com/@prabhas.gupte/how-to-setup-custom-jenkins-update-center-d4bd6d3772d5 https://www.north-47.com/knowledge-base/update-jenkins-plugins-behind-a-corporate-proxy/ https://www.jenkins.io/blog/2015/07/14/juseppe-a-custom-update-site-for-jenkins/ https://support.cloudbees.com/hc/en-us/articles/115000494608-Why-is-there-Failed-Signature-Check-when-using-update-server-
What are some alternatives?
jenkins-job-wrecker - convert Jenkins job XML to JJB YAML
update-center2 - Jenkins Update Center backend
RomBuster - RomBuster is a router exploitation tool that allows to disclosure network router admin password.
backend-update-center2 - Update center backend
CVE-2021-41773 - Apache2 2.4.49 - LFI & RCE Exploit - CVE-2021-41773
cicd-goat - A deliberately vulnerable CI/CD environment. Learn CI/CD security through multiple challenges.
jklint - A Jenkinsfile linter CLI saving time linting Jenkinsfiles by only typing 1 argument in the command line.
docker-android - Android in docker solution with noVNC supported and video recording
DogWalk-rce-poc - š¾Dogwalk PoC (using diagcab file to obtain RCE on windows)
nagios-plugins - 450+ AWS, Hadoop, Cloud, Kafka, Docker, Elasticsearch, RabbitMQ, Redis, HBase, Solr, Cassandra, ZooKeeper, HDFS, Yarn, Hive, Presto, Drill, Impala, Consul, Spark, Jenkins, Travis CI, Git, MySQL, Linux, DNS, Whois, SSL Certs, Yum Security Updates, Kubernetes, Cloudera etc...
altwalker-jenkins-example - An example of a simple Jenkins Pipeline for AltWalker.
taurus - Automation-friendly framework for Continuous Testing by