scmkit.md 1.1 KB
SCMKit
Description
Source Code Management Attack Toolkit - SCMKit is a toolkit that can be used to attack SCM systems. SCMKit allows the user to specify the SCM system and attack module to use, along with specifying valid credentials (username/password or API key) to the respective SCM system. Currently, the SCM systems that SCMKit supports are GitHub Enterprise, GitLab Enterprise and Bitbucket Server. The attack modules supported include reconnaissance, privilege escalation and persistence. SCMKit was built in a modular approach, so that new modules and SCM systems can be added in the future by the information security community.
Categories
- Red Team
Black Hat sessions
Code
https://github.com/xforcered/SCMKit
Lead Developer(s)
Brett Hawkins - h4wkst3r https://github.com/h4wkst3r