adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
80,113 Commits 27 Branches 1,043 Tags
d2ed326b16ff5dc8f95633e287c19eb467c5ac6c
Commit Graph

550 Commits

Author SHA1 Message Date
Valentin Lobstein f41eda1128 Add GHSA and OSV reference type support 
Add support for GHSA (GitHub Security Advisories) and OSV (Open Source
Vulnerabilities) as structured reference types in Metasploit modules.

Convert 49 hardcoded GHSA URLs to structured ['GHSA', 'GHSA-xxxx'] format
across existing modules, and add support for repository-specific GHSA
references with an optional third parameter ['GHSA', 'GHSA-xxxx', 'repo'].

Update reference validation, module validator, and info_fixups to handle
the new reference types correctly.
 2026-02-09 15:17:23 +01:00
h00die f221eb1aef rename sshkey module 2025-12-10 04:32:37 -05:00
Zedeldi d1fe17747c Add check methods and update DisclosureDate 2025-11-24 17:12:56 +00:00
Zedeldi 425adfa9bf Prefer create_process over cmd_exec for commands with arguments 2025-11-21 13:40:25 +00:00
Zedeldi dc9eddc7a2 Use store_loot for igel_dump_file 2025-11-21 13:22:22 +00:00
Zedeldi 796d941354 Code formatting changes 2025-11-17 16:38:13 +00:00
Zedeldi 1436803783 Strip first line and quotes 2025-11-17 16:33:00 +00:00
Zedeldi f29505d0d0 Add IGEL OS modules 2025-11-17 15:18:09 +00:00
Christophe De La Fuente 788b9c27b4 Use sub-technique and add missing modules 2025-09-16 18:39:23 +02:00
Christophe De La Fuente 7ce2bdc979 Add T1003 "OS credential dumping" MITRE technique 2025-09-09 10:45:46 +02:00
bcoles 81a405355c modules/post: Resolve RuboCop violations and typos 2025-05-13 09:23:28 +10:00
bcoles ec484f97c6 modules/post/linux: Resolve RuboCop violations 2025-05-02 23:29:48 +10:00
adfoster-r7 1b3ad5050d Merge pull request #20093 from jvoisin/fix_typo 
Fix an unfortunate typo
 2025-04-27 23:10:40 +01:00
jvoisin 085f0380c3 Fix an unfortunate typo 2025-04-27 20:37:15 +02:00
bcoles 394e7a1ba2 modules/post/linux/gather: Resolve RuboCop violations 2025-04-27 12:23:56 +10:00
jvoisin c3c62e5fdd Improve a bit modules/post/linux/gather/enum_protections.rb 
- Use proper names instead of executable names
- Add a file-based detection method, with the list taken from https://github.com/hackerschoice/hackshell/issues/6

Co-authored-by: Brendan <bwatters@rapid7.com>
 2025-04-11 14:34:56 +02:00
Simon Janusz a31261ecf2 Revert "Replace Readline with Reline" 2024-10-02 13:15:12 +01:00
sjanusz-r7 10dee226c6 Replace Readline with Reline 2024-09-04 16:39:41 +01:00
jvoisin debb01062d Improve a bit modules/post/linux/gather/checkvm.rb 
Based on some old notes that I never bothered to upstream into metasploit.
 2024-08-22 23:19:09 +02:00
adfoster-r7 62a3f73e70 Update rubocop target ruby version 2024-07-24 16:47:17 +01:00
h00die eb0933fc9a Update apache_nifi_credentials algo regex 2024-06-28 10:36:35 -04:00
Spencer McIntyre 47c8d7252b Land #18519, Docker kernel module escape 2024-05-06 09:08:08 -04:00
RadioLogic 53ac5118cd Added report host to virtualization check 2024-04-26 21:58:43 -04:00
RadioLogic b51d1b9017 Made shared function with checkcontainer 2024-04-26 21:32:20 -04:00
Spencer McIntyre f579ec7a1a Clean table printing, document tested version 2024-04-10 11:31:55 -04:00
h00die 251aa021e1 rancher audit logs module 2024-03-13 16:42:51 -04:00
Jack Heysel 024b855231 Land #18628, Add Puppet post module 
This PR adds a post gather module to get
Puppet configs and sensitive files.
 2024-01-30 19:20:48 -05:00
h00die 68f333cb7b review comments for puppet module 2024-01-29 19:18:54 -05:00
sjanusz-r7 f496a71cf0 Make mimipenguin work with updated memory search API 2024-01-24 19:53:57 +00:00
h00die 56a9beb39d ansible review 2024-01-15 17:18:49 -05:00
h00die b031311892 ansible review 2024-01-10 17:29:15 -05:00
h00die e711c9ea43 ansible review 2024-01-10 17:16:57 -05:00
h00die 357bdc8c10 ansible post library 2023-12-24 11:49:27 -05:00
h00die 11c12fcb6d review comments 2023-12-23 13:23:34 -05:00
h00die c911ec1413 ansible collection 2023-12-16 07:16:26 -05:00
h00die 1749fa1e50 store module loot 2023-12-13 07:37:24 -05:00
h00die 8eefea76ce puppet post gather module 2023-12-13 07:12:17 -05:00
jheysel-r7 7331db43dd Update print statement 2023-11-07 18:55:42 -05:00
h00die 87cd4aac5e spelling fix 2023-11-07 05:04:31 -05:00
h00die f1317fa050 review comments 2023-11-06 18:34:36 -05:00
h00die 0ce7b03397 update nifi credentials post module 2023-11-06 14:50:02 -05:00
h00die 42cf28dbbe nifi creds stealer 2023-11-02 06:56:33 -04:00
Christophe De La Fuente 9e5e57390f Land #18194, Useradd post module 2023-10-25 19:29:59 +02:00
Christophe De La Fuente 14a5aaab98 Fix small typo 2023-10-25 19:28:23 +02:00
RadioLogic e026791905 Added catch all warning to remove added groups 2023-08-30 12:15:00 -04:00
RadioLogic 8497699d53 Moved creation of new groups to its own function 2023-08-24 13:26:15 -04:00
RadioLogic 1e0ec1b0e1 Minimalize groupadd checks 
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com>
 2023-08-24 13:14:05 -04:00
RadioLogic 55c22f9848 Added some protective statements 2023-08-23 13:44:30 -04:00
RadioLogic 48acd804da Added PasswordHashType advanced option 2023-08-23 13:37:08 -04:00
RadioLogic b464b9119c Added missing newline to manual writes 2023-08-23 13:21:53 -04:00