Search the Community
Showing results for tags 'scm'.
-
Source Code Management Attack Toolkit – SCMKit is a toolkit that can be used to attack SCM systems. SCMKit allows the user to specify the SCM system and attack module to use, along with specifying valid credentials (username/password or API key) to the respective SCM system. Currently, the SCM systems that SCMKit supports are GitHub Enterprise, GitLab Enterprise, and Bitbucket Server. The attack modules supported include reconnaissance, privilege escalation, and persistence. SCMKit was built in a modular approach so that new modules and SCM systems can be added in the future by the information security community. [hide][Hidden Content]]