Alternatives and similar repositories for appsec-threat-emulation

Users that are interested in appsec-threat-emulation are comparing it to the libraries listed below

• wiz-sec-public / peach-framework
  PEACH - a step-by-step framework for modeling and improving SaaS and PaaS tenant isolation, by managing the attack surface exposed by use…
  ☆73Updated 2 years ago
• DataDog / undocumented-aws-api-hunter
  A tool to uncover undocumented APIs from the AWS Console.
  ☆114Updated 6 months ago
• gabrielsoltz / metahub
  MetaHub is an automated contextual security findings enrichment and impact evaluation tool for vulnerability management.
  ☆176Updated this week
• doyensec / PESD-Exporter-Extension
  PESD (Proxy Enriched Sequence Diagrams) Exporter converts Burp Suite's proxy traffic into interactive diagrams
  ☆106Updated 9 months ago
• offensive-actions / terraform-provider-statefile-rce
  This terraform provider can be used to get remote code execution by injecting a dummy resource in a writeable state file.
  ☆59Updated 9 months ago
• CloudDefenseAI / falco_extended_rules
  Curating Falco rules with MITRE ATT&CK Matrix
  ☆84Updated last year
• PaloAltoNetworks / cobra-tool
  Cloud Offensive Breach and Risk Assessment (COBRA) Tool
  ☆97Updated 5 months ago
• RhinoSecurityLabs / IAMActionHunter
  An AWS IAM policy statement parser and query tool.
  ☆194Updated 4 months ago
• assetnote / ghostbuster
  Eliminate dangling elastic IPs by performing analysis on your resources within all your AWS accounts.
  ☆279Updated last year
• boostsecurityio / lotp
  boostsecurityio/lotp
  ☆136Updated last week
• domain-protect / domain-protect-gcp
  Protect against subdomain takeover
  ☆94Updated 3 months ago
• wiz-sec / open-cvdb
  An open project to list all publicly known cloud vulnerabilities and CSP security issues
  ☆364Updated last month
• plerionhq / conditional-love
  An AWS metadata enumeration tool by Plerion
  ☆98Updated last year
• awslabs / Chatbot-to-help-security-teams-perform-vulnerability-assessments
  ☆28Updated last month
• avishayil / cdk-goat
  Vulnerable by Design AWS Cloud Development Kit (CDK) Infrastructure
  ☆48Updated last year
• Cybr-Inc / CloudSec
  Public repository of all things cloud security.
  ☆45Updated last year
• TinderSec / gh-workflow-auditor
  Script to audit GitHub Action Workflow files for potential vulnerabilities.
  ☆156Updated last year
• RyanJarv / awesome-cloud-sec
  Awesome list for cloud security related projects
  ☆140Updated 3 years ago
• latiotech / insecure-kubernetes-deployments
  A full insecure kubernetes application for testing security tools
  ☆89Updated last week
• saw-your-packet / CloudShovel
  A tool for scanning public or private AMIs for sensitive files and secrets. The tool follows the research made on AWS CloudQuarry where w…
  ☆110Updated 11 months ago
• grahamhelton / IMDSpoof
  IMDSPOOF is a cyber deception tool that spoofs the AWS IMDS service to return HoneyTokens that can be alerted on.
  ☆106Updated last year
• nccgroup / ccs
  ☆114Updated 2 years ago
• blackberry / Falco-bypasses
  Research on various techniques to bypass default falco ruleset (based on falco v0.28.1).
  ☆87Updated last year
• lightspin-tech / red-shadow
  Lightspin AWS IAM Vulnerability Scanner
  ☆95Updated 4 years ago
• DataDog / vulnerable-java-application
  This repository contains a sample Java application vulnerable to command injection and server-side request forgery (SSRF).
  ☆22Updated 7 months ago
• kapilduraphe / mcp-watch
  A comprehensive security scanner for Model Context Protocol (MCP) servers that detects vulnerabilities and security issues in your MCP se…
  ☆103Updated last week
• primeharbor / breaches.cloud
  https://breaches.cloud
  ☆42Updated last year
• ReversecLabs / IceKube
  ☆182Updated 6 months ago
• tenable / cnappgoat
  CNAPPgoat is an open source project designed to modularly provision vulnerable-by-design components in cloud environments.
  ☆289Updated last year
• jstawinski / GitHub-Actions-Attack-Diagram
  ☆192Updated 6 months ago