Hide from the InstanceCredentialExfiltration GuardDuty finding by using VPC Endpoints
☆121Jul 13, 2025Updated 10 months ago
Alternatives and similar repositories for SneakyEndpoints
Users that are interested in SneakyEndpoints are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- POC tool to create signed AWS API GET requests to bypass Guard Duty alerting of off-instance credential use via SSRF☆59Sep 20, 2023Updated 2 years ago
- Unauthenticated enumeration of AWS, Azure, and GCP Principals☆290Nov 27, 2025Updated 5 months ago
- Collection of Slides From My Conference Talks☆21Nov 21, 2022Updated 3 years ago
- Sniff and attack networks that use IP-in-IP or VXLAN encapsulation protocols.☆24Apr 27, 2026Updated 3 weeks ago
- Swift code to run a dylib on disk☆16May 9, 2022Updated 4 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- AWS CloudSaga - Simulate security events in AWS☆475Updated this week
- An implementation of infrastructure-as-code scanning using dynamic tooling.☆56Jan 18, 2022Updated 4 years ago
- Generate datasets of cloud audit logs for common attacks☆237May 7, 2026Updated 2 weeks ago
- AWS Attack Path Management Tool - Walking on the Moon☆262Dec 5, 2024Updated last year
- Determine privileges from cloud credentials via brute-force testing.☆69Aug 22, 2024Updated last year
- Cloudsplaining is an AWS IAM Security Assessment tool that identifies violations of least privilege and generates a risk-prioritized repo…☆2,219Updated this week
- A tool for quickly evaluating IAM permissions in AWS.☆1,552Aug 2, 2024Updated last year
- Utility for downloading and mounting EBS snapshots using the EBS Direct API's☆93Mar 17, 2025Updated last year
- Resource types that can be publicly exposed on AWS☆332Feb 23, 2022Updated 4 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- JXA script based on research by Jeff Johnson on leveraging TextEdit to remove quarantine attributes on files. Jeff's original research is…☆17Jan 31, 2021Updated 5 years ago
- A meta-database collecting resources that compile lists of breaches☆22Oct 30, 2025Updated 6 months ago
- A utility to convert your AWS CLI credentials into AWS console access.☆261May 7, 2020Updated 6 years ago
- Granular, Actionable Adversary Emulation for the Cloud☆2,326Updated this week
- ☆191Mar 2, 2026Updated 2 months ago
- Freyja is a Golang, Purple Team agent that compiles into Windows, Linux and macOS x64 executables.☆41Oct 29, 2024Updated last year
- ☆159Jul 8, 2023Updated 2 years ago
- all paths lead to clouds☆641Oct 11, 2023Updated 2 years ago
- Semgrep-based Policy Controller for Kubernetes☆47Apr 4, 2025Updated last year
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- JXA script for Mythic that prints the TCC.db☆15Apr 18, 2021Updated 5 years ago
- Blogpost series showcasing interesting cloud - web app security bugs☆67May 15, 2026Updated last week
- An Evil OIDC Server☆53Oct 19, 2022Updated 3 years ago
- A tool for pointesters to find candies in SharePoint☆284Nov 4, 2022Updated 3 years ago
- Spins up a docker container with several useful tools for offensive security in macOS/cloud environments. Also installs the needed depend…☆18Nov 3, 2021Updated 4 years ago
- A BOF.NET program to split a file into smaller chunks and email it via a specified SMTP relay.☆15Jun 24, 2021Updated 4 years ago
- The Jolly Executioner - a simple command execution proxy☆16Jun 9, 2024Updated last year
- A tool to help pentesters quickly identify privileged principals and second-order privilege escalation opportunities in unfamiliar AWS ac…☆155Nov 14, 2025Updated 6 months ago
- ☆231Mar 27, 2026Updated last month
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- ☆13Mar 31, 2023Updated 3 years ago
- A public cloud security knowledgebase - https://www.secwiki.cloud/☆52Nov 12, 2024Updated last year
- Crowdsourced list of sensitive IAM Actions☆159Oct 29, 2024Updated last year
- Threat Box Assessment Tool☆19Mar 5, 2026Updated 2 months ago
- Automating situational awareness for cloud penetration tests.☆2,382Apr 21, 2026Updated last month
- Cloud Container Attack Tool (CCAT) is a tool for testing security of container environments.☆651Nov 21, 2019Updated 6 years ago
- Enumeration/exploit/analysis/download/etc pentesting framework for GCP; modeled like Pacu for AWS; a product of numerous hours via @Webbi…☆298May 18, 2026Updated last week