Hide from the InstanceCredentialExfiltration GuardDuty finding by using VPC Endpoints
☆121Jul 13, 2025Updated 7 months ago
Alternatives and similar repositories for SneakyEndpoints
Users that are interested in SneakyEndpoints are comparing it to the libraries listed below
Sorting:
- Unauthenticated enumeration of AWS, Azure, and GCP Principals☆283Nov 27, 2025Updated 3 months ago
- POC tool to create signed AWS API GET requests to bypass Guard Duty alerting of off-instance credential use via SSRF☆59Sep 20, 2023Updated 2 years ago
- Swift code to run a dylib on disk☆16May 9, 2022Updated 3 years ago
- A utility to convert your AWS CLI credentials into AWS console access.☆257May 7, 2020Updated 5 years ago
- Utility for downloading and mounting EBS snapshots using the EBS Direct API's☆91Mar 17, 2025Updated 11 months ago
- AWS Attack Path Management Tool - Walking on the Moon☆262Dec 5, 2024Updated last year
- Collection of Slides From My Conference Talks☆20Nov 21, 2022Updated 3 years ago
- A meta-database collecting resources that compile lists of breaches☆21Oct 30, 2025Updated 4 months ago
- AWS CloudSaga - Simulate security events in AWS☆473Updated this week
- Go module that returns supported regions for a service or supported services for a region☆18Dec 12, 2025Updated 2 months ago
- Periodically check hashcat cracking progress and notify of success.☆10Dec 18, 2018Updated 7 years ago
- Blogpost series showcasing interesting cloud - web app security bugs☆48Jun 13, 2023Updated 2 years ago
- ☆229Feb 24, 2026Updated last week
- A toolset to juggle AWS roles for persistent access☆63Aug 14, 2024Updated last year
- A tool for quickly evaluating IAM permissions in AWS.☆1,541Aug 2, 2024Updated last year
- Resource types that can be publicly exposed on AWS☆331Feb 23, 2022Updated 4 years ago
- An implementation of infrastructure-as-code scanning using dynamic tooling.☆56Jan 18, 2022Updated 4 years ago
- Granular, Actionable Adversary Emulation for the Cloud☆2,267Updated this week
- Cloudsplaining is an AWS IAM Security Assessment tool that identifies violations of least privilege and generates a risk-prioritized repo…☆2,185Updated this week
- Crowdsourced list of sensitive IAM Actions☆159Oct 29, 2024Updated last year
- An Evil OIDC Server☆53Oct 19, 2022Updated 3 years ago
- Enumeration/exploit/analysis/download/etc pentesting framework for GCP; modeled like Pacu for AWS; a product of numerous hours via @Webbi…☆287May 16, 2025Updated 9 months ago
- ☆38Jun 9, 2021Updated 4 years ago
- SCP management tool☆135Oct 23, 2023Updated 2 years ago
- A tool for pointesters to find candies in SharePoint☆281Nov 4, 2022Updated 3 years ago
- Determine privileges from cloud credentials via brute-force testing.☆68Aug 22, 2024Updated last year
- This repository aims to collect and document indicators from the different C2's listed in the C2-Matrix☆74Jan 26, 2022Updated 4 years ago
- Repository for LNK stuff☆31Aug 31, 2022Updated 3 years ago
- ☆186Feb 16, 2026Updated 2 weeks ago
- ☆157Jul 8, 2023Updated 2 years ago
- A graph-based tool for visualizing effective access and resource relationships in AWS environments.☆994Oct 4, 2022Updated 3 years ago
- The Jolly Executioner - a simple command execution proxy☆16Jun 9, 2024Updated last year
- A BOF.NET program to split a file into smaller chunks and email it via a specified SMTP relay.☆15Jun 24, 2021Updated 4 years ago
- OMIGOD! OM I GOOD? A free scanner to detect VMs vulnerable to one of the "OMIGOD" vulnerabilities discovered by Wiz's threat research tea…☆20Sep 22, 2021Updated 4 years ago
- JXA script for Mythic that prints the TCC.db☆15Apr 18, 2021Updated 4 years ago
- Generate datasets of cloud audit logs for common attacks☆234Feb 13, 2026Updated 2 weeks ago
- Semgrep-based Policy Controller for Kubernetes☆47Apr 4, 2025Updated 11 months ago
- Citrix Phishlet☆24Feb 2, 2021Updated 5 years ago
- ☆139Mar 29, 2023Updated 2 years ago