Hide from the InstanceCredentialExfiltration GuardDuty finding by using VPC Endpoints
☆121Jul 13, 2025Updated 8 months ago
Alternatives and similar repositories for SneakyEndpoints
Users that are interested in SneakyEndpoints are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- POC tool to create signed AWS API GET requests to bypass Guard Duty alerting of off-instance credential use via SSRF☆59Sep 20, 2023Updated 2 years ago
- Unauthenticated enumeration of AWS, Azure, and GCP Principals☆284Nov 27, 2025Updated 3 months ago
- Collection of Slides From My Conference Talks☆20Nov 21, 2022Updated 3 years ago
- Sniff and attack networks that use IP-in-IP or VXLAN encapsulation protocols.☆23Aug 30, 2024Updated last year
- Swift code to run a dylib on disk☆16May 9, 2022Updated 3 years ago
- AWS CloudSaga - Simulate security events in AWS☆474Updated this week
- An implementation of infrastructure-as-code scanning using dynamic tooling.☆56Jan 18, 2022Updated 4 years ago
- A meta-database collecting resources that compile lists of breaches☆21Oct 30, 2025Updated 4 months ago
- Generate datasets of cloud audit logs for common attacks☆235Mar 17, 2026Updated last week
- AWS Attack Path Management Tool - Walking on the Moon☆263Dec 5, 2024Updated last year
- Determine privileges from cloud credentials via brute-force testing.☆69Aug 22, 2024Updated last year
- Cloudsplaining is an AWS IAM Security Assessment tool that identifies violations of least privilege and generates a risk-prioritized repo…☆2,197Updated this week
- A tool for quickly evaluating IAM permissions in AWS.☆1,544Aug 2, 2024Updated last year
- Utility for downloading and mounting EBS snapshots using the EBS Direct API's☆92Mar 17, 2025Updated last year
- Resource types that can be publicly exposed on AWS☆331Feb 23, 2022Updated 4 years ago
- JXA script based on research by Jeff Johnson on leveraging TextEdit to remove quarantine attributes on files. Jeff's original research is…☆17Jan 31, 2021Updated 5 years ago
- Granular, Actionable Adversary Emulation for the Cloud☆2,283Mar 12, 2026Updated last week
- A utility to convert your AWS CLI credentials into AWS console access.☆257May 7, 2020Updated 5 years ago
- ☆187Mar 2, 2026Updated 3 weeks ago
- Freyja is a Golang, Purple Team agent that compiles into Windows, Linux and macOS x64 executables.☆41Oct 29, 2024Updated last year
- ☆159Jul 8, 2023Updated 2 years ago
- Blogpost series showcasing interesting cloud - web app security bugs☆49Jun 13, 2023Updated 2 years ago
- all paths lead to clouds☆639Oct 11, 2023Updated 2 years ago
- Semgrep-based Policy Controller for Kubernetes☆47Apr 4, 2025Updated 11 months ago
- JXA script for Mythic that prints the TCC.db☆15Apr 18, 2021Updated 4 years ago
- An Evil OIDC Server☆53Oct 19, 2022Updated 3 years ago
- A tool for pointesters to find candies in SharePoint☆281Nov 4, 2022Updated 3 years ago
- Spins up a docker container with several useful tools for offensive security in macOS/cloud environments. Also installs the needed depend…☆18Nov 3, 2021Updated 4 years ago
- A BOF.NET program to split a file into smaller chunks and email it via a specified SMTP relay.☆15Jun 24, 2021Updated 4 years ago
- The Jolly Executioner - a simple command execution proxy☆16Jun 9, 2024Updated last year
- A tool to help pentesters quickly identify privileged principals and second-order privilege escalation opportunities in unfamiliar AWS ac…☆149Nov 14, 2025Updated 4 months ago
- ☆229Mar 10, 2026Updated 2 weeks ago
- ☆13Mar 31, 2023Updated 2 years ago
- A public cloud security knowledgebase - https://www.secwiki.cloud/☆51Nov 12, 2024Updated last year
- Automating situational awareness for cloud penetration tests.☆2,320Mar 10, 2026Updated 2 weeks ago
- Threat Box Assessment Tool☆19Mar 5, 2026Updated 2 weeks ago
- Cloud Container Attack Tool (CCAT) is a tool for testing security of container environments.☆646Nov 21, 2019Updated 6 years ago
- Crowdsourced list of sensitive IAM Actions☆159Oct 29, 2024Updated last year
- Go module that returns supported regions for a service or supported services for a region☆18Dec 12, 2025Updated 3 months ago