HBOCodeLabs / gimme-aws-credsLinks
A CLI that utilizes Okta IdP via SAML to acquire temporary AWS credentials
☆10Updated 4 years ago
Alternatives and similar repositories for gimme-aws-creds
Users that are interested in gimme-aws-creds are comparing it to the libraries listed below
Sorting:
- Pivot into private VPC networks using a VPN connection☆43Updated 5 years ago
- Whitebox evaluation of effective S3 object permissions, to identify publicly accessible files.☆78Updated 3 years ago
- An AWS Lambda vulnerable application written in flask.☆49Updated 7 years ago
- A combined list of helpful awscli commands from Scott Piper's flaws.cloud exercise as well as from Beau Bullock's Breaching the Cloud Tra…☆19Updated 4 years ago
- Overview about existing tools that can be useful for AWS auditing purposes.☆15Updated 8 years ago
- Salesforce Policy Deviation Checker☆30Updated 5 years ago
- ☆29Updated 8 years ago
- Burp Extension for AWS Signing☆89Updated 8 months ago
- A collection of slides, videos, and proof-of-concept scripts from various Rhino presentations.☆38Updated 7 years ago
- Visualize your Terraform files☆34Updated 5 years ago
- LetMeOutOfYour.net Resources☆20Updated 5 years ago
- Materials for AWS Training☆15Updated 4 years ago
- Scan your EC2 instance to find its vulnerabilities using Vuls (https://vuls.io/en/)☆89Updated 2 years ago
- Zone transfers for rwhois☆20Updated 6 years ago
- Scripts that we use for pentesting☆42Updated 8 years ago
- A simple file-based scanner to look for potential AWS access and secret keys in files☆93Updated last year
- An implementation of infrastructure-as-code scanning using dynamic tooling.☆56Updated 3 years ago
- Lab exercises to practice privilege escalation scenarios in AWS IAM. These exercises and the slides go through the basics behind AWS IAM,…☆16Updated 5 years ago
- List (or plunder) private repos/gists to which a token has access, including those of other users☆11Updated 3 years ago
- dankAlerts is powered by Sysmon and Memes. Would you notice if a suspicious process was recorded in the event log?☆18Updated 5 years ago
- AWS S3 Sensitive Data Search☆36Updated 3 years ago
- Terraform configuration to build a Burp Private Collaborator Server☆25Updated 7 years ago
- A tool for checking a hash:pass pot file for hashes from a user:hash file☆12Updated 8 years ago
- Tool to automate takeover of DigitalOcean Kubernetes cluster. Check out the blog post for more info.☆16Updated 6 years ago
- ☆25Updated 4 years ago
- Example of a serverless web reconaissance workflow's AWS architecture.☆11Updated 2 years ago
- The Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parameters☆14Updated 3 years ago
- List of special metadata IPs used in cloud services☆11Updated 6 years ago
- Simple S3 Bucket Testing Software☆31Updated 3 years ago
- OAuth Security Cheatsheet☆40Updated 11 years ago