Hacking-the-Cloud / htc-ctfs
Holds the public Hacking the Cloud CTFs.
☆49Updated 8 months ago
Related projects ⓘ
Alternatives and complementary repositories for htc-ctfs
- A public cloud security knowledgebase - https://www.secwiki.cloud/☆49Updated last week
- IMDSPOOF is a cyber deception tool that spoofs the AWS IMDS service to return HoneyTokens that can be alerted on.☆92Updated 11 months ago
- DeRF (Detection Replay Framework) is an "Attacks As A Service" framework, allowing the emulation of offensive techniques and generation o…☆84Updated 10 months ago
- GCP GOAT is the vulnerable application for learn the GCP Security☆62Updated last year
- 🖇️ STRIDE vs. ASVS equivalence table☆75Updated 2 months ago
- Ansible/Vagrant/Packer files to create a virtual machine with the tooling needed to perform cloud security assessments☆104Updated 2 months ago
- Independently deploy customized honeyservices in AWS to trigger alerts on unauthorized access. It utilizes a dedicated CloudTrail for pre…☆44Updated this week
- ☆55Updated last year
- Convert cloudtrail data to MITRE ATT&CK Sightings☆79Updated 2 years ago
- Awesome list for cloud security related projects☆77Updated 2 years ago
- Recon tool for cloud provider attribution. Supports AWS, Azure, Google, Cloudflare, and Digital Ocean.☆159Updated 3 weeks ago
- This application was built to help reduce the amount of time it takes to review AWS Lambda code.☆60Updated last week
- A tool to uncover undocumented APIs from the AWS Console.☆83Updated 2 months ago
- Simple Workspace Attack Tool (SWAT) is a tool for simulating malicious behavior against Google Workspace in reference to the MITRE ATT&CK…☆161Updated last month
- A tool to keep AWS pentests and red teams efficient, organized, and stealthy.☆89Updated 8 months ago
- Hide from the InstanceCredentialExfiltration GuardDuty finding by using VPC Endpoints☆113Updated last year
- Blogpost series showcasing interesting cloud - web app security bugs☆46Updated last year
- sgCheckup generates nmap output based on scanning your AWS Security Groups for unexpected open ports.☆81Updated 3 years ago
- A guide to simplify the process of evaluating Datadog's Cloud SIEM security capabilities to detect AWS threats.☆17Updated last year
- IAMFinder enumerates and finds users and IAM roles in a target AWS account.☆109Updated 4 years ago
- POC tool to create signed AWS API GET requests to bypass Guard Duty alerting of off-instance credential use via SSRF☆58Updated last year
- Public repository of all things cloud security.☆33Updated 2 months ago
- Vulnerable by Design AWS Cloud Development Kit (CDK) Infrastructure☆46Updated 10 months ago
- An implementation of infrastructure-as-code scanning using dynamic tooling.☆56Updated 2 years ago
- A PoC to Simulate Ransomware Attack on AWS Environment☆27Updated last month
- KaiMonkey provides vulnerable infrastructure as code (IaC) to help explore and understand common cloud security threats exposed via IaC.☆96Updated 11 months ago
- ☆133Updated last year
- An AWS metadata enumeration tool by Plerion☆77Updated 9 months ago
- This repository provides a comprehensive collection of Pulumi scenarios utilized by cnappgoat☆18Updated last month
- A tool for scanning public or private AMIs for sensitive files and secrets. The tool follows the research made on AWS CloudQuarry where w…☆87Updated last week