InsiderPhD / InfoSecCreators

Related projects: ⓘ

• grahamhelton / dredge
  Dredging up secrets from the depths of the file system
  ☆110Updated 4 months ago
• vectra-ai-research / derf
  DeRF (Detection Replay Framework) is an "Attacks As A Service" framework, allowing the emulation of offensive techniques and generation o…
  ☆82Updated 8 months ago
• elastic / SWAT
  Simple Workspace Attack Tool (SWAT) is a tool for simulating malicious behavior against Google Workspace in reference to the MITRE ATT&CK…
  ☆159Updated last month
• BushidoUK / Breach-Report-Collection
  A collection of companies that disclose adversary TTPs after they have been breached
  ☆236Updated 4 months ago
• 0xd4y / AWSealion
  A tool to keep AWS pentests and red teams efficient, organized, and stealthy.
  ☆88Updated 6 months ago
• bvoris / mitreattackthreatmodeling
  This provides a guided step by step walkthrough for threat modeling with MITRE ATT&CK Framework
  ☆23Updated last year
• DataDog / HASH
  HASH (HTTP Agnostic Software Honeypot)
  ☆128Updated 4 months ago
• grahamhelton / IMDSpoof
  IMDSPOOF is a cyber deception tool that spoofs the AWS IMDS service to return HoneyTokens that can be alerted on.
  ☆91Updated 9 months ago
• SirAppSec / bsides-shadow-api
  This repository hosts several snippets and file related to the BsidesLV 2024 talk about Shadow and Zombie APIs by me
  ☆16Updated last month
• kubenomicon / kubenomicon
  Offensive Kubernetes Threat Matrix -- kubenomicon.com
  ☆23Updated this week
• cisagov / pen-testing-findings
  A collection of Active Directory, phishing, mobile technology, system, service, web application, and wireless technology weaknesses that …
  ☆232Updated 2 years ago
• t0sche / cvss-bt
  Enriching the NVD CVSS scores to include Temporal & Threat Metrics
  ☆56Updated this week
• boringtools / git-alerts
  Tool to detect and monitor GitHub org users' public repositories for secrets and sensitive files
  ☆193Updated 4 months ago
• XMCyber / XMGoat
  ☆167Updated last year
• nccgroup / ccs
  ☆108Updated last year
• mllamazares / STRIDE-vs-ASVS
  🖇️ STRIDE vs. ASVS equivalence table
  ☆74Updated 3 weeks ago
• iknowjason / edge
  Recon tool for cloud provider attribution. Supports AWS, Azure, Google, Cloudflare, and Digital Ocean.
  ☆155Updated 3 weeks ago
• saidhfm / Cloud-Threat-Detection-Lab-AWS
  ☆31Updated 2 weeks ago
• RyanJarv / awesome-cloud-sec
  Awesome list for cloud security related projects
  ☆70Updated last year
• unknownhad / CloudIntel
  This repo contains IOC, malware and malware analysis associated with Public cloud
  ☆241Updated this week
• gladstomych / AHHHZURE
  AHHHZURE is an automated deployment script that creates a vulnerable Azure cloud lab for offensive security practitioners and enthusiasts…
  ☆99Updated 4 months ago
• anvilogic-forge / armory
  Anvilogic Forge
  ☆80Updated this week
• iknowjason / AutomatedEmulation
  An automated Breach and Attack Simulation lab with terraform. Built for IaC stability, consistency, and speed.
  ☆152Updated 2 months ago
• Nextdoor / cspm_evaluation_matrix
  Nextdoor's Cloud Security Posture Management (CSPM) Evaluation Matrix
  ☆55Updated last year
• happycakefriends / certainly
  Certainly is a offensive security toolkit to capture large amounts of traffic in various network protocols in bitflip and typosquat scena…
  ☆115Updated 2 weeks ago
• JOSHUAJEBARAJ / GCP-GOAT
  GCP GOAT is the vulnerable application for learn the GCP Security
  ☆61Updated 11 months ago
• nullenc0de / ChromeAudit
  Nuclei plugins to audit Chrome extensions
  ☆64Updated 2 months ago
• carlospolop / aws_iam_review
  ☆31Updated 2 months ago
• NetSPI / gcpwn
  Enumeration/exploit/analysis/download/etc pentesting framework for GCP; modeled like Pacu for AWS; a product of numerous hours via @Webbi…
  ☆192Updated last week
• stephenbradshaw / aws_url_signer
  POC tool to create signed AWS API GET requests to bypass Guard Duty alerting of off-instance credential use via SSRF
  ☆57Updated 11 months ago