Alternatives and similar repositories for GCP-GOAT

Users that are interested in GCP-GOAT are comparing it to the libraries listed below

• RhinoSecurityLabs / GCP-IAM-Privilege-Escalation

  View on GitHub
  A collection of GCP IAM privilege escalation methods documented by the Rhino Security Labs team.
  ☆412Oct 6, 2025Updated 4 months ago
• JOSHUAJEBARAJ / gcp-enum

  View on GitHub
  ☆14Aug 19, 2023Updated 2 years ago
• hakaioffsec / gcp_enum

  View on GitHub
  A Python script to authenticate and test access to Google Cloud Platform (GCP) resources.
  ☆18Jan 31, 2024Updated 2 years ago
• tehstoni / RustyDumper

  View on GitHub
  Process dumper wrote in rust.
  ☆14Sep 16, 2024Updated last year
• KatTraxler / gcpdocs

  View on GitHub
  Repository to archive GCP Documentation for local use
  ☆16Feb 11, 2025Updated last year
• BreakingMhet / honeyzure

  View on GitHub
  HoneyZure is a honeypot tool specifically designed for Azure environments, fully provisioned through Terraform. It leverages a Log Analyt…
  ☆17Jun 11, 2024Updated last year
• lmoratti / risky-records

  View on GitHub
  Given a list of domains and known IP and buckets that are owned, which might be susceptible to domain hijacking?
  ☆15Sep 20, 2024Updated last year
• m6a-UdS / dvca

  View on GitHub
  Damn Vulnerable Cloud Application
  ☆208Sep 12, 2018Updated 7 years ago
• RhinoSecurityLabs / GCPBucketBrute

  View on GitHub
  A script to enumerate Google Storage buckets, determine what access you have to them, and determine if they can be privilege escalated.
  ☆553May 26, 2023Updated 2 years ago
• ine-labs / GCPGoat

  View on GitHub
  GCPGoat : A Damn Vulnerable GCP Infrastructure
  ☆428Oct 29, 2024Updated last year
• lightspin-tech / red-bucket-gcp

  View on GitHub
  ☆10May 12, 2022Updated 3 years ago
• rsmusllp / python-for-pentesters-webinar

  View on GitHub
  Example Material for SecureState's 2016 Python for Pentesters Webinar
  ☆10Dec 13, 2016Updated 9 years ago
• NicholasSpringer / thunder-ctf

  View on GitHub
  GCP cloud security CTF
  ☆47Jun 25, 2025Updated 7 months ago
• RyanJarv / awesome-cloud-sec

  View on GitHub
  Awesome list for cloud security related projects
  ☆150Oct 4, 2022Updated 3 years ago
• rsenet / apkfram

  View on GitHub
  apkfram was written in order to help any mobile penetration testers to identify the Framework used to develop the Android application.
  ☆12Oct 9, 2024Updated last year
• StartAutomating / Discovery

  View on GitHub
  Discovery is a powerful PowerShell module that lets you probe the inner depths of the operating system.
  ☆16Jul 26, 2014Updated 11 years ago
• XpI0It / 3xploit

  View on GitHub
  Educational Cybersecurity Gaming Experience
  ☆10Dec 13, 2022Updated 3 years ago
• CyberSecurityUP / ImgPayload

  View on GitHub
  Advanced shellcode injector for images supports BMP, GIF, EXIF (JPEG), and LSB (PNG) techniques. Includes XOR encoding, offset indexing, …
  ☆24Jun 11, 2025Updated 8 months ago
• hac01 / gcp-iam-brute

  View on GitHub
  ☆51Jun 13, 2024Updated last year
• lucyoa / burp2sulley

  View on GitHub
  Converts burp's sitemap to sulley's fuzzing script
  ☆11Aug 30, 2015Updated 10 years ago
• PortSwigger / additional-cors-checks

  View on GitHub
  ☆11Jun 8, 2022Updated 3 years ago
• lc / jenkinz

  View on GitHub
  Retrieve the complete build history for every job ever created and executed on a given Jenkins instance.
  ☆67Apr 25, 2025Updated 9 months ago
• s0rcy / semgrep-rules

  View on GitHub
  Collection of Semgrep rules for security analysis
  ☆10Mar 30, 2024Updated last year
• hanhanhanz / cyber-security-sources

  View on GitHub
  List of resources about CyberSecurity such as CTF, DFIR, Offsec, etc
  ☆11Dec 29, 2025Updated last month
• NocteDefensor / Sharelord

  View on GitHub
  .NET Assembly that creates network shares,sets ACE entries for directories, sets share perms, and deletes shares. Learning project for C#
  ☆10Oct 14, 2024Updated last year
• 0xRedpoll / ludus_cobaltstrike_teamserver

  View on GitHub
  Ludus role for deploying a Cobalt Strike Teamserver onto Linux servers
  ☆18Mar 19, 2025Updated 10 months ago
• silentsignal / SemGWT

  View on GitHub
  Semgrep rules to identify GWT attack surface
  ☆12Apr 28, 2022Updated 3 years ago
• isp1r0 / DVNA

  View on GitHub
  Damn Vulnerable Node Application
  ☆20Dec 22, 2015Updated 10 years ago
• lacioffi / GCP-pentest-lab

  View on GitHub
  A vulnerable environment for exploring common GCP misconfigurations and vulnerabilities
  ☆32Nov 12, 2025Updated 3 months ago
• bvcyber / brokenbydesign-azure

  View on GitHub
  A broken-by-design Azure environment to practice and train security skills in the cloud domain.
  ☆27Oct 20, 2025Updated 3 months ago
• blacklanternsecurity / bls-bible

  View on GitHub
  BLS-Bible is a knowledge-base application that houses a collection of guides and write-ups that BLS uses for our various operations.
  ☆30Aug 28, 2023Updated 2 years ago
• MartinIngesen / MSOLSpray

  View on GitHub
  A Python implementation of dafthack's MSOLSpray. A password spraying tool for Microsoft Online accounts (Azure/O365). The script logs if …
  ☆97Jun 6, 2024Updated last year
• mprunet / burp-scripting

  View on GitHub
  ☆13Oct 3, 2023Updated 2 years ago
• totekuh / red-toolkit

  View on GitHub
  A toolkit for your red team operations
  ☆34Oct 24, 2021Updated 4 years ago
• righettod / tls-cert-discovery

  View on GitHub
  Script to identify new host using the subjectAltName (Subject Alternate Name) extension of a x509 HTTP TLS certificate.
  ☆12Dec 25, 2020Updated 5 years ago
• stavinski / winhook

  View on GitHub
  Go library to allow native inline hooking in windows at runtime
  ☆14Feb 7, 2024Updated 2 years ago
• anshumanbh / merge-nmap-masscan

  View on GitHub
  Merge results from NMAP and Masscan into one CSV file
  ☆18Jun 19, 2018Updated 7 years ago
• kmcquade / OWASP-YouTube-2021

  View on GitHub
  Deliberately vulnerable AWS resources for security assessment demos
  ☆32Aug 20, 2022Updated 3 years ago
• 0xdidu / Presentations

  View on GitHub
  ☆14Dec 26, 2022Updated 3 years ago