Alternatives and similar repositories for awesome-gcp-pentesting:

Users that are interested in awesome-gcp-pentesting are comparing it to the libraries listed below

• iknowjason / edge
  Recon tool for cloud provider attribution. Supports AWS, Azure, Google, Cloudflare, and Digital Ocean.
  ☆164Updated 3 months ago
• stephenbradshaw / aws_url_signer
  POC tool to create signed AWS API GET requests to bypass Guard Duty alerting of off-instance credential use via SSRF
  ☆58Updated last year
• XMCyber / XMGoat
  ☆169Updated last year
• 0xd4y / AWSealion
  A tool to keep AWS pentests and red teams efficient, organized, and stealthy.
  ☆89Updated 11 months ago
• carlospolop / aws_iam_review
  ☆33Updated 2 months ago
• SygniaLabs / security-cloud-scout
  ☆133Updated last year
• kubenomicon / kubenomicon
  Offensive Kubernetes Threat Matrix -- kubenomicon.com
  ☆36Updated last month
• gladstomych / AHHHZURE
  AHHHZURE is an automated deployment script that creates a vulnerable Azure cloud lab for offensive security practitioners and enthusiasts…
  ☆102Updated 9 months ago
• NetSPI / gcpwn
  Enumeration/exploit/analysis/download/etc pentesting framework for GCP; modeled like Pacu for AWS; a product of numerous hours via @Webbi…
  ☆226Updated 5 months ago
• wavestone-cdt / DEFCON-CICD-pipelines-workshop
  ☆93Updated 2 years ago
• RoseSecurity / WolfPack
  WolfPack combines the capabilities of Terraform and Packer to streamline the deployment of red team redirectors on a large scale.
  ☆147Updated 3 weeks ago
• facebookincubator / ForgeArmory
  ForgeArmory provides TTPs that can be used with the TTPForge (https://github.com/facebookincubator/ttpforge).
  ☆99Updated 5 months ago
• NetSPI / FuncoPop
  Tools for attacking Azure Function Apps
  ☆68Updated 3 months ago
• grahamhelton / dredge
  Dredging up secrets from the depths of the file system
  ☆120Updated 3 months ago
• Frichetten / SneakyEndpoints
  Hide from the InstanceCredentialExfiltration GuardDuty finding by using VPC Endpoints
  ☆113Updated last year
• JOSHUAJEBARAJ / GCP-GOAT
  GCP GOAT is the vulnerable application for learn the GCP Security
  ☆63Updated last year
• r3s-ost / 5head
  Network penetration testing toolset wrapper
  ☆81Updated 2 years ago
• joswr1ght / basicblobfinder
  Identify Azure blobs using a wordlist of account name and container name strings
  ☆36Updated 4 years ago
• mlcsec / Graphpython
  Modular cross-platform Microsoft Graph API (Entra, o365, and Intune) enumeration and exploitation toolkit
  ☆143Updated 2 months ago
• zer1t0 / awsenum
  Enumerate AWS permissions and resources.
  ☆67Updated 2 years ago
• stolenusername / cowitness
  CoWitness is a powerful web application testing tool that enhances the accuracy and efficiency of your testing efforts. It allows you to …
  ☆123Updated 10 months ago
• vectra-ai-research / derf
  DeRF (Detection Replay Framework) is an "Attacks As A Service" framework, allowing the emulation of offensive techniques and generation o…
  ☆91Updated last year
• 0xJs / CARTP-cheatsheet
  Azure AD cheatsheet for the CARTP course
  ☆105Updated 2 years ago
• synacktiv / Mindmaps
  Azure mindmap for penetration tests
  ☆175Updated last year
• grahamhelton / IMDSpoof
  IMDSPOOF is a cyber deception tool that spoofs the AWS IMDS service to return HoneyTokens that can be alerted on.
  ☆100Updated last year
• AbstractClass / CloudPrivs
  Determine privileges from cloud credentials via brute-force testing.
  ☆66Updated 5 months ago
• hac01 / gcp-iam-brute
  ☆42Updated 8 months ago
• secureworks / PhishInSuits
  ☆103Updated 3 years ago
• grahamhelton / grahamhelton.github.io
  ☆40Updated 5 months ago