Cloud Offensive Breach and Risk Assessment (COBRA) Tool
☆102Jan 27, 2026Updated last month
Alternatives and similar repositories for cobra-tool
Users that are interested in cobra-tool are comparing it to the libraries listed below
Sorting:
- A Python script to authenticate and test access to Google Cloud Platform (GCP) resources.☆18Jan 31, 2024Updated 2 years ago
- Offensive Kubernetes Threat Matrix -- kubenomicon.com☆54Aug 12, 2025Updated 6 months ago
- This GitHub Action sends a reverse shell from a runner via Azure Storage Account blobs☆39Sep 25, 2024Updated last year
- A safe place to hide all your precious data at.☆25Feb 27, 2025Updated last year
- A set of AWS resources for testing the Log4Shell vulnerability, deployable with terraform☆11Dec 20, 2021Updated 4 years ago
- A catalog of services that can be publicly exposed within different cloud providers.☆14Aug 30, 2024Updated last year
- Given a list of domains and known IP and buckets that are owned, which might be susceptible to domain hijacking?☆15Sep 20, 2024Updated last year
- HoneyZure is a honeypot tool specifically designed for Azure environments, fully provisioned through Terraform. It leverages a Log Analyt…☆17Jun 11, 2024Updated last year
- An AWS IAM policy statement parser and query tool.☆198Feb 10, 2026Updated 3 weeks ago
- ☆51Jun 13, 2024Updated last year
- Generate datasets of cloud audit logs for common attacks☆234Feb 13, 2026Updated 3 weeks ago
- An evolving repository of CloudTrail events with detailed descriptions, MITRE ATT&CK insights, real-world incidents, references and secur…☆174Feb 22, 2026Updated last week
- yams is a Go library, server, and CLI providing foundational capabilities to simulate access for AWS IAM policies☆35Feb 26, 2026Updated last week
- When good OAuth apps go rogue. Documents observed OAuth application tradecraft☆84Jan 30, 2026Updated last month
- Invictus Threat Intelligence: IOCs and TTPs from blogs, research and more☆30Nov 26, 2025Updated 3 months ago
- Red-Team - AI Agent to Phish Employees based on Social Intelligence.☆23Dec 28, 2025Updated 2 months ago
- Enhance GitHub security by revoking unused credentials automatically with TenTwentyOne's GitHub Action☆17Apr 4, 2025Updated 11 months ago
- ☆46Nov 7, 2024Updated last year
- ☆124May 26, 2025Updated 9 months ago
- Creates needed resources for federating access between a GCP service account and AWS IAM role.☆29Apr 3, 2024Updated last year
- CloudGrappler is a purpose-built tool designed for effortless querying of high-fidelity and single-event detections related to well-known…☆266Nov 21, 2025Updated 3 months ago
- A tool to help pentesters quickly identify privileged principals and second-order privilege escalation opportunities in unfamiliar AWS ac…☆145Nov 14, 2025Updated 3 months ago
- Palo Alto Networks AI Runtime Security Model Context Protocol (MCP) Relay Server☆31Jan 27, 2026Updated last month
- Perform file-based malware scan on your on-prem servers with AWS☆14Oct 31, 2023Updated 2 years ago
- AHHHZURE is an automated deployment script that creates a vulnerable Azure cloud lab for offensive security practitioners and enthusiasts…☆104Apr 22, 2024Updated last year
- ☆229Feb 24, 2026Updated last week
- Clean accounts over permissions in GCP infra at scale☆71May 9, 2023Updated 2 years ago
- NamespaceHound is the tool for detecting the risk of potential namespace crossing violations in multi-tenant clusters.☆112Jan 2, 2025Updated last year
- ☆192Apr 16, 2025Updated 10 months ago
- A comprehensive framework and assessment toolkit for measuring and improving Cloud Native security maturity across 8 critical business fu…☆10Jun 24, 2025Updated 8 months ago
- Threat Modeling with ATT&CK defines how to integreate MITRE ATT&CK® into your organization’s existing threat modeling methodology.☆12May 28, 2025Updated 9 months ago
- Server for receiving autorun data from the clients☆13Sep 26, 2017Updated 8 years ago
- Granular, Actionable Adversary Emulation for the Cloud☆2,267Updated this week
- RepoReaper is an automated tool crafted to meticulously scan and identify exposed .git repositories within specified domains and their su…☆35Feb 20, 2024Updated 2 years ago
- A tool for standing up (and tearing down!) purposefully insecure cloud infrastructure☆753Oct 14, 2023Updated 2 years ago
- Cloud Commotion intends to cause chaos to simulate security incidents☆146Jun 18, 2024Updated last year
- A PoC to Simulate Ransomware Attack on AWS Environment☆33Oct 14, 2024Updated last year
- ☆53Oct 27, 2024Updated last year
- Public repository of all things cloud security.☆47Sep 20, 2024Updated last year