PawelKozy / mcp-breach-to-fix-labsLinks
Hands-on MCP security lab: 10 real incidents reproduced with vulnerable/secure MCP servers, pytest regressions, and Claude/Cursor battle-tested exploit walkthroughs
☆32Updated last week
Alternatives and similar repositories for mcp-breach-to-fix-labs
Users that are interested in mcp-breach-to-fix-labs are comparing it to the libraries listed below
Sorting:
- A tool for scanning public or private AMIs for sensitive files and secrets. The tool follows the research made on AWS CloudQuarry where w…☆110Updated last year
- A simple script which implements different Cognito attacks such as Account Oracle or Priviledge Escalation☆109Updated last year
- RansomWhen is a tool to enumerate identities that can lock S3 Buckets using KMS, resulting in ransomwares, as well as detect occurances o…☆58Updated 10 months ago
- Verizon Burp Extensions: AI Suite☆141Updated 7 months ago
- FrogPost: postMessage Security Testing Tool☆104Updated last week
- Ansible/Vagrant/Packer files to create a virtual machine with the tooling needed to perform cloud security assessments☆142Updated 11 months ago
- IMDSPOOF is a cyber deception tool that spoofs the AWS IMDS service to return HoneyTokens that can be alerted on.☆107Updated 2 years ago
- ☆55Updated 2 years ago
- A tool to keep AWS pentests and red teams efficient, organized, and stealthy.☆96Updated last year
- A collection of Turbo Intruder scripts.☆66Updated 10 months ago
- An experimental project using LLM technology to generate security documentation for Open Source Software (OSS) projects☆34Updated 9 months ago
- AWS IAM Username Enumerator and Password Spraying Tool in Python3☆86Updated this week
- gRPC Goat is a "Vulnerable by Design" lab created to provide an interactive, hands-on playground for learning and practicing gRPC securit…☆50Updated 2 months ago
- AIGoat: A deliberately Vulnerable AI Infrastructure. Learn AI security through solving our challenges.☆260Updated 2 months ago
- Feed it a number. Your cloned voice does the social engineering, while you sip your coffee. A ghost that talks on the phone for you.☆107Updated 6 months ago
- A tool to help pentesters quickly identify privileged principals and second-order privilege escalation opportunities in unfamiliar AWS ac…☆136Updated 3 weeks ago
- This GitHub Action sends a reverse shell from a runner via Azure Storage Account blobs☆37Updated last year
- A powerful tool that leverages AI to automatically generate comprehensive security documentation for your projects☆98Updated 2 months ago
- ☆40Updated 2 months ago
- A simple web app to get the latest EPSS data for a CVE ID☆11Updated last week
- Secrets Ninja is an GUI tool for validating & investigating API keys discovered during pentesting & bug bounty hunting.☆157Updated last week
- Enumeration/exploit/analysis/download/etc pentesting framework for GCP; modeled like Pacu for AWS; a product of numerous hours via @Webbi…☆274Updated 6 months ago
- Create honeypots for cloud environments☆107Updated 2 months ago
- ☆100Updated 2 weeks ago
- Collection of Docker honeypot logs from 2021 - 2024☆36Updated last year
- Comprehensive AWS cloud reconnaissance and privilege escalation toolkit written in Python. Features IAM, EC2, S3, Lambda, ECS, Secrets Ma…☆47Updated 5 months ago
- A research project to add some brrrrrr to Burp☆196Updated 10 months ago
- A web CTF for training developers in bug hunting and secure coding!☆101Updated 11 months ago
- Payloads for AI Red Teaming and beyond☆309Updated 3 months ago
- ☆193Updated 7 months ago