RhinoSecurityLabs / GCP-IAM-Privilege-Escalation
A collection of GCP IAM privilege escalation methods documented by the Rhino Security Labs team.
☆382Updated last year
Alternatives and similar repositories for GCP-IAM-Privilege-Escalation
Users that are interested in GCP-IAM-Privilege-Escalation are comparing it to the libraries listed below
Sorting:
- GCPGoat : A Damn Vulnerable GCP Infrastructure☆384Updated 6 months ago
- Use Terraform to create your own vulnerable by design AWS IAM privilege escalation playground.☆500Updated last year
- A script to enumerate Google Storage buckets, determine what access you have to them, and determine if they can be privilege escalated.☆517Updated last year
- A tool for standing up (and tearing down!) purposefully insecure cloud infrastructure☆700Updated last year
- Enumeration/exploit/analysis/download/etc pentesting framework for GCP; modeled like Pacu for AWS; a product of numerous hours via @Webbi…☆246Updated this week
- Offensive security and Penetration Testing TTP for Cloud based environment (AWS / Azure / GCP)☆332Updated 2 months ago
- The AWS Enumerator was created for service enumeration and info dumping for investigations of penetration testers during Black-Box testin…☆205Updated 3 years ago
- Identify privilege escalation paths within and across different clouds☆692Updated last month
- Cloud-related research releases from the Rhino Security Labs team.☆386Updated 5 years ago
- Recon tool for cloud provider attribution. Supports AWS, Azure, Google, Cloudflare, and Digital Ocean.☆166Updated 6 months ago
- Playing around with Stratus Red Team (Cloud Attack simulation tool) and SumoLogic☆297Updated 2 years ago
- ☆173Updated 2 years ago
- This repository is in progress, it will keep updating as I come across to new learning materials. Feel free to contribute.☆221Updated 2 years ago
- This repo contains IOC, malware and malware analysis associated with Public cloud☆249Updated 6 months ago
- S3 Account Search☆4Updated 6 months ago
- Find exposed data in Azure with this public blob scanner☆336Updated 10 months ago
- Automated Attack Simulation in the Cloud, complete with detection use cases.☆567Updated 5 months ago
- Serverless Functions for establishing Reverse Shells to Lambda, Azure Functions, and Google Cloud Functions☆244Updated 2 months ago
- ☆613Updated last year
- Damn Vulnerable Cloud Application☆193Updated 6 years ago
- Unauthenticated enumeration of AWS, Azure, and GCP Principals☆231Updated 6 months ago
- Cloud Container Attack Tool (CCAT) is a tool for testing security of container environments.☆623Updated 5 years ago
- BadZure orchestrates the setup of Azure AD tenants, populating them with diverse entities while also introducing common security misconfi…☆455Updated last month
- ☆412Updated 2 years ago
- A tool to keep AWS pentests and red teams efficient, organized, and stealthy.☆91Updated last year
- ☆248Updated 10 months ago
- Cloudlist is a tool for listing Assets from multiple Cloud Providers.☆924Updated this week
- This Repo serves as a collection of shared security and penetration testing resources for the cloud.☆267Updated 9 months ago
- These are tools we released with our 2020 defcon/blackhat talk https://www.youtube.com/watch?v=Ml09R38jpok☆173Updated 3 months ago
- Proof of concept code for Datadog Security Labs referenced exploits.☆436Updated last month