RhinoSecurityLabs / Security-Research
Exploits written by the Rhino Security Labs team
☆1,070Updated 4 years ago
Alternatives and similar repositories for Security-Research:
Users that are interested in Security-Research are comparing it to the libraries listed below
- WeirdAAL (AWS Attack Library)☆797Updated 2 months ago
- A collection of AWS penetration testing junk☆1,190Updated last year
- Security Tool to Look For Interesting Files in S3 Buckets☆1,393Updated 11 months ago
- Tools for fingerprinting and exploiting Amazon cloud infrastructures☆462Updated 2 years ago
- A centralized source of all AWS IAM privilege escalation methods released by Rhino Security Labs.☆907Updated 5 years ago
- Cloud-related research releases from the Rhino Security Labs team.☆382Updated 4 years ago
- barq: The AWS Cloud Post Exploitation framework!☆387Updated 2 years ago
- A tool for identifying misconfigured CloudFront domains☆350Updated 4 years ago
- Cloud Container Attack Tool (CCAT) is a tool for testing security of container environments.☆619Updated 5 years ago
- for AWS Security material☆246Updated 2 years ago
- A graph-based tool for visualizing effective access and resource relationships in AWS environments.☆937Updated 2 years ago
- A script to enumerate Google Storage buckets, determine what access you have to them, and determine if they can be privilege escalated.☆508Updated last year
- An OSINT tool that discovers sub-domains by searching Certificate Transparency logs☆469Updated 2 years ago
- Issues to consider when planning a red team exercise.☆615Updated 7 years ago
- A tool to capture all the git secrets by leveraging multiple open source git searching tools☆1,125Updated 5 years ago
- Burp-Automator: A Burp Suite Automation Tool with Slack Integration. It can be used with Jenkins and Selenium to automate Dynamic Applica…☆481Updated 6 years ago
- DNS Rebinding Exploitation Framework☆488Updated 3 years ago
- A tool designed to assist with finding all sinks and sources of a web application and display these results in a digestible manner.☆557Updated 2 years ago
- a Damn Vulnerable Serverless Application☆537Updated last year
- Scan for misconfigured S3 buckets across S3-compatible APIs!☆2,710Updated this week
- Enumerate the permissions associated with AWS credential set☆1,137Updated last year
- A tool for standing up (and tearing down!) purposefully insecure cloud infrastructure☆686Updated last year
- This repository contains all the material from the talk "Esoteric sub-domain enumeration techniques" given at Bugcrowd LevelUp 2017 virtu…☆634Updated 6 years ago
- CloudScraper: Tool to enumerate targets in search of cloud resources. S3 Buckets, Azure Blobs, Digital Ocean Storage Space.☆516Updated 3 years ago
- A scripted pipeline of tools to streamline the bug bounty/penetration test reconnaissance phase, so you can focus on chomping bugs.☆396Updated 4 years ago
- Cloud Security Suite - One stop tool for auditing the security posture of AWS/GCP/Azure infrastructure.☆1,150Updated 2 years ago
- A DNS rebinding attack framework.☆1,069Updated last week
- Scanning pastebin with yara rules☆1,084Updated 9 months ago
- List of S3 Hacks☆394Updated 3 months ago
- A default credential scanner.☆1,474Updated 3 years ago