Exploits written by the Rhino Security Labs team
☆1,100Jan 23, 2021Updated 5 years ago
Alternatives and similar repositories for Security-Research
Users that are interested in Security-Research are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- A collection of AWS penetration testing junk☆1,224Aug 30, 2023Updated 2 years ago
- The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.☆5,166Apr 27, 2026Updated last week
- A centralized source of all AWS IAM privilege escalation methods released by Rhino Security Labs.☆927Jul 25, 2019Updated 6 years ago
- Tools for fingerprinting and exploiting Amazon cloud infrastructures☆500Nov 10, 2022Updated 3 years ago
- CloudGoat is Rhino Security Labs' "Vulnerable by Design" AWS deployment tool☆3,554Apr 27, 2026Updated last week
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- WeirdAAL (AWS Attack Library)☆841Jan 13, 2025Updated last year
- Red Team Tips as posted by @vysecurity on Twitter☆1,116Apr 26, 2020Updated 6 years ago
- Wiki to collect Red Team infrastructure hardening resources☆4,476Oct 1, 2025Updated 7 months ago
- Scan for misconfigured S3 buckets across S3-compatible APIs!☆3,063Apr 25, 2026Updated last week
- Enumerate the permissions associated with AWS credential set☆1,232Feb 5, 2024Updated 2 years ago
- RedSnarf is a pen-testing / red-teaming tool for Windows environments☆1,212Sep 14, 2020Updated 5 years ago
- Cloud-related research releases from the Rhino Security Labs team.☆392Apr 23, 2020Updated 6 years ago
- Security Tool to Look For Interesting Files in S3 Buckets☆1,460Apr 10, 2024Updated 2 years ago
- A tool to abuse Exchange services☆2,302Jun 10, 2024Updated last year
- AI Agents on DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- MailSniper is a penetration testing tool for searching through email in a Microsoft Exchange environment for specific terms (passwords, i…☆3,227Aug 7, 2025Updated 8 months ago
- Portia aims to automate a number of techniques commonly performed on internal network penetration tests after a low privileged account ha…☆501Aug 7, 2020Updated 5 years ago
- Run PowerShell command without invoking powershell.exe☆1,551Apr 9, 2026Updated 3 weeks ago
- Remote Recon and Collection☆460Nov 23, 2017Updated 8 years ago
- Uses Empire's (https://github.com/BC-SECURITY/Empire) RESTful API to automate gaining Domain and/or Enterprise Admin rights in Active Dir…☆1,619Jan 23, 2024Updated 2 years ago
- HTA encryption tool for RedTeams☆1,426Nov 9, 2022Updated 3 years ago
- Python3 Burp History parsing tool to discover potential SQL injection points. To be used in tandem with SQLmap.☆472Nov 14, 2019Updated 6 years ago
- PowerShell Runspace Post Exploitation Toolkit☆1,550Aug 2, 2019Updated 6 years ago
- Unicorn is a simple tool for using a PowerShell downgrade attack and inject shellcode straight into memory. Based on Matthew Graeber's po…☆3,910Jan 24, 2024Updated 2 years ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- A tool for quickly evaluating IAM permissions in AWS.☆1,550Aug 2, 2024Updated last year
- A Tool for Domain Flyovers☆5,927May 22, 2022Updated 3 years ago
- Payload Generation Framework☆1,979Aug 21, 2024Updated last year
- List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.☆9,438Apr 17, 2026Updated 2 weeks ago
- Enumerate usernames on a domain where you have no creds by using SMB Relay with low priv.☆400May 20, 2020Updated 5 years ago
- Cloud Container Attack Tool (CCAT) is a tool for testing security of container environments.☆651Nov 21, 2019Updated 6 years ago
- Cloud Security Suite - One stop tool for auditing the security posture of AWS/GCP/Azure infrastructure.☆1,171Dec 8, 2022Updated 3 years ago
- A tool to elevate privilege with Windows Tokens☆1,066Oct 6, 2023Updated 2 years ago
- SSRF (Server Side Request Forgery) testing resources☆2,493Oct 12, 2024Updated last year
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- ☆2,323Dec 8, 2023Updated 2 years ago
- SMB MiTM tool with a focus on attacking clients through file content swapping, lnk swapping, as well as compromising any data passed over…☆383Aug 17, 2018Updated 7 years ago
- CACTUSTORCH: Payload Generation for Adversary Simulations��☆1,016Jul 3, 2018Updated 7 years ago
- A project designed to parse public source code repositories and find various types of vulnerabilities.☆194Oct 6, 2017Updated 8 years ago
- Empire is a PowerShell and Python post-exploitation agent.☆7,831Jan 19, 2020Updated 6 years ago
- A swiss army knife for pentesting networks☆9,129Dec 6, 2023Updated 2 years ago
- The project is called Great SCT (Great Scott). Great SCT is an open source project to generate application white list bypasses. This tool…☆1,124Feb 10, 2021Updated 5 years ago