RhinoSecurityLabs / pacu
The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.
☆4,306Updated last month
Related projects: ⓘ
- CloudGoat is Rhino Security Labs' "Vulnerable by Design" AWS deployment tool☆2,893Updated last week
- Multi-Cloud Security Auditing Tool☆6,593Updated last week
- Automating situational awareness for cloud penetration tests.☆1,896Updated last month
- Cloud Security Posture Management (CSPM)☆3,302Updated 2 months ago
- An encyclopedia for offensive and defensive security knowledge in cloud native technologies.☆1,640Updated 2 weeks ago
- Scan for misconfigured S3 buckets across S3-compatible APIs!☆2,507Updated this week
- This repository contains a collection of cheatsheets I have put together for tools related to pentesting organizations that leverage clou…☆2,509Updated 11 months ago
- List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.☆8,901Updated 8 months ago
- Granular, Actionable Adversary Emulation for the Cloud☆1,742Updated this week
- AWSGoat : A Damn Vulnerable AWS Infrastructure☆1,710Updated this week
- A centralized source of all AWS IAM privilege escalation methods released by Rhino Security Labs.☆892Updated 5 years ago
- A tool for quickly evaluating IAM permissions in AWS.☆1,406Updated last month
- ASOC, ASPM, DevSecOps, Vulnerability Management Using ArcherySec.☆2,263Updated 2 weeks ago
- "Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.☆4,756Updated last week
- Notes about attacking Jenkins servers☆1,949Updated 2 months ago
- The dynamic infrastructure framework for everybody! Distribute the workload of many different scanning tools with ease, including nmap, f…☆3,983Updated last month
- A collection of AWS penetration testing junk☆1,162Updated last year
- Security Tool to Look For Interesting Files in S3 Buckets☆1,354Updated 5 months ago
- Multi-cloud OSINT tool. Enumerate public resources in AWS, Azure, and Google Cloud.☆1,628Updated 2 months ago
- Open Source Vulnerability Management Platform☆4,871Updated this week
- A graph-based tool for visualizing effective access and resource relationships in AWS environments.☆905Updated last year
- Exploits written by the Rhino Security Labs team☆1,053Updated 3 years ago
- Red Team's SIEM - tool for Red Teams used for tracking and alarming about Blue Team activities as well as better usability in long term o…☆2,352Updated last week
- A Tool for Domain Flyovers☆5,604Updated 2 years ago
- WeirdAAL (AWS Attack Library)☆773Updated last year
- An OOB interaction gathering server and client library☆3,319Updated this week
- EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.☆4,905Updated last month
- A tool for standing up (and tearing down!) purposefully insecure cloud infrastructure☆644Updated 11 months ago
- A toolkit for testing, tweaking and cracking JSON Web Tokens☆5,282Updated last month
- 🛡️ Awesome Cloud Security Resources ⚔️☆2,031Updated 3 months ago