WithSecureLabs / leonidas
Automated Attack Simulation in the Cloud, complete with detection use cases.
☆550Updated last month
Alternatives and similar repositories for leonidas:
Users that are interested in leonidas are comparing it to the libraries listed below
- Playing around with Stratus Red Team (Cloud Attack simulation tool) and SumoLogic☆284Updated 2 years ago
- Cloud Container Attack Tool (CCAT) is a tool for testing security of container environments.☆610Updated 5 years ago
- Serverless Functions for establishing Reverse Shells to Lambda, Azure Functions, and Google Cloud Functions☆236Updated last month
- A tool for standing up (and tearing down!) purposefully insecure cloud infrastructure☆676Updated last year
- Cloud-related research releases from the Rhino Security Labs team.☆375Updated 4 years ago
- ✨ A compilation of suggested tools/services for each component in a detection and response pipeline, along with real-world examples. The …☆264Updated 11 months ago
- Use Terraform to create your own vulnerable by design AWS IAM privilege escalation playground.☆487Updated 11 months ago
- Unauthenticated enumeration of AWS, Azure, and GCP Principals☆210Updated 2 months ago
- 🚨ATTENTION🚨 The Security Stack Mappings have migrated to the Center’s Mappings Explorer project. See README below. This repository is k…☆378Updated 9 months ago
- ☆169Updated last year
- ☆378Updated last year
- This repo contains IOC, malware and malware analysis associated with Public cloud☆246Updated 2 months ago
- CNAPPgoat is an open source project designed to modularly provision vulnerable-by-design components in cloud environments.☆271Updated 4 months ago
- Recon tool for cloud provider attribution. Supports AWS, Azure, Google, Cloudflare, and Digital Ocean.☆164Updated 2 months ago
- A collection of GCP IAM privilege escalation methods documented by the Rhino Security Labs team.☆359Updated 8 months ago
- A Cloud Security Posture Manager or CSPM with a focus on security analysis for the modern cloud stack and a focus on the emerging threat …☆178Updated 4 months ago
- WeirdAAL (AWS Attack Library)☆792Updated this week
- Open Cloud Security Posture Management Engine☆336Updated 2 years ago
- Threatest is a CLI and Go framework for end-to-end testing threat detection rules.☆323Updated last year
- ☆368Updated 10 months ago
- KaiMonkey provides vulnerable infrastructure as code (IaC) to help explore and understand common cloud security threats exposed via IaC.☆97Updated last year
- Enumeration/exploit/analysis/download/etc pentesting framework for GCP; modeled like Pacu for AWS; a product of numerous hours via @Webbi…☆222Updated 4 months ago
- This is a collection of threat detection rules / rules engines that I have come across.☆277Updated 8 months ago
- A Docker container for remote penetration testing.☆133Updated 3 years ago
- Atomic Purple Team Framework and Lifecycle☆284Updated 3 years ago
- A little tool to play with Azure Identity - Azure and Entra ID lab creation tool. Blog: https://medium.com/@iknowjason/sentinel-for-pur…☆547Updated last month
- Dorothy is a tool to test security monitoring and detection for Okta environments☆178Updated 5 months ago
- OWASP Domain Protect - prevent subdomain takeover☆401Updated 3 weeks ago
- A graph-based tool for visualizing effective access and resource relationships in AWS environments.☆927Updated 2 years ago