alexivkin / kubepwn
Kubernetes Pwnage for all
☆57Updated 4 years ago
Alternatives and similar repositories for kubepwn:
Users that are interested in kubepwn are comparing it to the libraries listed below
- Container Blackbox Security Auditing Tool: enumerates security configuration from within the target container☆106Updated 6 years ago
- ☆27Updated 4 months ago
- Kubernetes Easter CTF☆58Updated 4 years ago
- A beginner-friendly CTF about Kubernetes security.☆77Updated 2 years ago
- Jekyll Files for cloudsecwiki.com☆50Updated 3 years ago
- ☆124Updated 8 months ago
- Research on the enumeration of IAM permissions without logging to CloudTrail☆60Updated 3 years ago
- ☆93Updated last month
- DEF CON 26 Workshop - Attacking & Auditing Docker Containers Using Open Source☆107Updated 5 years ago
- ☆48Updated 5 years ago
- Security testing tool for Kubernetes, abusing kubelet credentials on public cloud providers.☆162Updated last year
- Whitebox evaluation of effective S3 object permissions, to identify publicly accessible files.☆76Updated 3 years ago
- Reference architecture and proof of concept implementation for supply chain security gateway☆23Updated 2 years ago
- PESD (Proxy Enriched Sequence Diagrams) Exporter converts Burp Suite's proxy traffic into interactive diagrams☆103Updated 2 months ago
- An implementation of infrastructure-as-code scanning using dynamic tooling.☆56Updated 3 years ago
- ☆28Updated 4 years ago
- This repo gives an overview of some GCP metadata API attack and defend patterns☆76Updated 5 years ago
- Dockerfile Security Checker using OPA Rego policies with Conftest☆59Updated 2 years ago
- ☆58Updated last year
- A step-by-step walkthrough of CloudGoat 2.0 scenarios.☆134Updated 4 years ago
- Serverless Workshop☆16Updated 2 years ago
- GCP cloud security CTF☆44Updated last year
- ☆49Updated 4 years ago
- OWASP Foundation Web Respository☆34Updated 7 months ago
- Kubernetes Security Testing Guide☆26Updated 11 months ago
- Blogpost series showcasing interesting cloud - web app security bugs☆47Updated last year
- ☆110Updated last year
- Hayat is a script for report and analyze Google Cloud Platform resources.☆80Updated 5 years ago
- Protect against subdomain takeover☆93Updated 10 months ago
- DEPRECATED, please use the new repository from OWASP: https://github.com/OWASP/raider☆139Updated 3 years ago