allisonis / gcp-iam-sentinel-examples
☆28Updated 4 years ago
Related projects ⓘ
Alternatives and complementary repositories for gcp-iam-sentinel-examples
- ☆27Updated last week
- An implementation of infrastructure-as-code scanning using dynamic tooling.☆56Updated 2 years ago
- Kubernetes Pwnage for all☆54Updated 3 years ago
- GCP CSPM using Google Sheets☆34Updated 4 months ago
- Container Blackbox Security Auditing Tool: enumerates security configuration from within the target container☆86Updated 5 years ago
- Kubernetes Easter CTF☆58Updated 4 years ago
- A combined list of helpful awscli commands from Scott Piper's flaws.cloud exercise as well as from Beau Bullock's Breaching the Cloud Tra…☆18Updated 3 years ago
- Automated GKE Kubelet Impersonation and Cluster Secret Stealer via kube-env☆102Updated 5 years ago
- Visualize your Terraform files☆34Updated 4 years ago
- Updated incident response generator for training classes☆41Updated 3 years ago
- This repo gives an overview of some GCP metadata API attack and defend patterns☆76Updated 4 years ago
- ☆48Updated 4 years ago
- Whitebox evaluation of effective S3 object permissions, to identify publicly accessible files.☆74Updated 2 years ago
- Manage GuardDuty At Enterprise Scale☆22Updated 4 years ago
- These are tools we released with our 2020 defcon/blackhat talk https://www.youtube.com/watch?v=Ml09R38jpok☆164Updated last year
- A CLI that utilizes Okta IdP via SAML to acquire temporary AWS credentials☆10Updated 3 years ago
- Offensive Terraform module which creates an IAM role with trust relationship with attacker's AWS account and attaches managed IAM Policy …☆12Updated 4 years ago
- Compares and analyzes GCP IAM roles.☆76Updated 5 months ago
- Security Alert Decoration☆26Updated this week
- Scan your EC2 instance to find its vulnerabilities using Vuls (https://vuls.io/en/)☆87Updated last year
- Utility for downloading and mounting EBS snapshots using the EBS Direct API's☆73Updated last year
- AWS Incident Response Kit (AIRK) - AWS Incident Response☆21Updated 4 years ago
- A tool for testing continuous integration (CI) or continuous delivery (CD) system security☆23Updated 11 years ago
- Hayat is a script for report and analyze Google Cloud Platform resources.☆79Updated 4 years ago
- Dockerfile Security Checker using OPA Rego policies with Conftest☆59Updated 2 years ago
- Gordon is status check Github app to enforce and validate about.yaml file specifications in a repository during pull requests to drive co…☆20Updated last week