anunay-bhatt / secure-serverless-reference-architecture
A walkthrough of security controls for a serverless architecture via a demo application
☆11Updated 2 years ago
Related projects: ⓘ
- WAF bypass PoC☆43Updated 11 months ago
- Determine privileges from cloud credentials via brute-force testing.☆63Updated 3 weeks ago
- A small library to alter AWS API requests; Used for fuzzing research☆21Updated 10 months ago
- An implementation of infrastructure-as-code scanning using dynamic tooling.☆56Updated 2 years ago
- A toolset to juggle AWS roles for persistent access☆47Updated last month
- Blogpost series showcasing interesting cloud - web app security bugs☆44Updated last year
- CdkGoat is Bridgecrew's "Vulnerable by Design" AWS CDK repository. CdkGoat is a learning and training project that demonstrates how commo…☆43Updated last year
- AWS SSO serverless phishing API.☆29Updated 3 years ago
- A meta-database collecting resources that compile lists of breaches☆17Updated 5 months ago
- PoC for gaining persistency on vulnerable Lambdas☆30Updated 3 years ago
- Fun tools around the EBS Direct API☆17Updated 3 years ago
- ☆30Updated this week
- Offensive Terraform Website☆44Updated 3 years ago
- A combined list of helpful awscli commands from Scott Piper's flaws.cloud exercise as well as from Beau Bullock's Breaching the Cloud Tra…☆18Updated 3 years ago
- Vulnerable by Design AWS Cloud Development Kit (CDK) Infrastructure☆42Updated 8 months ago
- GCP GOAT is the vulnerable application for learn the GCP Security☆61Updated 11 months ago
- Based on Lightspin proprietary data, research, and our tracking of cloud security trends in the market, our research team has compiled a …☆38Updated 2 years ago
- Simple Command Line Tool to Enumerate Slack Workspace Names from Slack Webhook URLs.☆38Updated 9 months ago
- OWASP Foundation Web Respository☆33Updated 2 weeks ago
- Konstellation is a configuration-driven CLI tool to enumerate cloud resources and store the data into Neo4j.☆19Updated last year
- Jekyll Files for cloudsecwiki.com☆49Updated 3 years ago
- A GitHub Actions Supply Chain CTF / Goat☆16Updated 3 months ago
- ☆39Updated 3 months ago
- Tool for reconnaissance of AWS cloud environments☆13Updated 11 months ago
- A set of AWS resources for testing the Log4Shell vulnerability, deployable with terraform☆12Updated 2 years ago
- Appsecco training course content on Attacking and Auditing Dockers Containers and Kubernetes Clusters☆13Updated 4 years ago
- Tools that checks for misconfigured access to Github OIDC from AWS roles and GCP service accounts☆56Updated last year
- Lightspin AWS IAM Vulnerability Scanner☆96Updated 3 years ago
- Correlates serviceaccounts and pods to the permissions granted to them via rolebindings and clusterrolesbindings.☆34Updated 2 years ago
- ☆58Updated last year