appsecco / CloudPentestCheatsheets
This repository contains a collection of cheatsheets I have put together for tools related to pentesting organizations that leverage cloud providers.
☆22Updated 4 years ago
Alternatives and similar repositories for CloudPentestCheatsheets:
Users that are interested in CloudPentestCheatsheets are comparing it to the libraries listed below
- Repository for all the workshop content delivered at nullcon X on 1st of March 2019☆81Updated 5 years ago
- Scripts and tools for AWS Pentest☆53Updated 4 years ago
- ☆28Updated 5 years ago
- Virtual Security Operations Center☆50Updated last year
- AWS Security Checks☆37Updated 7 years ago
- Route53/CloudFront Vulnerability Assessment Utility☆85Updated last year
- A step-by-step walkthrough of CloudGoat 2.0 scenarios.☆134Updated 4 years ago
- A tool to enumerate S3 buckets manually or via certstream☆82Updated last year
- Docs: Vulnerability management aggregation of AppSec & OpSec (Tools Listing)☆30Updated last year
- All the common commands used in a red teaming operation or CTF. This is a work in progress and will be updated with time.☆41Updated 4 years ago
- A collection of slides, videos, and proof-of-concept scripts from various Rhino presentations.☆38Updated 6 years ago
- Amazon bucket brute force tool☆99Updated 11 years ago
- Preventing malicious takeover of the retired slurp AWS tool☆40Updated 6 years ago
- A Modular Framework for the Automated Vulnerability Analysis in IP-based Networks☆65Updated 3 years ago
- Scrap Latest Information Security Resources☆31Updated 4 years ago
- A simple file-based scanner to look for potential AWS access and secret keys in files☆91Updated 11 months ago
- Pivot into private VPC networks using a VPN connection☆41Updated 5 years ago
- Lab exercises to practice privilege escalation scenarios in AWS IAM. These exercises and the slides go through the basics behind AWS IAM,…☆16Updated 5 years ago
- A collection of tools to find data that has been made public in cloud storage systems such as S3 Buckets and Digital Ocean Spaces☆74Updated 2 years ago
- Another Subdomain ENumeration Tool☆11Updated 2 years ago
- Appsecco training course content on Attacking and Auditing Dockers Containers and Kubernetes Clusters☆14Updated 4 years ago
- An AWS Lambda vulnerable application written in flask.☆48Updated 7 years ago
- ☆34Updated 4 years ago
- Scripts and misc. stuff related to the PortSwigger Web Academy☆17Updated 3 years ago
- This repository mainly focuses on various techniques, tools, frameworks and approach to perform offensive exploitation of AWS infrastruct…☆11Updated 5 years ago
- Monitoring GitHub for sensitive data shared publicly☆66Updated 3 years ago
- This repository will serve as the "master" repo containing all trainings and tutorials done in preperation for OSWE in conjunction with t…☆13Updated 5 years ago
- The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.☆48Updated 5 years ago
- The Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parameters☆63Updated last year
- Extensive code infrastructure for finding unintended information leaks in files, git repositories and much more.☆28Updated 2 years ago