A step-by-step walkthrough of CloudGoat 2.0 scenarios.
☆136Apr 28, 2020Updated 6 years ago
Alternatives and similar repositories for attacking-cloudgoat2
Users that are interested in attacking-cloudgoat2 are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- This repo contains workshop material delivered at #nullcon2020☆16Mar 6, 2020Updated 6 years ago
- DEF CON 26 Workshop - Attacking & Auditing Docker Containers Using Open Source☆108Nov 18, 2019Updated 6 years ago
- Course content, lab setup instructions and documentation of our very popular Breaking and Pwning Apps and Servers on AWS and Azure hands …☆953Nov 26, 2022Updated 3 years ago
- Damn Vulnerable Cloud Application☆211Sep 12, 2018Updated 7 years ago
- Some of my public exploits☆53Sep 15, 2020Updated 5 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- A tool for standing up (and tearing down!) purposefully insecure cloud infrastructure☆775Oct 14, 2023Updated 2 years ago
- CloudGoat is Rhino Security Labs' "Vulnerable by Design" AWS deployment tool☆3,599Apr 28, 2026Updated 3 weeks ago
- An AWS Lambda vulnerable application written in flask.☆49Oct 9, 2017Updated 8 years ago
- ☆12Mar 31, 2021Updated 5 years ago
- This repository contains a collection of cheatsheets I have put together for tools related to pentesting organizations that leverage clou…☆2,818Apr 6, 2026Updated last month
- Hacking Artifactory with server side template injection☆51Mar 12, 2020Updated 6 years ago
- ThreatBox is a standard and controlled Linux based attack platform. I've used a version of this for years. It started as a collection of …☆77Nov 19, 2024Updated last year
- Repo to hold the markdown-ified metadata on AppSec tools that are automation-friendly☆12Jun 13, 2016Updated 9 years ago
- Automated Attack Simulation in the Cloud, complete with detection use cases.☆612Nov 28, 2024Updated last year
- Open source password manager - Proton Pass • AdSecurely store, share, and autofill your credentials with Proton Pass, the end-to-end encrypted password manager trusted by millions.
- Assess certain AWS network configurations☆12Aug 22, 2018Updated 7 years ago
- OpenVPN Connect for Windows (MSI) - 3.1.0.361 - Privilege Escalation☆26Feb 28, 2020Updated 6 years ago
- ☆11Mar 19, 2019Updated 7 years ago
- Yet Another Sniffer for monitoring network traffic☆85Jun 12, 2021Updated 4 years ago
- This application is developed to test the race condition vulnerability in the web application. We have discussed about this vulnerability…☆14Oct 1, 2016Updated 9 years ago
- PoC for CVE-2020-1015☆40May 16, 2020Updated 6 years ago
- Cloud Container Attack Tool (CCAT) is a tool for testing security of container environments.☆651Nov 21, 2019Updated 6 years ago
- Collection of different exploitation scenarios of JWT.☆21Jul 23, 2021Updated 4 years ago
- Azure Red Team tool for graphing Azure and Azure Active Directory objects☆1,700Jan 8, 2024Updated 2 years ago
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- SkyArk helps to discover, assess and secure the most privileged entities in Azure and AWS☆910Dec 17, 2024Updated last year
- ☆11Jan 24, 2023Updated 3 years ago
- ☆141Mar 29, 2023Updated 3 years ago
- Small POC in powershell exploiting hardlinks during the VM deletion process☆55Jan 18, 2020Updated 6 years ago
- A simple file-based scanner to look for potential AWS access and secret keys in files☆94Mar 18, 2024Updated 2 years ago
- Collection of content discovery wordlists in one wordlist.☆38Jan 18, 2022Updated 4 years ago
- a parser + crawler for .DS_Store files exposed publically☆56Jun 6, 2023Updated 2 years ago
- WeirdAAL (AWS Attack Library)☆842Jan 13, 2025Updated last year
- Use Terraform to create your own vulnerable by design AWS IAM privilege escalation playground.☆569Mar 12, 2026Updated 2 months ago
- Simple, predictable pricing with DigitalOcean hosting • AdAlways know what you'll pay with monthly caps and flat pricing. Enterprise-grade infrastructure trusted by 600k+ customers.
- Search exposed EBS volumes for secrets☆304Apr 24, 2023Updated 3 years ago
- Cloud Security Suite - One stop tool for auditing the security posture of AWS/GCP/Azure infrastructure.☆1,171Dec 8, 2022Updated 3 years ago
- ElectricEye is a multi-cloud, multi-SaaS Python CLI tool for Asset Management, Security Posture Management & Attack Surface Monitoring su…☆1,040Feb 9, 2026Updated 3 months ago
- List of all the Publicly disclosed vulnerabilities of Public Cloud Provider like Amazon Web Services (AWS), Microsoft Azure, Google Cloud…☆371May 4, 2023Updated 3 years ago
- Proof of concept incident response demo using SSM and AWS Fargate.☆15Dec 5, 2019Updated 6 years ago
- A step by step workshop to exploit various vulnerabilities in Node.js and Java applications☆156Mar 17, 2024Updated 2 years ago
- The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.☆5,194Updated this week