A step-by-step walkthrough of CloudGoat 2.0 scenarios.
☆136Apr 28, 2020Updated 5 years ago
Alternatives and similar repositories for attacking-cloudgoat2
Users that are interested in attacking-cloudgoat2 are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- This repo contains workshop material delivered at #nullcon2020☆16Mar 6, 2020Updated 6 years ago
- DEF CON 26 Workshop - Attacking & Auditing Docker Containers Using Open Source☆108Nov 18, 2019Updated 6 years ago
- Course content, lab setup instructions and documentation of our very popular Breaking and Pwning Apps and Servers on AWS and Azure hands …☆950Nov 26, 2022Updated 3 years ago
- Damn Vulnerable Cloud Application☆209Sep 12, 2018Updated 7 years ago
- Some of my public exploits☆52Sep 15, 2020Updated 5 years ago
- A tool for standing up (and tearing down!) purposefully insecure cloud infrastructure☆758Oct 14, 2023Updated 2 years ago
- CloudGoat is Rhino Security Labs' "Vulnerable by Design" AWS deployment tool☆3,510Updated this week
- An AWS Lambda vulnerable application written in flask.☆49Oct 9, 2017Updated 8 years ago
- ☆12Mar 31, 2021Updated 4 years ago
- This repository contains a collection of cheatsheets I have put together for tools related to pentesting organizations that leverage clou…☆2,807Sep 17, 2024Updated last year
- Hacking Artifactory with server side template injection☆51Mar 12, 2020Updated 6 years ago
- ThreatBox is a standard and controlled Linux based attack platform. I've used a version of this for years. It started as a collection of …☆76Nov 19, 2024Updated last year
- Repo to hold the markdown-ified metadata on AppSec tools that are automation-friendly☆12Jun 13, 2016Updated 9 years ago
- Automated Attack Simulation in the Cloud, complete with detection use cases.☆608Nov 28, 2024Updated last year
- Assess certain AWS network configurations☆12Aug 22, 2018Updated 7 years ago
- OpenVPN Connect for Windows (MSI) - 3.1.0.361 - Privilege Escalation☆26Feb 28, 2020Updated 6 years ago
- ☆11Mar 19, 2019Updated 7 years ago
- Yet Another Sniffer for monitoring network traffic☆84Jun 12, 2021Updated 4 years ago
- This application is developed to test the race condition vulnerability in the web application. We have discussed about this vulnerability…☆14Oct 1, 2016Updated 9 years ago
- PoC for CVE-2020-1015☆39May 16, 2020Updated 5 years ago
- Cloud Container Attack Tool (CCAT) is a tool for testing security of container environments.☆646Nov 21, 2019Updated 6 years ago
- Collection of different exploitation scenarios of JWT.☆21Jul 23, 2021Updated 4 years ago
- Azure Red Team tool for graphing Azure and Azure Active Directory objects☆1,689Jan 8, 2024Updated 2 years ago
- Small POC in powershell exploiting hardlinks during the VM deletion process☆53Jan 18, 2020Updated 6 years ago
- SkyArk helps to discover, assess and secure the most privileged entities in Azure and AWS☆910Dec 17, 2024Updated last year
- ☆11Jan 24, 2023Updated 3 years ago
- ☆139Mar 29, 2023Updated 2 years ago
- Proof of concept incident response demo using SSM and AWS Fargate.☆14Dec 5, 2019Updated 6 years ago
- A simple file-based scanner to look for potential AWS access and secret keys in files☆95Mar 18, 2024Updated 2 years ago
- Collection of content discovery wordlists in one wordlist.☆38Jan 18, 2022Updated 4 years ago
- a parser + crawler for .DS_Store files exposed publically☆56Jun 6, 2023Updated 2 years ago
- Use Terraform to create your own vulnerable by design AWS IAM privilege escalation playground.☆553Mar 12, 2026Updated last week
- WeirdAAL (AWS Attack Library)☆838Jan 13, 2025Updated last year
- Search exposed EBS volumes for secrets☆302Apr 24, 2023Updated 2 years ago
- Cloud Security Suite - One stop tool for auditing the security posture of AWS/GCP/Azure infrastructure.☆1,167Dec 8, 2022Updated 3 years ago
- ElectricEye is a multi-cloud, multi-SaaS Python CLI tool for Asset Management, Security Posture Management & Attack Surface Monitoring su…☆1,035Feb 9, 2026Updated last month
- List of all the Publicly disclosed vulnerabilities of Public Cloud Provider like Amazon Web Services (AWS), Microsoft Azure, Google Cloud…☆372May 4, 2023Updated 2 years ago
- A step by step workshop to exploit various vulnerabilities in Node.js and Java applications☆156Mar 17, 2024Updated 2 years ago
- The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.☆5,097Updated this week