A step-by-step walkthrough of CloudGoat 2.0 scenarios.
☆135Apr 28, 2020Updated 5 years ago
Alternatives and similar repositories for attacking-cloudgoat2
Users that are interested in attacking-cloudgoat2 are comparing it to the libraries listed below
Sorting:
- Course content, lab setup instructions and documentation of our very popular Breaking and Pwning Apps and Servers on AWS and Azure hands …☆950Nov 26, 2022Updated 3 years ago
- DEF CON 26 Workshop - Attacking & Auditing Docker Containers Using Open Source☆109Nov 18, 2019Updated 6 years ago
- Damn Vulnerable Cloud Application☆208Sep 12, 2018Updated 7 years ago
- A tool for standing up (and tearing down!) purposefully insecure cloud infrastructure☆753Oct 14, 2023Updated 2 years ago
- Some of my public exploits☆52Sep 15, 2020Updated 5 years ago
- Automated Attack Simulation in the Cloud, complete with detection use cases.☆606Nov 28, 2024Updated last year
- CloudGoat is Rhino Security Labs' "Vulnerable by Design" AWS deployment tool☆3,487Feb 12, 2026Updated 2 weeks ago
- Hacking Artifactory with server side template injection☆51Mar 12, 2020Updated 5 years ago
- An AWS Lambda vulnerable application written in flask.☆49Oct 9, 2017Updated 8 years ago
- OpenVPN Connect for Windows (MSI) - 3.1.0.361 - Privilege Escalation☆26Feb 28, 2020Updated 6 years ago
- This repository contains a collection of cheatsheets I have put together for tools related to pentesting organizations that leverage clou…☆2,803Sep 17, 2024Updated last year
- This repo contains workshop material delivered at #nullcon2020☆16Mar 6, 2020Updated 5 years ago
- Small POC in powershell exploiting hardlinks during the VM deletion process☆53Jan 18, 2020Updated 6 years ago
- A step by step workshop to exploit various vulnerabilities in Node.js and Java applications☆156Mar 17, 2024Updated last year
- Manticore Adversary Emulation Cli☆47Aug 4, 2020Updated 5 years ago
- Cloud Container Attack Tool (CCAT) is a tool for testing security of container environments.☆646Nov 21, 2019Updated 6 years ago
- Assess certain AWS network configurations☆12Aug 22, 2018Updated 7 years ago
- Repo to hold the markdown-ified metadata on AppSec tools that are automation-friendly☆12Jun 13, 2016Updated 9 years ago
- ☆11Jan 24, 2023Updated 3 years ago
- ☆11Mar 19, 2019Updated 6 years ago
- ☆12Mar 31, 2021Updated 4 years ago
- wordlists for password cracking☆29Aug 15, 2022Updated 3 years ago
- CVE-2019-12949☆26Jun 28, 2019Updated 6 years ago
- This application is developed to test the race condition vulnerability in the web application. We have discussed about this vulnerability…☆14Oct 1, 2016Updated 9 years ago
- Collection of different exploitation scenarios of JWT.☆21Jul 23, 2021Updated 4 years ago
- SkyArk helps to discover, assess and secure the most privileged entities in Azure and AWS☆906Dec 17, 2024Updated last year
- gtfo, now with the speed of golang☆62Jun 8, 2020Updated 5 years ago
- This repository contains all the material from the talk "Practical recon techniques for bug hunters & pentesters" given at Bugcrowd Level…☆62Jan 24, 2019Updated 7 years ago
- Use Terraform to create your own vulnerable by design AWS IAM privilege escalation playground.☆550Sep 11, 2025Updated 5 months ago
- Yet Another Sniffer for monitoring network traffic☆84Jun 12, 2021Updated 4 years ago
- ☆21Nov 13, 2019Updated 6 years ago
- ☆139Mar 29, 2023Updated 2 years ago
- CTF Writeups☆12Feb 25, 2023Updated 3 years ago
- Open Redirect Vulnerability Payload List☆10Feb 23, 2021Updated 5 years ago
- Essential tool for finding blind injection attacks.☆50Feb 6, 2019Updated 7 years ago
- [A]ndroid [A]pplication [P]entest [G]uide☆123Oct 10, 2019Updated 6 years ago
- Search exposed EBS volumes for secrets☆302Apr 24, 2023Updated 2 years ago
- A golang utility to spider through a website searching for additional links.☆343Nov 7, 2020Updated 5 years ago
- WeirdAAL (AWS Attack Library)☆837Jan 13, 2025Updated last year