Course content, lab setup instructions and documentation of our very popular Breaking and Pwning Apps and Servers on AWS and Azure hands on training!
☆950Nov 26, 2022Updated 3 years ago
Alternatives and similar repositories for breaking-and-pwning-apps-and-servers-aws-azure-training
Users that are interested in breaking-and-pwning-apps-and-servers-aws-azure-training are comparing it to the libraries listed below
Sorting:
- This repository contains a collection of cheatsheets I have put together for tools related to pentesting organizations that leverage clou…☆2,804Sep 17, 2024Updated last year
- A step-by-step walkthrough of CloudGoat 2.0 scenarios.☆136Apr 28, 2020Updated 5 years ago
- Repository for all the workshop content delivered at nullcon X on 1st of March 2019☆80Apr 4, 2019Updated 6 years ago
- Material for the training "Developing Burp Suite Extensions – From Manual Testing to Security Automation"☆356Oct 14, 2020Updated 5 years ago
- The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.☆5,088Feb 24, 2026Updated 2 weeks ago
- A centralized source of all AWS IAM privilege escalation methods released by Rhino Security Labs.☆924Jul 25, 2019Updated 6 years ago
- List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.☆9,414Oct 16, 2025Updated 4 months ago
- CloudGoat is Rhino Security Labs' "Vulnerable by Design" AWS deployment tool☆3,498Feb 12, 2026Updated last month
- Azure Red Team tool for graphing Azure and Azure Active Directory objects☆1,689Jan 8, 2024Updated 2 years ago
- ☆332Dec 8, 2022Updated 3 years ago
- A collection of scripts for assessing Microsoft Azure security☆2,313Oct 29, 2025Updated 4 months ago
- CollabOzark is a simple tool which helps the researchers track SSRF, RCE, Blind XSS, XXE, External Resource Access payloads triggers.☆136Sep 25, 2019Updated 6 years ago
- Applied Purple Teaming - (ITOCI4hr) - Infrastructure, Threat Optics, and Continuous Improvement - June 6, 2020☆323Jan 22, 2021Updated 5 years ago
- Lesser Known Web Attack Lab☆330Feb 7, 2020Updated 6 years ago
- Attack and defend active directory using modern post exploitation adversary tradecraft activity☆4,797Jul 29, 2025Updated 7 months ago
- Active Directory Assessment and Privilege Escalation Script☆1,131Dec 7, 2022Updated 3 years ago
- Automate the creation of a lab environment complete with security tooling and logging best practices☆4,917Jul 6, 2024Updated last year
- Wiki to collect Red Team infrastructure hardening resources☆4,454Oct 1, 2025Updated 5 months ago
- Multi-cloud OSINT tool. Enumerate public resources in AWS, Azure, and Google Cloud.☆2,034Jul 12, 2025Updated 8 months ago
- This repo contains workshop material delivered at #nullcon2020☆16Mar 6, 2020Updated 6 years ago
- A graph-based tool for visualizing effective access and resource relationships in AWS environments.☆998Oct 4, 2022Updated 3 years ago
- Automated Red Team Infrastructure deployement using Docker☆1,261Aug 24, 2022Updated 3 years ago
- Enumerate the permissions associated with AWS credential set☆1,224Feb 5, 2024Updated 2 years ago
- ☆139Mar 29, 2023Updated 2 years ago
- Extension for Burp Suite which uses AWS API Gateway to rotate your IP on every request.☆884Feb 23, 2026Updated 2 weeks ago
- SSRF (Server Side Request Forgery) testing resources☆2,484Oct 12, 2024Updated last year
- Cloud Security Suite - One stop tool for auditing the security posture of AWS/GCP/Azure infrastructure.☆1,167Dec 8, 2022Updated 3 years ago
- Cloud-related research releases from the Rhino Security Labs team.☆392Apr 23, 2020Updated 5 years ago
- Resources for our Active Directory security workshops☆141Sep 9, 2021Updated 4 years ago
- A collection of custom security tools for quick needs.☆3,285May 1, 2023Updated 2 years ago
- This repository will serve as the "master" repo containing all trainings and tutorials done in preperation for OSWE in conjunction with t…☆932Jan 6, 2025Updated last year
- Red Team's SIEM - tool for Red Teams used for tracking and alarming about Blue Team activities as well as better usability in long term o…☆2,624Dec 13, 2025Updated 3 months ago
- ☆2,319Dec 8, 2023Updated 2 years ago
- Python3 Burp History parsing tool to discover potential SQL injection points. To be used in tandem with SQLmap.☆471Nov 14, 2019Updated 6 years ago
- The dynamic infrastructure framework for everybody! Distribute the workload of many different scanning tools with ease, including nmap, f…☆4,356Sep 30, 2024Updated last year
- Various Payload wordlists☆240Apr 26, 2025Updated 10 months ago
- AWS API Gateway management tool for creating on the fly HTTP pass-through proxies for unique IP rotation☆2,219Apr 3, 2023Updated 2 years ago
- Cloud Container Attack Tool (CCAT) is a tool for testing security of container environments.☆645Nov 21, 2019Updated 6 years ago
- A Chrome Extension to track postMessage usage (url, domain and stack) both by logging using CORS and also visually as an extension-icon☆1,295Jan 26, 2024Updated 2 years ago