ayushpriya10 / IMDShift
☆55Updated last year
Related projects: ⓘ
- IMDSPOOF is a cyber deception tool that spoofs the AWS IMDS service to return HoneyTokens that can be alerted on.☆91Updated 9 months ago
- POC tool to create signed AWS API GET requests to bypass Guard Duty alerting of off-instance credential use via SSRF☆57Updated 11 months ago
- ☆39Updated 3 months ago
- Determine privileges from cloud credentials via brute-force testing.☆63Updated 3 weeks ago
- This application was built to help reduce the amount of time it takes to review AWS Lambda code.☆60Updated 3 months ago
- WAF bypass PoC☆43Updated 11 months ago
- Blogpost series showcasing interesting cloud - web app security bugs☆44Updated last year
- This tool analyzes a given Gitlab repository and searches for dangling or force-pushed commits containing potential secret or interesting…☆38Updated last month
- A tool to keep AWS pentests and red teams efficient, organized, and stealthy.☆88Updated 6 months ago
- GCP GOAT is the vulnerable application for learn the GCP Security☆61Updated 11 months ago
- ☆58Updated last year
- Simple Command Line Tool to Enumerate Slack Workspace Names from Slack Webhook URLs.☆38Updated 9 months ago
- AWS SSO serverless phishing API.☆29Updated 3 years ago
- An AWS metadata enumeration tool by Plerion☆72Updated 7 months ago
- ☆31Updated 2 months ago
- Independently deploy customized honeyservices in AWS to trigger alerts on unauthorized access. It utilizes a dedicated CloudTrail for pre…☆42Updated 4 months ago
- CloudScraper: Tool to enumerate targets in search of cloud resources. S3 Buckets, Azure Blobs, Digital Ocean Storage Space.☆28Updated 2 years ago
- A public cloud security knowledgebase - https://www.secwiki.cloud/☆48Updated 6 months ago
- Holds the public Hacking the Cloud CTFs.☆50Updated 6 months ago
- DeRF (Detection Replay Framework) is an "Attacks As A Service" framework, allowing the emulation of offensive techniques and generation o…☆82Updated 8 months ago
- A simple script which implements different Cognito attacks such as Account Oracle or Priviledge Escalation☆96Updated 7 months ago
- Public repository of all things cloud security.☆31Updated 3 weeks ago
- Enumerate AWS permissions and resources.☆62Updated 2 years ago
- moniorg is a tool that leverages crt.sh website to monitor domains of a target☆46Updated last year
- A GitHub Actions Supply Chain CTF / Goat☆16Updated 2 months ago
- A multi-cloud DNS record scanner that aims to help cybersecurity/IT analysts identify dangling CNAME records in their cloud DNS services …☆48Updated last year
- This repository hosts several snippets and file related to the BsidesLV 2024 talk about Shadow and Zombie APIs by me☆16Updated last month
- Hide from the InstanceCredentialExfiltration GuardDuty finding by using VPC Endpoints☆112Updated 11 months ago
- Awesome list for cloud security related projects☆70Updated last year
- HazProne is a Cloud Pentesting Framework that emulates close to Real-World Scenarios by deploying Vulnerable-By-Demand AWS resources enab…☆39Updated 2 years ago