brompwnie / botb
A container analysis and exploitation tool for pentesters and engineers.
☆619Updated 11 months ago
Related projects: ⓘ
- Peirates - Kubernetes Penetration Testing tool☆1,206Updated last week
- Kubesploit is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in Golang, focused on containerized en…☆1,112Updated 2 months ago
- ☆230Updated last week
- Cloud Container Attack Tool (CCAT) is a tool for testing security of container environments.☆583Updated 4 years ago
- Cloud-related research releases from the Rhino Security Labs team.☆350Updated 4 years ago
- Kubernetes focused container assessment and context discovery tool for penetration testing☆427Updated 3 months ago
- Evaluate the RBAC permissions of Kubernetes identities through policies written in Rego☆331Updated 8 months ago
- The Swiss Army Container for Cloud Native Security. Container with all the list of useful tools/commands while hacking and securing Conta…☆260Updated last year
- A collection of manifests that will create pods with elevated privileges.☆580Updated 2 years ago
- A tool to scan Kubernetes cluster for risky permissions☆1,311Updated 2 months ago
- WeirdAAL (AWS Attack Library)☆773Updated last year
- Tool for auditing RBACs in Kubernetes☆212Updated 7 months ago
- A Microservices-based framework for the study of Network Security and Penetration Test techniques☆570Updated 11 months ago
- Imperva's customizable API attack tool takes an API specification as an input, generates and runs attacks that are based on it as an outp…☆451Updated last year
- Automated Attack Simulation in the Cloud, complete with detection use cases.☆470Updated 2 weeks ago
- Proof of concept code for Datadog Security Labs referenced exploits.☆417Updated 11 months ago
- Docker Enumeration, Escalation of Privileges and Container Escapes (DEEPCE)☆1,176Updated 3 months ago
- Cloudlist is a tool for listing Assets from multiple Cloud Providers.☆840Updated this week
- A tool for standing up (and tearing down!) purposefully insecure cloud infrastructure☆644Updated 11 months ago
- A tool to hunt for credentials in github wild AKA git*hunt☆291Updated last year
- ☆554Updated 3 years ago
- Find cloud assets that no one wants exposed 🔎 ☁️☆330Updated 4 years ago
- A script to enumerate Google Storage buckets, determine what access you have to them, and determine if they can be privilege escalated.☆476Updated last year
- Enumerate the permissions associated with AWS credential set☆1,073Updated 7 months ago
- A Blazing fast Security Auditing tool for Kubernetes☆985Updated 5 months ago
- Exploits written by the Rhino Security Labs team☆1,053Updated 3 years ago
- Tool to check for dependency confusion vulnerabilities in multiple package management systems☆684Updated last month
- ☆514Updated this week
- Checks whether Docker is deployed according to security best practices as defined in the CIS Docker Benchmark☆207Updated 5 months ago
- ChopChop is a CLI to help developers scanning endpoints and identifying exposition of sensitive services/files/folders.☆667Updated 11 months ago