dagrz / aws_pwn
A collection of AWS penetration testing junk
☆1,162Updated last year
Related projects: ⓘ
- WeirdAAL (AWS Attack Library)☆773Updated last year
- A centralized source of all AWS IAM privilege escalation methods released by Rhino Security Labs.☆892Updated 5 years ago
- Exploits written by the Rhino Security Labs team☆1,053Updated 3 years ago
- Security Tool to Look For Interesting Files in S3 Buckets☆1,354Updated 5 months ago
- Tools for fingerprinting and exploiting Amazon cloud infrastructures☆442Updated last year
- Security auditing tool for AWS environments☆1,727Updated 5 years ago
- ☆667Updated this week
- for AWS Security material☆245Updated 2 years ago
- Fetch all public IP addresses tied to your AWS account. Works with IPv4/IPv6, Classic/VPC networking, and across all AWS services☆630Updated 3 years ago
- A graph-based tool for visualizing effective access and resource relationships in AWS environments.☆905Updated last year
- A tool for standing up (and tearing down!) purposefully insecure cloud infrastructure☆644Updated 11 months ago
- Cloud-related research releases from the Rhino Security Labs team.☆350Updated 4 years ago
- barq: The AWS Cloud Post Exploitation framework!☆385Updated last year
- A tool for quickly evaluating IAM permissions in AWS.☆1,406Updated last month
- Cloud Security Suite - One stop tool for auditing the security posture of AWS/GCP/Azure infrastructure.☆1,138Updated last year
- Enumerate the permissions associated with AWS credential set☆1,073Updated 7 months ago
- A tool to capture all the git secrets by leveraging multiple open source git searching tools☆1,103Updated 5 years ago
- A tool for identifying misconfigured CloudFront domains☆342Updated 4 years ago
- Collection of scripts and resources for DevSecOps and Automated Incident Response Security☆612Updated 3 years ago
- a Damn Vulnerable Serverless Application☆532Updated last year
- The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.☆4,306Updated last month
- CloudTracker helps you find over-privileged IAM users and roles by comparing CloudTrail logs with current IAM policies.☆885Updated 2 years ago
- Python installable command line utiltity for mitigation of host and key compromises.☆339Updated 3 years ago
- Cloud Container Attack Tool (CCAT) is a tool for testing security of container environments.☆583Updated 4 years ago
- AWS Auditing & Hardening Tool☆706Updated 4 years ago
- CloudGoat is Rhino Security Labs' "Vulnerable by Design" AWS deployment tool☆2,893Updated last week
- Scan for misconfigured S3 buckets across S3-compatible APIs!☆2,507Updated this week
- (DEPRECATED) Diffy is a triage tool used during cloud-centric security incidents, to help digital forensics and incident response (DFIR)…☆633Updated 8 months ago
- AWS Serverless Security☆399Updated 2 years ago
- Find interesting Amazon S3 Buckets by watching certificate transparency logs.☆1,744Updated last year