domain-protect / domain-protect-gcpLinks
Protect against subdomain takeover
☆94Updated 2 months ago
Alternatives and similar repositories for domain-protect-gcp
Users that are interested in domain-protect-gcp are comparing it to the libraries listed below
Sorting:
- Tools that checks for misconfigured access to Github OIDC from AWS roles and GCP service accounts☆61Updated 2 years ago
- ☆113Updated 2 years ago
- ☆190Updated 5 months ago
- Clean accounts over permissions in GCP infra at scale☆71Updated 2 years ago
- ☆39Updated last year
- This terraform provider can be used to get remote code execution by injecting a dummy resource in a writeable state file.☆57Updated 8 months ago
- Script to audit GitHub Action Workflow files for potential vulnerabilities.☆156Updated last year
- Compares and analyzes GCP IAM roles.☆77Updated 6 months ago
- A tool to uncover undocumented APIs from the AWS Console.☆114Updated 5 months ago
- Simple Command Line Tool to Enumerate Slack Workspace Names from Slack Webhook URLs.☆42Updated last year
- A tool for scanning public or private AMIs for sensitive files and secrets. The tool follows the research made on AWS CloudQuarry where w…☆109Updated 10 months ago
- Unauthenticated enumeration of AWS IAM Roles.☆25Updated 3 weeks ago
- A simple script which implements different Cognito attacks such as Account Oracle or Priviledge Escalation☆108Updated last year
- ☆181Updated 5 months ago
- Semgrep-based Policy Controller for Kubernetes☆47Updated 5 months ago
- find dangling domains in a multi cloud environment☆170Updated this week
- boostsecurityio/lotp☆134Updated 5 months ago
- Eliminate dangling elastic IPs by performing analysis on your resources within all your AWS accounts.☆278Updated last year
- Vulnerable by Design AWS Cloud Development Kit (CDK) Infrastructure☆47Updated last year
- truffleproc — hunt secrets in process memory (TruffleHog & gdb mashup)☆119Updated 2 years ago
- Create notes during a security code review in VSCode 📝 Import your favorite SAST tool findings 🛠️ and collaborate with others 🤝☆137Updated 6 months ago
- Hide from the InstanceCredentialExfiltration GuardDuty finding by using VPC Endpoints☆122Updated 2 months ago
- Unauthenticated enumeration of AWS, Azure, and GCP Principals☆244Updated 10 months ago
- PEACH - a step-by-step framework for modeling and improving SaaS and PaaS tenant isolation, by managing the attack surface exposed by use…☆72Updated 2 years ago
- HashiCorp-relevant rules for the Semgrep code analysis tool☆41Updated 2 years ago
- sgCheckup generates nmap output based on scanning your AWS Security Groups for unexpected open ports.☆82Updated 4 years ago
- 🖇️ STRIDE vs. ASVS equivalence table☆77Updated last year
- PESD (Proxy Enriched Sequence Diagrams) Exporter converts Burp Suite's proxy traffic into interactive diagrams☆105Updated 8 months ago
- This application was built to help reduce the amount of time it takes to review AWS Lambda code.☆60Updated 10 months ago
- POC tool to create signed AWS API GET requests to bypass Guard Duty alerting of off-instance credential use via SSRF☆58Updated 2 years ago