Blogpost series showcasing interesting cloud - web app security bugs
☆74May 27, 2026Updated last month
Alternatives and similar repositories for cloudsec-tidbits
Users that are interested in cloudsec-tidbits are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- A Simple CVE-2022-39299 PoC exploit generator to bypass authentication in SAML SSO Integrations using vulnerable versions of passport-sam…☆19Feb 8, 2023Updated 3 years ago
- PESD (Proxy Enriched Sequence Diagrams) Exporter converts Burp Suite's proxy traffic into interactive diagrams☆111Jan 30, 2025Updated last year
- Go module that returns supported regions for a service or supported services for a region☆17Dec 12, 2025Updated 6 months ago
- serverless url-shortener☆12Aug 25, 2024Updated last year
- PoC's and Slides from 'Gophers, whales and.. clouds? Oh my!' BSides Wellington presentation by Glenn 'devalias' Grant☆17Mar 3, 2018Updated 8 years ago
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- Proof-of-Concept to evade auditd by writing /proc/PID/mem☆25Aug 21, 2023Updated 2 years ago
- An Evil OIDC Server☆53Oct 19, 2022Updated 3 years ago
- POC tool to create signed AWS API GET requests to bypass Guard Duty alerting of off-instance credential use via SSRF☆59Sep 20, 2023Updated 2 years ago
- Holds the public Hacking the Cloud CTFs.☆64Feb 28, 2024Updated 2 years ago
- Determine privileges from cloud credentials via brute-force testing.☆69Aug 22, 2024Updated last year
- ☆31Oct 28, 2024Updated last year
- Exploit for CVE-2024-4883☆11Jul 8, 2024Updated last year
- Dockerfile for AFL++ and helpful other tools☆21May 5, 2020Updated 6 years ago
- Automated Cloud Misconfiguration Testing☆26Jun 20, 2025Updated last year
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- A Python implementation of dafthack's MSOLSpray. A password spraying tool for Microsoft Online accounts (Azure/O365). The script logs if …☆95Jun 6, 2024Updated 2 years ago
- Takes a software bill of materials and outputs provenance, and activity data from trustypkg.dev☆11May 19, 2025Updated last year
- Unauthenticated enumeration of AWS, Azure, and GCP Principals☆292Jun 10, 2026Updated 3 weeks ago
- Access Undenied parses AWS AccessDenied CloudTrail events, explains the reasons for them, and offers actionable remediation steps. Open-s…☆272Apr 13, 2026Updated 2 months ago
- Semgrep-based Policy Controller for Kubernetes☆47Apr 4, 2025Updated last year
- Hide from the InstanceCredentialExfiltration GuardDuty finding by using VPC Endpoints☆121Jul 13, 2025Updated 11 months ago
- TrailAlerts is a AWS-native, serverless cloud-detection tool that lets you define simple rules as code and get rich alerts about events i…☆52May 2, 2026Updated 2 months ago
- NIST Cybersecurity Framework (CSF) Profile Assessment Tool - Track controls, assign ownership, document findings, score security states, …☆42Jun 23, 2026Updated last week
- Azure Offensive Library☆17May 9, 2026Updated last month
- Simple, predictable pricing with DigitalOcean hosting • AdAlways know what you'll pay with monthly caps and flat pricing. Enterprise-grade infrastructure trusted by 600k+ customers.
- Reconstruct javascript from a sourcemap in bash☆39Nov 23, 2021Updated 4 years ago
- ☆92Apr 29, 2024Updated 2 years ago
- A Server Side Request Forgery (SSRF) protection library. Made with 🖤 by Doyensec LLC.☆112Jun 11, 2026Updated 3 weeks ago
- A web server designed to shut off on command to exploit DNS rebinding in Chromium-based browsers☆19Jun 9, 2023Updated 3 years ago
- Windows Privesc Check☆20May 20, 2014Updated 12 years ago
- Create your own vulnerable by design AWS penetration testing playground☆457May 1, 2026Updated 2 months ago
- Threat model for Amazon S3 - Library of all the attack scenarios on Amazon S3, and how to mitigate them following a risk-based approach☆165Jun 24, 2026Updated last week
- Uses InstallUtil.exe to load a compatible executable from a network share.☆12Mar 8, 2016Updated 10 years ago
- Use Terraform to create your own vulnerable by design AWS IAM privilege escalation playground.☆573Mar 12, 2026Updated 3 months ago
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- ☆28Dec 28, 2017Updated 8 years ago
- PoC: process watcher patterns to make killing a process hard.☆11Aug 1, 2018Updated 7 years ago
- Review of AWAE.OSWE☆32Mar 12, 2022Updated 4 years ago
- ☆12Apr 21, 2020Updated 6 years ago
- Teaching resources (OER) for Operating Systems☆12Apr 7, 2026Updated 2 months ago
- Driver Attack Platform for Linux☆18Mar 2, 2023Updated 3 years ago
- This lab is created to demonstrate pass-the-hash, blind sql and SSTI vulnerabilities☆94Jun 11, 2023Updated 3 years ago