Blogpost series showcasing interesting cloud - web app security bugs
☆67May 15, 2026Updated last week
Alternatives and similar repositories for cloudsec-tidbits
Users that are interested in cloudsec-tidbits are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- A Simple CVE-2022-39299 PoC exploit generator to bypass authentication in SAML SSO Integrations using vulnerable versions of passport-sam…☆19Feb 8, 2023Updated 3 years ago
- Hard fork of mcguinness/saml-idp; a local SAML Identity Provider (IdP) library to test SAML 2.0 Service Providers (SPs).☆11Oct 8, 2024Updated last year
- PESD (Proxy Enriched Sequence Diagrams) Exporter converts Burp Suite's proxy traffic into interactive diagrams☆109Jan 30, 2025Updated last year
- Go module that returns supported regions for a service or supported services for a region☆18Dec 12, 2025Updated 5 months ago
- serverless url-shortener☆12Aug 25, 2024Updated last year
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- PoC's and Slides from 'Gophers, whales and.. clouds? Oh my!' BSides Wellington presentation by Glenn 'devalias' Grant☆17Mar 3, 2018Updated 8 years ago
- Proof-of-Concept to evade auditd by writing /proc/PID/mem☆25Aug 21, 2023Updated 2 years ago
- An Evil OIDC Server☆53Oct 19, 2022Updated 3 years ago
- POC tool to create signed AWS API GET requests to bypass Guard Duty alerting of off-instance credential use via SSRF☆59Sep 20, 2023Updated 2 years ago
- Holds the public Hacking the Cloud CTFs.☆64Feb 28, 2024Updated 2 years ago
- Determine privileges from cloud credentials via brute-force testing.☆69Aug 22, 2024Updated last year
- ☆31Oct 28, 2024Updated last year
- Exploit for CVE-2024-4883☆11Jul 8, 2024Updated last year
- Dockerfile for AFL++ and helpful other tools☆21May 5, 2020Updated 6 years ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- Some payloads of JNDI Injection in JDK 1.8.0_191+☆10Mar 24, 2020Updated 6 years ago
- Autonomous AI C2☆33Jul 23, 2024Updated last year
- Takes a software bill of materials and outputs provenance, and activity data from trustypkg.dev☆10May 19, 2025Updated last year
- Unauthenticated enumeration of AWS, Azure, and GCP Principals☆289Nov 27, 2025Updated 5 months ago
- A prompt-based pipeline for finding, validating, and proving vulnerabilities using LLM sub-agents.☆83Mar 27, 2026Updated last month
- Access Undenied parses AWS AccessDenied CloudTrail events, explains the reasons for them, and offers actionable remediation steps. Open-s…☆270Apr 13, 2026Updated last month
- Semgrep-based Policy Controller for Kubernetes☆47Apr 4, 2025Updated last year
- TrailAlerts is a AWS-native, serverless cloud-detection tool that lets you define simple rules as code and get rich alerts about events i…☆52May 2, 2026Updated 2 weeks ago
- Dependency Confusion Security Testing Tool☆50Jul 21, 2022Updated 3 years ago
- Serverless GPU API endpoints on Runpod - Get Bonus Credits • AdSkip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
- Azure Offensive Library☆17May 9, 2026Updated last week
- Reconstruct javascript from a sourcemap in bash☆39Nov 23, 2021Updated 4 years ago
- ☆92Apr 29, 2024Updated 2 years ago
- A Server Side Request Forgery (SSRF) protection library. Made with 🖤 by Doyensec LLC.☆111Jun 4, 2025Updated 11 months ago
- A web server designed to shut off on command to exploit DNS rebinding in Chromium-based browsers☆19Jun 9, 2023Updated 2 years ago
- Create your own vulnerable by design AWS penetration testing playground☆446May 1, 2026Updated 3 weeks ago
- Use Terraform to create your own vulnerable by design AWS IAM privilege escalation playground.☆569Mar 12, 2026Updated 2 months ago
- Windows Privesc Check☆20May 20, 2014Updated 12 years ago
- Threat model for Amazon S3 - Library of all the attack scenarios on Amazon S3, and how to mitigate them following a risk-based approach☆162Apr 15, 2026Updated last month
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- Uses InstallUtil.exe to load a compatible executable from a network share.☆12Mar 8, 2016Updated 10 years ago
- An open project to list all publicly known cloud vulnerabilities and CSP security issues☆393May 10, 2026Updated last week
- ☆28Dec 28, 2017Updated 8 years ago
- PoC: process watcher patterns to make killing a process hard.☆11Aug 1, 2018Updated 7 years ago
- Review of AWAE.OSWE☆32Mar 12, 2022Updated 4 years ago
- ☆12Apr 21, 2020Updated 6 years ago
- Teaching resources (OER) for Operating Systems☆12Apr 7, 2026Updated last month