dxa4481 / AttackingAndDefendingTheGCPMetadataAPILinks
This repo gives an overview of some GCP metadata API attack and defend patterns
☆76Updated 5 years ago
Alternatives and similar repositories for AttackingAndDefendingTheGCPMetadataAPI
Users that are interested in AttackingAndDefendingTheGCPMetadataAPI are comparing it to the libraries listed below
Sorting:
- ReconJSON is a project dedicated to creating a flexible and consistent JSON format across popular recon tools.☆102Updated 6 years ago
- Proof-of-concept CORS exploitation tool.☆35Updated 5 years ago
- Whitebox evaluation of effective S3 object permissions, to identify publicly accessible files.☆76Updated 3 years ago
- Manual JavaScript Linting is a Bug☆49Updated 4 years ago
- Corsair_scan is a security tool to test Cross-Origin Resource Sharing (CORS).☆122Updated 2 years ago
- Fetch known urls from AlienVault's Open Threat Exchange for given hosts☆62Updated 5 years ago
- Burp Extension for AWS Signing☆88Updated 4 months ago
- A tool for automatically gathering sensitive information from exposed Jenkins servers☆103Updated 2 years ago
- This repository contains all the material from the talk "Practical recon techniques for bug hunters & pentesters" given at Bugcrowd Level…☆60Updated 6 years ago
- A penetration testing tool to enumerate and analyse Amazon S3 Buckets owned by a domain.☆113Updated 6 years ago
- Jekyll Files for cloudsecwiki.com☆50Updated 3 years ago
- Repository for all the workshop content delivered at nullcon X on 1st of March 2019☆81Updated 6 years ago
- A horizontal and vertical web content enumerator☆52Updated 6 years ago
- A repository for GraphQL Extension for Burp Suite☆57Updated 6 years ago
- Burp with Friends☆103Updated 2 years ago
- All-in-one AWS S3 bucket tool for pentesters.☆73Updated 6 years ago
- This is a set of tips and reminders for pentesting processes and scripts/programs. Initially for personal use, but if anyone else finds t…☆52Updated 5 years ago
- Application and Service Fingerprinting☆133Updated 2 years ago
- AWS Security Checks☆39Updated 7 years ago
- Burp Suite Importer - Connect to multiple web servers while populating the sitemap.☆48Updated 5 years ago
- OAuth Security Cheatsheet☆40Updated 11 years ago
- These are tools we released with our 2020 defcon/blackhat talk https://www.youtube.com/watch?v=Ml09R38jpok☆173Updated 3 months ago
- Container Blackbox Security Auditing Tool: enumerates security configuration from within the target container☆106Updated 6 years ago
- A tool to enumerate S3 buckets manually or via certstream☆82Updated 2 years ago
- A colorful cross-platform python script to test misconfigurations of AWS S3 buckets both through authenticated and unauthenticated checks…☆39Updated 4 years ago
- A central place to keep track of relevant BountyMachine talks, blogs, and interesting things!☆33Updated 6 years ago
- Serverless Workshop☆16Updated 2 years ago
- S3 bucket enumerator☆44Updated 7 years ago
- Ruby command-line interface to Burp Suite's REST API☆59Updated 5 years ago
- Endpoint for Out-of-Band Exfiltration (DNS & HTTP)☆92Updated 6 years ago