dxa4481 / gcploit
These are tools we released with our 2020 defcon/blackhat talk https://www.youtube.com/watch?v=Ml09R38jpok
☆173Updated 2 months ago
Alternatives and similar repositories for gcploit:
Users that are interested in gcploit are comparing it to the libraries listed below
- A Docker container for remote penetration testing.☆135Updated 4 years ago
- ☆136Updated 2 years ago
- This repo gives an overview of some GCP metadata API attack and defend patterns☆76Updated 5 years ago
- A step-by-step walkthrough of CloudGoat 2.0 scenarios.☆134Updated 4 years ago
- IAMFinder enumerates and finds users and IAM roles in a target AWS account.☆111Updated 4 years ago
- Dorothy is a tool to test security monitoring and detection for Okta environments☆181Updated 8 months ago
- ☆23Updated last year
- Search exposed EBS volumes for secrets☆297Updated 2 years ago
- Adversary Simulators High-Fidelity Intelligence and Reporting Toolkit☆164Updated last week
- Recon tool for cloud provider attribution. Supports AWS, Azure, Google, Cloudflare, and Digital Ocean.☆166Updated 5 months ago
- Scans Slack for API tokens, credentials, passwords, and more using YARA rules☆38Updated 4 years ago
- 🖇️ STRIDE vs. ASVS equivalence table☆76Updated 8 months ago
- ☆28Updated 4 years ago
- Research on the enumeration of IAM permissions without logging to CloudTrail☆61Updated 3 years ago
- Presentations, training modules, and other education materials from Duo Security's Application Security team.☆73Updated 3 years ago
- A tool that implements the Golden SAML attack☆337Updated 6 years ago
- Remote Memory Acquisition Tool☆245Updated 4 years ago
- A MITRE ATT&CK Navigator export for AWS GuardDuty Findings☆137Updated 3 years ago
- Playing around with Stratus Red Team (Cloud Attack simulation tool) and SumoLogic☆292Updated 2 years ago
- Whitebox evaluation of effective S3 object permissions, to identify publicly accessible files.☆76Updated 3 years ago
- A collection of GCP IAM privilege escalation methods documented by the Rhino Security Labs team.☆380Updated last year
- CONVEX is a group of CTFs that are independently deployable into participant Azure environments.☆139Updated 2 years ago
- Tools for AWS forensics☆63Updated 9 years ago
- Cloud-related research releases from the Rhino Security Labs team.☆384Updated 5 years ago
- Script samples from the book Pentesting Azure Applications (2018, No Starch Press)☆87Updated 6 years ago
- A simple file-based scanner to look for potential AWS access and secret keys in files☆91Updated last year
- Hide from the InstanceCredentialExfiltration GuardDuty finding by using VPC Endpoints☆114Updated last year
- Google Cloud Platform Security Tool☆234Updated 5 years ago
- ☆20Updated 4 years ago
- A Command-line tool which leverages the Tenable.io API to reduce the time it takes to get information that is common during remediation o…☆75Updated 3 weeks ago