heroku / bheu19-attacking-cloud-builds

Related projects: ⓘ

• antitree / cmd_and_kubectl_demos
  ☆27Updated 2 months ago
• alexivkin / kubepwn
  Kubernetes Pwnage for all
  ☆54Updated 3 years ago
• allisonis / gcp-iam-sentinel-examples
  ☆28Updated 4 years ago
• nccgroup / ConMachi
  Container Blackbox Security Auditing Tool: enumerates security configuration from within the target container
  ☆84Updated 5 years ago
• cedowens / aws-cli-notes
  A combined list of helpful awscli commands from Scott Piper's flaws.cloud exercise as well as from Beau Bullock's Breaching the Cloud Tra…
  ☆18Updated 3 years ago
• abhisek / supply-chain-security-gateway
  Reference architecture and proof of concept implementation for supply chain security gateway
  ☆23Updated last year
• nccgroup / s3_objects_check
  Whitebox evaluation of effective S3 object permissions, to identify publicly accessible files.
  ☆74Updated 2 years ago
• cedowens / aws_key_triage_tool
  ☆18Updated this week
• we45 / Serverless-Workshop
  Serverless Workshop
  ☆16Updated last year
• andresriancho / vpc-vpn-pivot
  Pivot into private VPC networks using a VPN connection
  ☆40Updated 4 years ago
• HBOCodeLabs / gimme-aws-creds
  A CLI that utilizes Okta IdP via SAML to acquire temporary AWS credentials
  ☆10Updated 3 years ago
• NetSPI / AWSSigner
  Burp Extension for AWS Signing
  ☆85Updated 3 months ago
• twistlock / lambda-persistency-poc
  PoC for gaining persistency on vulnerable Lambdas
  ☆30Updated 3 years ago
• NotSoSecure / cloud-sec-wiki
  Jekyll Files for cloudsecwiki.com
  ☆49Updated 3 years ago
• omerlh / zap-operator
  ☆21Updated 4 years ago
• lanmaster53 / cef
  Proof-of-concept CORS exploitation tool.
  ☆34Updated 5 years ago
• steeve85 / tfviz
  Visualize your Terraform files
  ☆34Updated 4 years ago
• AnubisSec / GroovyWaiter
  ☆17Updated 2 years ago
• ncc-erik-steringer / Aerides
  An implementation of infrastructure-as-code scanning using dynamic tooling.
  ☆56Updated 2 years ago
• RhinoSecurityLabs / Presentations
  A collection of slides, videos, and proof-of-concept scripts from various Rhino presentations.
  ☆37Updated 6 years ago
• ttarvis / glasgo
  A Security Scanner for Go
  ☆26Updated 5 years ago
• nixwizard / kube-alien
  ☆25Updated 3 years ago
• Frichetten / aws_stealth_perm_enum
  Research on the enumeration of IAM permissions without logging to CloudTrail
  ☆60Updated 3 years ago
• sebastian-mora / awsssome_phish
  AWS SSO serverless phishing API.
  ☆29Updated 3 years ago
• OWASP / kstg
  Kubernetes Security Testing Guide
  ☆26Updated 4 months ago
• OpenCSPM / opencspm-darkbit-community-controls
  OpenCSPM Community Controls
  ☆14Updated 3 years ago
• cloud-sniper / dagobah
  ☆15Updated this week
• dxa4481 / AttackingAndDefendingTheGCPMetadataAPI
  This repo gives an overview of some GCP metadata API attack and defend patterns
  ☆76Updated 4 years ago
• darryk10 / CVE-2021-25735
  Exploit CVE-2021-25735: Kubernetes Validating Admission Webhook Bypass
  ☆18Updated 3 years ago
• lightspin-tech / red-detector
  Scan your EC2 instance to find its vulnerabilities using Vuls (https://vuls.io/en/)
  ☆87Updated last year