Alternatives and similar repositories for guardduty-opsec

Users that are interested in guardduty-opsec are comparing it to the libraries listed below

• SygniaLabs / security-cloud-scout
  ☆137Updated 2 years ago
• nccgroup / s3_objects_check
  Whitebox evaluation of effective S3 object permissions, to identify publicly accessible files.
  ☆78Updated 3 years ago
• Frichetten / SneakyEndpoints
  Hide from the InstanceCredentialExfiltration GuardDuty finding by using VPC Endpoints
  ☆120Updated last month
• stephenbradshaw / aws_url_signer
  POC tool to create signed AWS API GET requests to bypass Guard Duty alerting of off-instance credential use via SSRF
  ☆58Updated last year
• dxa4481 / gcploit
  These are tools we released with our 2020 defcon/blackhat talk https://www.youtube.com/watch?v=Ml09R38jpok
  ☆172Updated 6 months ago
• Frichetten / aws_stealth_perm_enum
  Research on the enumeration of IAM permissions without logging to CloudTrail
  ☆61Updated 4 years ago
• appsecco / attacking-cloudgoat2
  A step-by-step walkthrough of CloudGoat 2.0 scenarios.
  ☆135Updated 5 years ago
• oldrho / ip2provider
  Resolves an IP address to the cloud provider it is hosted on
  ☆96Updated last week
• BojackThePillager / Slackhound
  Slackhound allows red and blue teams to perform fast reconnaissance on Slack workspaces/organizations to quickly search user profiles, lo…
  ☆82Updated 3 weeks ago
• iknowjason / edge
  Recon tool for cloud provider attribution. Supports AWS, Azure, Google, Cloudflare, and Digital Ocean.
  ☆172Updated 10 months ago
• prisma-cloud / IAMFinder
  IAMFinder enumerates and finds users and IAM roles in a target AWS account.
  ☆110Updated 4 years ago
• dsnezhkov / racketeer
  ☆69Updated 3 years ago
• mattrotlevi / lava
  Microsoft Azure Exploitation Framework
  ☆57Updated 4 years ago
• mburrough / pentestingazureapps
  Script samples from the book Pentesting Azure Applications (2018, No Starch Press)
  ☆88Updated 6 years ago
• iknowjason / AriaCloud
  A Docker container for remote penetration testing.
  ☆138Updated 4 years ago
• prevade / cloudjack
  Route53/CloudFront Vulnerability Assessment Utility
  ☆86Updated last year
• cedowens / aws-cli-notes
  A combined list of helpful awscli commands from Scott Piper's flaws.cloud exercise as well as from Beau Bullock's Breaching the Cloud Tra…
  ☆19Updated 4 years ago
• RhinoSecurityLabs / dsnap
  Utility for downloading and mounting EBS snapshots using the EBS Direct API's
  ☆86Updated 5 months ago
• grines / scour
  ☆127Updated last year
• schwartz1375 / Threat-Hunting-in-AWS
  ☆31Updated 3 years ago
• offensive-terraform / terraform-aws-ec2-instance-reverse-shell
  Offensive Terraform module which creates EC2 instance and reverse shell from an EC2 instance to attacker machine.
  ☆17Updated 4 years ago
• Rhynorater / Okta-Password-Sprayer
  This script is a multi-threaded Okta password sprayer.
  ☆72Updated last year
• blackbotsecurity / AWS-Attack
  AWSATT&CK adds MITRE ATT&CK context and additional logging capabilities to Rhino Security Labs's open-source AWS exploitation framework, …
  ☆45Updated 4 years ago
• netskopeoss / phish_oauth
  POC code to explore phishing attacks using OAuth 2.0 authorization flows, such as the device authorization grant.
  ☆35Updated 4 years ago
• Cyb3rWard0g / log4jshell-lab
  ☆70Updated last year
• talmaor / AzureADLateralMovement
  Lateral Movement graph for Azure Active Directory
  ☆124Updated 2 years ago
• torque59 / AWS-Vulnerable-Lambda
  An AWS Lambda vulnerable application written in flask.
  ☆49Updated 7 years ago
• jeffmcjunkin / endgame
  An AWS Pentesting tool that lets you use one-liner commands to backdoor an AWS account's resources with a rogue AWS account - or share th…
  ☆13Updated 4 years ago
• sebastian-mora / awsssome_phish
  AWS SSO serverless phishing API.
  ☆32Updated 4 years ago
• NicholasSpringer / thunder-ctf
  GCP cloud security CTF
  ☆47Updated 2 months ago