jordanpotti / guardduty-opsec
Opsec considerations for each AWS GuardDuty finding type.
☆22Updated 3 years ago
Related projects: ⓘ
- Whitebox evaluation of effective S3 object permissions, to identify publicly accessible files.☆74Updated 2 years ago
- ☆133Updated last year
- An AWS Pentesting tool that lets you use one-liner commands to backdoor an AWS account's resources with a rogue AWS account - or share th…☆9Updated 3 years ago
- POC tool to create signed AWS API GET requests to bypass Guard Duty alerting of off-instance credential use via SSRF☆57Updated last year
- A combined list of helpful awscli commands from Scott Piper's flaws.cloud exercise as well as from Beau Bullock's Breaching the Cloud Tra…☆18Updated 3 years ago
- ☆58Updated last year
- ☆18Updated this week
- ☆15Updated 2 years ago
- Slackhound allows red and blue teams to perform fast reconnaissance on Slack workspaces/organizations to quickly search user profiles, lo…☆73Updated 7 months ago
- AWS SSO serverless phishing API.☆29Updated 3 years ago
- An AWS Lambda vulnerable application written in flask.☆48Updated 6 years ago
- Collection of Slides From My Conference Talks☆20Updated last year
- GCP cloud security CTF☆41Updated 6 months ago
- Research on the enumeration of IAM permissions without logging to CloudTrail☆60Updated 3 years ago
- Determine privileges from cloud credentials via brute-force testing.☆63Updated 3 weeks ago
- PoC for gaining persistency on vulnerable Lambdas☆30Updated 3 years ago
- Next Generation Phishing Tool For Internal / Red Teams☆35Updated 5 years ago
- Projects for AWS ThreatHunting☆21Updated 3 years ago
- ☆97Updated 3 weeks ago
- List of Red Team Resources☆17Updated 4 years ago
- Scan your EC2 instance to find its vulnerabilities using Vuls (https://vuls.io/en/)☆87Updated last year
- This is a custom SSM agent which is sorta functional☆16Updated 3 years ago
- Ansible playbooks for instrumenting a Red Team environment with RedElk☆47Updated 3 years ago
- Terraform script to deploy AD-based environment on Azure☆41Updated last year
- ☆30Updated 4 years ago
- GCP GOAT is the vulnerable application for learn the GCP Security☆61Updated 11 months ago
- ☆125Updated 2 months ago
- Qemuno Framework☆23Updated 2 years ago
- Terraform resources for building HTTP, DNS, phishing, and mail server red team infrastructure☆93Updated 5 years ago
- A collection of Neo4j/BloodHound queries to collect interesting information.☆45Updated 2 years ago