jordanpotti / guardduty-opsecLinks
Opsec considerations for each AWS GuardDuty finding type.
☆24Updated 4 years ago
Alternatives and similar repositories for guardduty-opsec
Users that are interested in guardduty-opsec are comparing it to the libraries listed below
Sorting:
- ☆139Updated 2 years ago
- Hide from the InstanceCredentialExfiltration GuardDuty finding by using VPC Endpoints☆122Updated 2 months ago
- Slackhound allows red and blue teams to perform fast reconnaissance on Slack workspaces/organizations to quickly search user profiles, lo…☆83Updated last month
- POC tool to create signed AWS API GET requests to bypass Guard Duty alerting of off-instance credential use via SSRF☆58Updated 2 years ago
- Whitebox evaluation of effective S3 object permissions, to identify publicly accessible files.☆78Updated 3 years ago
- These are tools we released with our 2020 defcon/blackhat talk https://www.youtube.com/watch?v=Ml09R38jpok☆171Updated 7 months ago
- IAMFinder enumerates and finds users and IAM roles in a target AWS account.☆111Updated 4 years ago
- Resolves an IP address to the cloud provider it is hosted on☆97Updated this week
- Utility for downloading and mounting EBS snapshots using the EBS Direct API's☆86Updated 6 months ago
- POC code to explore phishing attacks using OAuth 2.0 authorization flows, such as the device authorization grant.☆35Updated 4 years ago
- Recon tool for cloud provider attribution. Supports AWS, Azure, Google, Cloudflare, and Digital Ocean.☆174Updated 10 months ago
- ☆69Updated 3 years ago
- Lateral Movement graph for Azure Active Directory☆124Updated 2 years ago
- Script samples from the book Pentesting Azure Applications (2018, No Starch Press)☆88Updated 6 years ago
- Microsoft Azure Exploitation Framework☆58Updated 4 years ago
- Collection of Slides From My Conference Talks☆20Updated 2 years ago
- Research on the enumeration of IAM permissions without logging to CloudTrail☆61Updated 4 years ago
- An AWS Pentesting tool that lets you use one-liner commands to backdoor an AWS account's resources with a rogue AWS account - or share th…☆13Updated 4 years ago
- A very simple lab to demo some Terraform, DSC, Inspec and Gitlab CI☆93Updated 2 years ago
- Payload designed for targeting Jamf enrolled devices.☆38Updated 2 years ago
- This script is a multi-threaded Okta password sprayer.☆72Updated last year
- A combined list of helpful awscli commands from Scott Piper's flaws.cloud exercise as well as from Beau Bullock's Breaching the Cloud Tra…☆19Updated 4 years ago
- ☆31Updated 3 years ago
- ☆60Updated 2 years ago
- ☆126Updated last year
- A Docker container for remote penetration testing.☆139Updated 4 years ago
- CONVEX is a group of CTFs that are independently deployable into participant Azure environments.☆140Updated 3 years ago
- A step-by-step walkthrough of CloudGoat 2.0 scenarios.☆135Updated 5 years ago
- ☆15Updated 3 years ago
- Adversary Simulators High-Fidelity Intelligence and Reporting Toolkit☆169Updated 2 weeks ago