jordanpotti / guardduty-opsecLinks
Opsec considerations for each AWS GuardDuty finding type.
☆23Updated 4 years ago
Alternatives and similar repositories for guardduty-opsec
Users that are interested in guardduty-opsec are comparing it to the libraries listed below
Sorting:
- ☆137Updated 2 years ago
- Hide from the InstanceCredentialExfiltration GuardDuty finding by using VPC Endpoints☆119Updated 3 weeks ago
- IAMFinder enumerates and finds users and IAM roles in a target AWS account.☆111Updated 4 years ago
- Whitebox evaluation of effective S3 object permissions, to identify publicly accessible files.☆77Updated 3 years ago
- POC tool to create signed AWS API GET requests to bypass Guard Duty alerting of off-instance credential use via SSRF☆58Updated last year
- Route53/CloudFront Vulnerability Assessment Utility☆86Updated last year
- Research on the enumeration of IAM permissions without logging to CloudTrail☆61Updated 4 years ago
- Recon tool for cloud provider attribution. Supports AWS, Azure, Google, Cloudflare, and Digital Ocean.☆171Updated 9 months ago
- Script samples from the book Pentesting Azure Applications (2018, No Starch Press)☆87Updated 6 years ago
- Slackhound allows red and blue teams to perform fast reconnaissance on Slack workspaces/organizations to quickly search user profiles, lo…☆81Updated last year
- Utility for downloading and mounting EBS snapshots using the EBS Direct API's☆86Updated 4 months ago
- ☆69Updated 3 years ago
- A combined list of helpful awscli commands from Scott Piper's flaws.cloud exercise as well as from Beau Bullock's Breaching the Cloud Tra…☆19Updated 4 years ago
- ☆31Updated 2 years ago
- Resolves an IP address to the cloud provider it is hosted on☆96Updated this week
- ☆70Updated last year
- These are tools we released with our 2020 defcon/blackhat talk https://www.youtube.com/watch?v=Ml09R38jpok☆172Updated 5 months ago
- Collection of Slides From My Conference Talks☆20Updated 2 years ago
- Offensive Terraform module which creates EC2 instance and reverse shell from an EC2 instance to attacker machine.☆17Updated 4 years ago
- AWSATT&CK adds MITRE ATT&CK context and additional logging capabilities to Rhino Security Labs's open-source AWS exploitation framework, …☆45Updated 4 years ago
- A very simple lab to demo some Terraform, DSC, Inspec and Gitlab CI☆93Updated 2 years ago
- Scan your EC2 instance to find its vulnerabilities using Vuls (https://vuls.io/en/)☆89Updated 2 years ago
- POC code to explore phishing attacks using OAuth 2.0 authorization flows, such as the device authorization grant.☆35Updated 3 years ago
- GCP GOAT is the vulnerable application for learn the GCP Security☆64Updated 2 months ago
- Payload designed for targeting Jamf enrolled devices.☆38Updated 2 years ago
- An AWS Pentesting tool that lets you use one-liner commands to backdoor an AWS account's resources with a rogue AWS account - or share th…☆13Updated 4 years ago
- This script is a multi-threaded Okta password sprayer.☆72Updated last year
- Lateral Movement graph for Azure Active Directory☆123Updated 2 years ago
- AWS SSO serverless phishing API.☆32Updated 4 years ago
- Microsoft Azure Exploitation Framework☆57Updated 4 years ago