lightspin-tech / lightspin-2022-top-7-attack-pathsLinks
Based on Lightspin proprietary data, research, and our tracking of cloud security trends in the market, our research team has compiled a list of the 2022 Top 7 Cloud Attack Paths across AWS, Azure, GCP, and Kubernetes as seen on the Lightspin Cloud Native Application Protection Platform.
☆40Updated 3 years ago
Alternatives and similar repositories for lightspin-2022-top-7-attack-paths
Users that are interested in lightspin-2022-top-7-attack-paths are comparing it to the libraries listed below
Sorting:
- Executes commands in a container on a kubelet endpoint that allows anonymous authentication (default)☆113Updated 6 years ago
- Container Excape PoC for CVE-2022-0847 "DirtyPipe"☆78Updated 3 years ago
- Post-exploit a compromised etcd, gain persistence and remote shell to nodes.☆86Updated last year
- Deobfuscate Log4Shell payloads with ease.☆164Updated 3 years ago
- POC for CVE-2022-23648☆37Updated 3 years ago
- Simple tool to decrypt Jenkins encrypted strings☆79Updated 2 years ago
- Source Code Management Attack Toolkit☆223Updated 3 years ago
- try to determine if a host is vulnerable to SpringShell CVE‐2022‐22965 and CVE‐2022‐22963☆23Updated 3 years ago
- A fingerprint generation helper for nuclei network templates☆74Updated 2 years ago
- This tool implements a cloud version of the Shadow Copy attack against domain controllers running in AWS using only the EC2:CreateSnapsho…☆122Updated 5 years ago
- ☆126Updated last year
- CloudRec is an open source multi-cloud security posture management (CSPM) platform designed to help organizations improve the security of…☆162Updated last week
- Intentionally Vulnerable to Spring4Shell☆52Updated 3 years ago
- go-atomicredteam is a Golang application to execute tests as defined in the atomics folder of Red Canary's Atomic Red Team project (https…☆49Updated 2 years ago
- Cloud Penetration Testing Toolkit☆105Updated 3 months ago
- Mimicry is a dynamic deception tool that actively deceives an attacker during exploitation and post-exploitation.☆57Updated 2 years ago
- ☆54Updated 4 years ago
- ☆86Updated 3 years ago
- PoC for CVE-2020-6207 (Missing Authentication Check in SAP Solution Manager)☆81Updated 4 years ago
- ☆17Updated 4 years ago
- Apache Flink 目录遍历漏洞批量检测 (CVE-2020-17519)☆48Updated 4 years ago
- Tool to spray AWS Console IAM Logins☆34Updated 3 years ago
- This is a Poc for BIGIP iControl unauth RCE☆51Updated 4 years ago
- Kubernetes POC for utilizing write mount to /var/log for getting a root on the host☆98Updated 4 years ago
- Red Team Tools for Emulated Adversary Techniques with MITRE ATT&CK☆31Updated 5 years ago
- MacOS C2 Framework☆85Updated 4 years ago
- ☆71Updated 4 years ago
- An extension to use Semgrep inside Burp Suite.☆89Updated 5 months ago
- Malicious actors often reuse code to deploy their malware, phishing website or CNC server. As a result, similiaries can be found on URLs …☆75Updated 2 years ago
- Some private tools i decided to release for public.☆49Updated last year