lightspin-tech / lightspin-2022-top-7-attack-pathsLinks
Based on Lightspin proprietary data, research, and our tracking of cloud security trends in the market, our research team has compiled a list of the 2022 Top 7 Cloud Attack Paths across AWS, Azure, GCP, and Kubernetes as seen on the Lightspin Cloud Native Application Protection Platform.
☆40Updated 2 years ago
Alternatives and similar repositories for lightspin-2022-top-7-attack-paths
Users that are interested in lightspin-2022-top-7-attack-paths are comparing it to the libraries listed below
Sorting:
- Executes commands in a container on a kubelet endpoint that allows anonymous authentication (default)☆113Updated 6 years ago
- POC for CVE-2022-23648☆36Updated 3 years ago
- Determine privileges from cloud credentials via brute-force testing.☆69Updated 10 months ago
- Post-exploit a compromised etcd, gain persistence and remote shell to nodes.☆80Updated last year
- Tool to spray AWS Console IAM Logins☆29Updated 3 years ago
- Konstellation is a configuration-driven CLI tool to enumerate cloud resources and store the data into Neo4j.☆23Updated last year
- go-atomicredteam is a Golang application to execute tests as defined in the atomics folder of Red Canary's Atomic Red Team project (https…☆49Updated 2 years ago
- Simple tool to decrypt Jenkins encrypted strings☆76Updated 2 years ago
- A toolset to juggle AWS roles for persistent access☆57Updated 10 months ago
- Container Excape PoC for CVE-2022-0847 "DirtyPipe"☆78Updated 3 years ago
- ☆127Updated 11 months ago
- Kerberos laboratory to better understand and then detecting attack on kerberos☆70Updated 4 years ago
- A fingerprint generation helper for nuclei network templates☆73Updated 2 years ago
- ☆22Updated 2 years ago
- WAF bypass PoC☆48Updated last year
- 🌐 Visualize and explore IaC ✒️ Create and share notes in VS Code 🤝 Sync notes and findings in real-time with friends☆73Updated last year
- Research on various techniques to bypass default falco ruleset (based on falco v0.28.1).☆81Updated last year
- ☆45Updated 7 months ago
- This tool implements a cloud version of the Shadow Copy attack against domain controllers running in AWS using only the EC2:CreateSnapsho…☆120Updated 5 years ago
- Mimicry is a dynamic deception tool that actively deceives an attacker during exploitation and post-exploitation.☆56Updated 2 years ago
- A small POC of using Azure Functions to relay communications. Feel free to add additional functionality beyond this POC!☆76Updated 2 years ago
- This is a Poc for BIGIP iControl unauth RCE☆51Updated 4 years ago
- An extension to use Semgrep inside Burp Suite.☆89Updated last month
- ☆43Updated 2 years ago
- MacOS C2 Framework☆84Updated 3 years ago
- Exploit for CVE-2021-25741 vulnerability☆28Updated 3 years ago
- Jekyll Files for cloudsecwiki.com☆50Updated 3 years ago
- Lightspin AWS IAM Vulnerability Scanner☆96Updated 4 years ago
- Utility for downloading and mounting EBS snapshots using the EBS Direct API's☆86Updated 3 months ago
- Scan your EC2 instance to find its vulnerabilities using Vuls (https://vuls.io/en/)☆88Updated 2 years ago