Alternatives and similar repositories for lightspin-2022-top-7-attack-paths:

Users that are interested in lightspin-2022-top-7-attack-paths are comparing it to the libraries listed below

• serain / kubelet-anon-rce
  Executes commands in a container on a kubelet endpoint that allows anonymous authentication (default)
  ☆112Updated 6 years ago
• nccgroup / kubetcd
  Post-exploit a compromised etcd, gain persistence and remote shell to nodes.
  ☆74Updated 11 months ago
• raesene / CVE-2022-23648-POC
  POC for CVE-2022-23648
  ☆36Updated 3 years ago
• DataDog / dirtypipe-container-breakout-poc
  Container Excape PoC for CVE-2022-0847 "DirtyPipe"
  ☆78Updated 3 years ago
• praetorian-inc / konstellation
  Konstellation is a configuration-driven CLI tool to enumerate cloud resources and store the data into Neo4j.
  ☆21Updated last year
• projectdiscovery / network-fingerprint
  A fingerprint generation helper for nuclei network templates
  ☆72Updated 2 years ago
• jschauma / check-springshell
  try to determine if a host is vulnerable to SpringShell CVE‐2022‐22965 and CVE‐2022‐22963
  ☆23Updated 3 years ago
• grines / scour
  ☆126Updated 9 months ago
• thesubtlety / go-decrypt-jenkins
  Simple tool to decrypt Jenkins encrypted strings
  ☆75Updated last year
• AbstractClass / CloudPrivs
  Determine privileges from cloud credentials via brute-force testing.
  ☆67Updated 8 months ago
• NotSoSecure / cloud-sec-wiki
  Jekyll Files for cloudsecwiki.com
  ☆50Updated 3 years ago
• WhiteOakSecurity / GoAWSConsoleSpray
  Tool to spray AWS Console IAM Logins
  ☆29Updated 2 years ago
• gand3lf / semgrepper
  An extension to use Semgrep inside Burp Suite.
  ☆88Updated last year
• chaitin / mimicry
  Mimicry is a dynamic deception tool that actively deceives an attacker during exploitation and post-exploitation.
  ☆54Updated last year
• Static-Flow / CloudCopy
  This tool implements a cloud version of the Shadow Copy attack against domain controllers running in AWS using only the EC2:CreateSnapsho…
  ☆120Updated 5 years ago
• cyware-labs / Threat-Response-Docker
  ☆43Updated 2 years ago
• ghostsecurity / waf-btk
  WAF bypass PoC
  ☆47Updated last year
• 0xbad53c / webshells
  My personal collection of webshells for educational purposes. Most are custom implementations/adaptations of stuff I found on the interne…
  ☆19Updated 11 months ago
• doyensec / cloudsec-tidbits
  Blogpost series showcasing interesting cloud - web app security bugs
  ☆47Updated last year
• ox-eye / Ox4Shell
  Deobfuscate Log4Shell payloads with ease.
  ☆161Updated 2 years ago
• blackberry / Falco-bypasses
  Research on various techniques to bypass default falco ruleset (based on falco v0.28.1).
  ☆81Updated last year
• RhinoSecurityLabs / dsnap
  Utility for downloading and mounting EBS snapshots using the EBS Direct API's
  ☆83Updated last month
• ofirc / ingress-nightmare
  A Terraform reproducer for IngressNightmare
  ☆24Updated 3 weeks ago
• Betep0k / CVE-2021-25741
  Exploit for CVE-2021-25741 vulnerability
  ☆28Updated 3 years ago
• xvnpw / k8s-CVE-2021-43557-poc
  PoC for CVE-2021-43557
  ☆21Updated 3 years ago
• RedTeamOperations / GoogleWorkspaceDirectoryDump
  ☆16Updated 2 years ago
• horizon3ai / CVE-2023-26067
  Lexmark CVE-2023-26067
  ☆25Updated last year
• lightspin-tech / red-shadow
  Lightspin AWS IAM Vulnerability Scanner
  ☆96Updated 4 years ago
• Haxel0rd / haxel0rds
  Some private tools i decided to release for public.
  ☆49Updated last year
• eremit4 / cs-discovery
  Detecting Cobalt Strike Team Servers on targets through traffic telemetry.
  ☆21Updated 8 months ago