Alternatives and similar repositories for lightspin-2022-top-7-attack-paths

Users that are interested in lightspin-2022-top-7-attack-paths are comparing it to the libraries listed below

• serain / kubelet-anon-rce
  Executes commands in a container on a kubelet endpoint that allows anonymous authentication (default)
  ☆112Updated 6 years ago
• nccgroup / kubetcd
  Post-exploit a compromised etcd, gain persistence and remote shell to nodes.
  ☆80Updated last year
• thesubtlety / go-decrypt-jenkins
  Simple tool to decrypt Jenkins encrypted strings
  ☆76Updated last year
• raesene / CVE-2022-23648-POC
  POC for CVE-2022-23648
  ☆36Updated 3 years ago
• NotSoSecure / cloud-sec-wiki
  Jekyll Files for cloudsecwiki.com
  ☆50Updated 3 years ago
• grines / scour
  ☆126Updated 10 months ago
• hotnops / AWSRoleJuggler
  A toolset to juggle AWS roles for persistent access
  ☆57Updated 9 months ago
• DataDog / dirtypipe-container-breakout-poc
  Container Excape PoC for CVE-2022-0847 "DirtyPipe"
  ☆78Updated 3 years ago
• cyware-labs / Threat-Response-Docker
  ☆43Updated 2 years ago
• ghostsecurity / waf-btk
  WAF bypass PoC
  ☆48Updated last year
• WhiteOakSecurity / GoAWSConsoleSpray
  Tool to spray AWS Console IAM Logins
  ☆29Updated 2 years ago
• AbstractClass / CloudPrivs
  Determine privileges from cloud credentials via brute-force testing.
  ☆69Updated 9 months ago
• carlospolop / Cloudtrail2IAM
  ☆21Updated 2 years ago
• lightspin-tech / red-detector
  Scan your EC2 instance to find its vulnerabilities using Vuls (https://vuls.io/en/)
  ☆88Updated 2 years ago
• praetorian-inc / konstellation
  Konstellation is a configuration-driven CLI tool to enumerate cloud resources and store the data into Neo4j.
  ☆21Updated last year
• chaitin / mimicry
  Mimicry is a dynamic deception tool that actively deceives an attacker during exploitation and post-exploitation.
  ☆54Updated last year
• ofirc / ingress-nightmare
  A Terraform reproducer for IngressNightmare
  ☆25Updated 2 months ago
• eremit4 / cs-discovery
  Detecting Cobalt Strike Team Servers on targets through traffic telemetry.
  ☆22Updated 9 months ago
• abhisek / supply-chain-security-gateway
  Reference architecture and proof of concept implementation for supply chain security gateway
  ☆23Updated 2 years ago
• blackberry / Falco-bypasses
  Research on various techniques to bypass default falco ruleset (based on falco v0.28.1).
  ☆81Updated last year
• lightspin-tech / red-shadow
  Lightspin AWS IAM Vulnerability Scanner
  ☆96Updated 4 years ago
• RhinoSecurityLabs / dsnap
  Utility for downloading and mounting EBS snapshots using the EBS Direct API's
  ☆84Updated 2 months ago
• Betep0k / CVE-2021-25741
  Exploit for CVE-2021-25741 vulnerability
  ☆28Updated 3 years ago
• ox-eye / Ox4Shell
  Deobfuscate Log4Shell payloads with ease.
  ☆162Updated 2 years ago
• pathtofile / commandline_cloaking
  A collection of projects demonstrating various commandline cloaking techniques on Linux
  ☆57Updated 2 years ago
• raesene / k8s_ssrf_portscanner
  ☆31Updated 2 years ago
• wiz-sec-public / peach-framework
  PEACH - a step-by-step framework for modeling and improving SaaS and PaaS tenant isolation, by managing the attack surface exposed by use…
  ☆71Updated 2 years ago
• gand3lf / semgrepper
  An extension to use Semgrep inside Burp Suite.
  ☆89Updated 2 weeks ago
• jschauma / check-springshell
  try to determine if a host is vulnerable to SpringShell CVE‐2022‐22965 and CVE‐2022‐22963
  ☆23Updated 3 years ago
• grines / goc2
  MacOS C2 Framework
  ☆83Updated 3 years ago