messypoutine / gravy-overflow
A GitHub Actions Supply Chain CTF / Goat
☆17Updated last month
Alternatives and similar repositories for gravy-overflow:
Users that are interested in gravy-overflow are comparing it to the libraries listed below
- ☆43Updated 9 months ago
- A PoC to Simulate Ransomware Attack on AWS Environment☆30Updated 5 months ago
- ☆32Updated 7 months ago
- This GitHub Action sends a reverse shell from a runner via Azure Storage Account blobs☆36Updated 5 months ago
- Simple Command Line Tool to Enumerate Slack Workspace Names from Slack Webhook URLs.☆40Updated last year
- Determine privileges from cloud credentials via brute-force testing.☆67Updated 6 months ago
- POC tool to create signed AWS API GET requests to bypass Guard Duty alerting of off-instance credential use via SSRF☆58Updated last year
- HoneyZure is a honeypot tool specifically designed for Azure environments, fully provisioned through Terraform. It leverages a Log Analyt…☆16Updated 9 months ago
- A set of scripts to install a Burp Collaborator Server in a docker environment, using a LetsEncrypt wildcard certificate in as simple a p…☆29Updated 2 months ago
- Create tar/zip archives that try to exploit zipslip vulnerability.☆47Updated 6 months ago
- Vulnerable by Design AWS Cloud Development Kit (CDK) Infrastructure☆46Updated last year
- ☆20Updated 2 years ago
- ☆36Updated 4 months ago
- ☆58Updated last year
- Additional active scan checks for BURP☆26Updated 5 months ago
- Blogpost series showcasing interesting cloud - web app security bugs☆47Updated last year
- Collection of Docker honeypot logs from 2021 - 2024☆36Updated 5 months ago
- A web security research tool for DOM testing☆19Updated this week
- ☆55Updated last year
- A steampipe plugin to query projectdiscovery.io tools.☆26Updated 7 months ago
- Proof-of-concept code for research into GitHub Actions Cache poisoning.☆22Updated last week
- ☆13Updated last year
- Tools that checks for misconfigured access to Github OIDC from AWS roles and GCP service accounts☆60Updated last year
- ☆29Updated 4 months ago
- Repository to archive GCP Documentation for local use☆15Updated last month
- ☆59Updated 3 months ago
- A vulnerable environment for exploring common GCP misconfigurations and vulnerabilities☆26Updated 8 months ago
- Semgrep-based Policy Controller for Kubernetes☆47Updated last week
- Sniff and attack networks that use IP-in-IP or VXLAN encapsulation protocols.☆21Updated 6 months ago