nemo-wq / privilege_escalationLinks
Lab exercises to practice privilege escalation scenarios in AWS IAM. These exercises and the slides go through the basics behind AWS IAM, common weaknesses in AWS deployments, specific to IAM, and how to exploit them manually. This was run as a workshop at BruCon 2019.
☆16Updated 6 years ago
Alternatives and similar repositories for privilege_escalation
Users that are interested in privilege_escalation are comparing it to the libraries listed below
Sorting:
- Scripts and tools for AWS Pentest☆53Updated 5 years ago
- This is a Burpsuite plugin built to enable you to import your directory bruteforcing results into burp for easy viewing later. This is an…☆36Updated 2 years ago
- Pivot into private VPC networks using a VPN connection☆43Updated 6 years ago
- An AWS Lambda vulnerable application written in flask.☆49Updated 8 years ago
- ☆29Updated 8 years ago
- This is a set of tips and reminders for pentesting processes and scripts/programs. Initially for personal use, but if anyone else finds t��…☆52Updated 5 years ago
- ☆24Updated last month
- VyAPI - A cloud based vulnerable hybrid Android App☆86Updated 5 years ago
- A Burp Suite content discovery plugin that add the smart into the Buster!☆32Updated 7 years ago
- Collection of different exploitation scenarios of JWT.☆21Updated 4 years ago
- Kubernetes Scanner☆40Updated 3 years ago
- AWS S3 Bucket/Object Finder☆25Updated 8 years ago
- A collection of OSCE preparation resources.☆24Updated 6 years ago
- An enumeration and exploitation toolkit using RFC calls to SAP☆39Updated 5 years ago
- learning case to prepare OSWE☆37Updated 6 years ago
- Alphanumeric Encoder☆25Updated 7 years ago
- Yet another open S3 bucket finder☆20Updated 7 years ago
- Repository for all the workshop content delivered at nullcon X on 1st of March 2019☆80Updated 6 years ago
- A collection of slides, videos, and proof-of-concept scripts from various Rhino presentations.☆38Updated 7 years ago
- ☆21Updated 6 years ago
- Data exfiltration utility for testing detection capabilities☆57Updated 3 years ago
- Notes as I learn basic AWS penetration testing☆67Updated 6 years ago
- BurpSuite's payload-generation extension aiming at applying fuzzed test-cases depending on the type of payload (integer, string, path; JS…☆40Updated 4 years ago
- A Burp Extender plugin that will allow you to tamper with requests containing compressed, serialized java objects.☆24Updated 6 years ago
- API testing tool written with Python☆56Updated 8 years ago
- Utility script to test zip file upload functionality (and possible extraction of zip files) for vulnerabilities (aka Zip Slip)☆31Updated 6 years ago
- This repo will contain slides and information from the Attacking Active Directory Hacking Series talks presented at SecKC.☆32Updated last year
- This burpsuite extender provides a solution on testing Enterprise applications that involve security Authorization tokens into every HTTP…☆47Updated 6 years ago
- Bug Bounty Clipboard☆17Updated 6 years ago
- Scripts for OSCE☆18Updated 6 years ago