netskopeoss / iaas_permission_mining

Related projects: ⓘ

• JOSHUAJEBARAJ / GCP-GOAT
  GCP GOAT is the vulnerable application for learn the GCP Security
  ☆61Updated 11 months ago
• nccgroup / s3_objects_check
  Whitebox evaluation of effective S3 object permissions, to identify publicly accessible files.
  ☆74Updated 2 years ago
• SygniaLabs / security-cloud-scout
  ☆133Updated last year
• t0sche / cvss-bt
  Enriching the NVD CVSS scores to include Temporal & Threat Metrics
  ☆56Updated this week
• stephenbradshaw / aws_url_signer
  POC tool to create signed AWS API GET requests to bypass Guard Duty alerting of off-instance credential use via SSRF
  ☆57Updated last year
• kempy007 / VulManAgg
  Docs: Vulnerability management aggregation of AppSec & OpSec (Tools Listing)
  ☆30Updated last year
• andrewkrug / securing-the-cloud-supplemental
  Supplemental templates for securing the cloud.
  ☆32Updated 6 months ago
• piercing-index / cloud-vulnerabilities
  ☆35Updated 5 months ago
• Algbra-Labs-OSS / Chronicle
  ☆66Updated 4 months ago
• nicolasriverocorvalan / cloud-sniper
  Virtual Security Operations Center
  ☆49Updated last year
• NicholasSpringer / thunder-ctf
  GCP cloud security CTF
  ☆41Updated 6 months ago
• kbroughton / azure_cis_scanner
  Security Scanner based on CIS benchmark 1.1 inspired by Scout2
  ☆52Updated last year
• BojackThePillager / Slackhound
  Slackhound allows red and blue teams to perform fast reconnaissance on Slack workspaces/organizations to quickly search user profiles, lo…
  ☆73Updated 7 months ago
• jordanpotti / guardduty-opsec
  Opsec considerations for each AWS GuardDuty finding type.
  ☆22Updated 3 years ago
• RhinoSecurityLabs / CloudScraper
  CloudScraper: Tool to enumerate targets in search of cloud resources. S3 Buckets, Azure Blobs, Digital Ocean Storage Space.
  ☆28Updated 2 years ago
• torque59 / AWS-Vulnerable-Lambda
  An AWS Lambda vulnerable application written in flask.
  ☆48Updated 6 years ago
• nccgroup / cowcloud
  ☆58Updated last year
• DenizParlak / hayat
  Hayat is a script for report and analyze Google Cloud Platform resources.
  ☆79Updated 4 years ago
• somethingnew2-0 / SimpleCSPM
  GCP CSPM using Google Sheets
  ☆33Updated 3 months ago
• mllamazares / STRIDE-vs-ASVS
  🖇️ STRIDE vs. ASVS equivalence table
  ☆74Updated 3 weeks ago
• appsecco / attacking-cloudgoat2
  A step-by-step walkthrough of CloudGoat 2.0 scenarios.
  ☆132Updated 4 years ago
• jshlbrd / detection-engineering-pocket-guide
  pocket guide for core detection engineering concepts
  ☆27Updated last year
• pseudo-security / slacksecrets
  Scans Slack for API tokens, credentials, passwords, and more using YARA rules
  ☆37Updated 3 years ago
• ssnkhan / adversarial-threat-modelling
  Supporting material for my presentation "Adversarial Threat Modelling — A Practical Approach to Purple Teaming in the Enterprise"
  ☆50Updated 2 years ago
• modulexcite / attacking-and-auditing-docker-containers-and-kubernetes-clusters
  Appsecco training course content on Attacking and Auditing Dockers Containers and Kubernetes Clusters
  ☆13Updated 4 years ago
• mattrotlevi / lava
  Microsoft Azure Exploitation Framework
  ☆53Updated 3 years ago
• iknowjason / AriaCloud
  A Docker container for remote penetration testing.
  ☆132Updated 3 years ago
• cedowens / aws-cli-notes
  A combined list of helpful awscli commands from Scott Piper's flaws.cloud exercise as well as from Beau Bullock's Breaching the Cloud Tra…
  ☆18Updated 3 years ago
• OWASP / owasp-cstg
  ☆30Updated 4 years ago
• StateFarmIns / LambdaLooter
  This application was built to help reduce the amount of time it takes to review AWS Lambda code.
  ☆60Updated 3 months ago