offensive-actions/terraform-provider-statefile-rce external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

offensive-actions/terraform-provider-statefile-rce

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/offensive-actions/terraform-provider-statefile-rce)

Close

offensive-actions / terraform-provider-statefile-rceView on GitHubMore

• External links
• Readme badge

This terraform provider can be used to get remote code execution by injecting a dummy resource in a writeable state file.

☆62Jan 25, 2025Updated last year

Alternatives and similar repositories for terraform-provider-statefile-rce

Users that are interested in terraform-provider-statefile-rce are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• tenable / hidden-services-revealer

  View on GitHub
  ☆40Aug 2, 2024Updated last year
• nodyhub / zipslipper

  View on GitHub
  Create tar/zip archives that try to exploit zipslip vulnerability.
  ☆48Sep 20, 2024Updated last year
• cloud-copilot / iam-expand

  View on GitHub
  Expand IAM Actions with Wildcards
  ☆35Mar 28, 2026Updated last week
• cloud-copilot / iam-simulate

  View on GitHub
  An IAM Simulator that outputs detailed explains of how a request was evaluated.
  ☆101Mar 28, 2026Updated last week
• PaloAltoNetworks / github-oidc-utils

  View on GitHub
  ☆36Apr 29, 2025Updated 11 months ago
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting with the flexibility to host WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Cloudways by DigitalOcean.
• huntresslabs / rogueapps

  View on GitHub
  When good OAuth apps go rogue. Documents observed OAuth application tradecraft
  ☆85Mar 24, 2026Updated 2 weeks ago
• whatsfordinner / aws-lambda-grant-shenanigans

  View on GitHub
  A demo repo for some unusual and user-unfriendly behaviour with AWS environment variable encryption
  ☆11Oct 30, 2021Updated 4 years ago
• JA3G3R / agneyastra

  View on GitHub
  Firebase Misconfiguration Detection Toolkit - To be presented at Blackhat EU Arsenal
  ☆45Nov 6, 2025Updated 5 months ago
• semgr8ns / semgr8s

  View on GitHub
  Semgrep-based Policy Controller for Kubernetes
  ☆47Apr 4, 2025Updated last year
• bilals12 / clusterfuck

  View on GitHub
  ☆42Nov 13, 2025Updated 4 months ago
• padok-team / cognito-scanner

  View on GitHub
  A simple script which implements different Cognito attacks such as Account Oracle or Priviledge Escalation
  ☆110Feb 16, 2024Updated 2 years ago
• orcasecurity-research / kte

  View on GitHub
  Test & Compare different Kubernetes security offerings on EKS, GKE and AKS
  ☆40Aug 29, 2024Updated last year
• ReversecLabs / cloud-security-vm

  View on GitHub
  Ansible/Vagrant/Packer files to create a virtual machine with the tooling needed to perform cloud security assessments
  ☆142Jan 2, 2025Updated last year
• antitree / go-pillage-registries

  View on GitHub
  Pentester-focused Docker registry tool to enumerate and pull images
  ☆36Oct 19, 2025Updated 5 months ago
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting with the flexibility to host WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Cloudways by DigitalOcean.
• adanalvarez / owasp-wstg-tracker

  View on GitHub
  Simple web app to track OWASP WSTG security testing progress
  ☆28Sep 12, 2025Updated 6 months ago
• StevenSmiley / aws-mine

  View on GitHub
  AWS honey token manager
  ☆90Aug 1, 2024Updated last year
• jstawinski / GitHub-Actions-Attack-Diagram

  View on GitHub
  ☆192Apr 16, 2025Updated 11 months ago
• bwireman / go-over

  View on GitHub
  A tool to audit Erlang & Elixir dependencies, to make sure your ✨ gleam projects really sparkle!
  ☆23Updated this week
• AdnaneKhan / ActionsTOCTOU

  View on GitHub
  Example repository for GitHub Actions Time of Check to Time of Use (TOCTOU vulnerabilities)
  ☆38Jan 25, 2026Updated 2 months ago
• zoph-io / aws-trustline

  View on GitHub
  AWS Trustline: Check external access on your AWS account
  ☆129Feb 27, 2026Updated last month
• christophetd / aws-sso-device-code-authentication

  View on GitHub
  ☆38Jun 9, 2021Updated 4 years ago
• SEU-ProactiveSecurity-Group / LLM-PD

  View on GitHub
  Official code for the paper entitled "Toward Intelligent and Secure Cloud: Large Language Model Empowered Proactive Defense"
  ☆16Apr 10, 2025Updated 11 months ago
• adelapazborrero / slack_jack

  View on GitHub
  Hijack a slack bot to phish your way in
  ☆57Jul 17, 2025Updated 8 months ago
• GPU virtual machines on DigitalOcean Gradient AI • Ad
  Get to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
• vectra-ai-research / Halberd

  View on GitHub
  Halberd : Multi-Cloud Agentic Attack Tool
  ☆335Jan 12, 2026Updated 2 months ago
• RyanJarv / roles

  View on GitHub
  Unauthenticated enumeration of AWS IAM Roles.
  ☆26Sep 7, 2025Updated 7 months ago
• mark-adams / gcp-ip-list

  View on GitHub
  A CLI tool (and library) written in Go to simplify the process of retrieving IP addresses from infrastructure hosted on Google Cloud Plat…
  ☆11Mar 19, 2026Updated 2 weeks ago
• blackberry / Falco-bypasses

  View on GitHub
  Research on various techniques to bypass default falco ruleset (based on falco v0.28.1).
  ☆89Jan 28, 2024Updated 2 years ago
• RhinoSecurityLabs / dsnap

  View on GitHub
  Utility for downloading and mounting EBS snapshots using the EBS Direct API's
  ☆92Mar 17, 2025Updated last year
• NetSPI / gcpwn

  View on GitHub
  Enumeration/exploit/analysis/download/etc pentesting framework for GCP; modeled like Pacu for AWS; a product of numerous hours via @Webbi…
  ☆290May 16, 2025Updated 10 months ago
• redteamronin / EmbedInHTML

  View on GitHub
  ☆17Jan 9, 2025Updated last year
• DataDog / supply-chain-firewall

  View on GitHub
  Supply-Chain Firewall (SCFW) is a tool for preventing the installation of malicious npm and PyPI packages
  ☆255Apr 1, 2026Updated last week
• Aqua-Nautilus / TrailShark

  View on GitHub
  ☆53Oct 27, 2024Updated last year
• Virtual machines for every use case on DigitalOcean • Ad
  Get dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
• latiotech / github-actions-log-checker

  View on GitHub
  Used to check Github actions logs for secrets - specifically tj-actions and reviewdog
  ☆22Mar 18, 2025Updated last year
• rileydakota / crx-analyzer

  View on GitHub
  Local CLI tool for browser extension risk analysis
  ☆29Apr 11, 2025Updated 11 months ago
• ReversecLabs / IAMSpy

  View on GitHub
  ☆230Mar 27, 2026Updated last week
• praetorian-inc / konstellation

  View on GitHub
  Konstellation is a configuration-driven CLI tool to enumerate cloud resources and store the data into Neo4j.
  ☆34Feb 15, 2026Updated last month
• Fennerr / PMapper

  View on GitHub
  A tool for quickly evaluating IAM permissions in AWS.
  ☆77May 27, 2024Updated last year
• almounah / evil-go

  View on GitHub
  A fork of the Go language with some tweaks
  ☆56Jan 29, 2025Updated last year
• elementsinteractive / twyn

  View on GitHub
  Security tool against dependency typosquatting attacks
  ☆55Mar 31, 2026Updated last week