offensive-terraform / terraform-aws-ebs-snapshot-publicly-exposedLinks
Offensive Terraform module which copies publicly exposed EBS snapshot to us-east-1 region in attacker's AWS account and creates EBS volume from the copied EBS snapshot. After that, the module attaches and mounts the EBS volume to an EC2 instance. Finally, attacker can ssh into an EC2 instance and inspect a mounted volume "/usr/src/hack".
☆15Updated 5 years ago
Alternatives and similar repositories for terraform-aws-ebs-snapshot-publicly-exposed
Users that are interested in terraform-aws-ebs-snapshot-publicly-exposed are comparing it to the libraries listed below
Sorting:
- Whitebox evaluation of effective S3 object permissions, to identify publicly accessible files.☆78Updated 3 years ago
- Presentations, training modules, and other education materials from Duo Security's Application Security team.☆77Updated 4 years ago
- AWS SSO serverless phishing API.☆32Updated 4 years ago
- A step-by-step walkthrough of CloudGoat 2.0 scenarios.☆135Updated 5 years ago
- GCP GOAT is the vulnerable application for learn the GCP Security☆67Updated 4 months ago
- A combined list of helpful awscli commands from Scott Piper's flaws.cloud exercise as well as from Beau Bullock's Breaching the Cloud Tra…☆19Updated 4 years ago
- Research on the enumeration of IAM permissions without logging to CloudTrail☆61Updated 4 years ago
- Pentester-focused Docker registry tool to enumerate and pull images☆111Updated 5 years ago
- 🖇️ STRIDE vs. ASVS equivalence table☆77Updated last year
- Route53/CloudFront Vulnerability Assessment Utility☆86Updated 2 years ago
- Kubernetes Security Testing Guide☆26Updated last year
- Kubernetes Pwnage for all☆56Updated 4 years ago
- This repo gives an overview of some GCP metadata API attack and defend patterns☆77Updated 5 years ago
- Reference architecture and proof of concept implementation for supply chain security gateway☆23Updated 2 years ago
- Bento Toolkit is a minimal fedora-based container for penetration tests and CTF with the sweet addition of GUI applications.☆78Updated 4 years ago
- Security scanning & static analysis tool☆94Updated last year
- Tools to automate AWS Cloud security assessments☆24Updated 5 years ago
- Container Blackbox Security Auditing Tool: enumerates security configuration from within the target container☆105Updated 6 years ago
- Offensive Terraform Website☆45Updated 5 years ago
- ☆14Updated 2 years ago
- A very vulnerable serverless application in AWS Lambda☆96Updated 6 years ago
- Collection of links to Security stuff☆117Updated last month
- ☆27Updated 2 weeks ago
- Updated incident response generator for training classes☆44Updated 4 years ago
- Salesforce Policy Deviation Checker☆30Updated 5 years ago
- ☆10Updated 3 years ago
- A Security Scanner for Go☆26Updated 6 years ago
- Intentionally Vulnerable Serverless Functions to understand the specifics of Serverless Security Vulnerabilities☆136Updated 2 years ago
- This is an offensive guide to securing AWS infrastructures. The hope is that by knowing how to take advantage of various types of AWS wea…☆172Updated 6 years ago
- ☆21Updated 7 years ago