piercing-index / cloud-vulnerabilities
☆36Updated 6 months ago
Related projects ⓘ
Alternatives and complementary repositories for cloud-vulnerabilities
- A PoC to Simulate Ransomware Attack on AWS Environment☆26Updated 3 weeks ago
- HoneyZure is a honeypot tool specifically designed for Azure environments, fully provisioned through Terraform. It leverages a Log Analyt…☆16Updated 4 months ago
- GCP GOAT is the vulnerable application for learn the GCP Security☆62Updated last year
- ☆18Updated 2 years ago
- A public cloud security knowledgebase - https://www.secwiki.cloud/☆48Updated 8 months ago
- CloudScraper: Tool to enumerate targets in search of cloud resources. S3 Buckets, Azure Blobs, Digital Ocean Storage Space.☆27Updated 2 years ago
- A cheatsheet containing AWS CloudTrail events that can be used for Incident Response purposes or Detection Engineering.☆61Updated 6 months ago
- This repository contains the research and components of our research into using Sigma for AWS Incident Response.☆24Updated last year
- Virtual Security Operations Center☆49Updated last year
- ☆18Updated 2 years ago
- ☆31Updated this week
- This tool analyzes a given Gitlab repository and searches for dangling or force-pushed commits containing potential secret or interesting…☆39Updated 2 months ago
- ☆40Updated 4 months ago
- Enriching the NVD CVSS scores to include Temporal & Threat Metrics☆61Updated this week
- ☆25Updated 3 years ago
- OWASP Foundation Web Respository☆26Updated last year
- POC tool to create signed AWS API GET requests to bypass Guard Duty alerting of off-instance credential use via SSRF☆58Updated last year
- Cloud Analytics helps defenders detect attacks to their cloud infrastructure by developing behavioral analytics for cloud platforms as we…☆51Updated last year
- Defending IaaS with ATT&CK is a project to create a collection of ATT&CK techniques relevant to a Linux IaaS environment, as well as a me…☆13Updated 8 months ago
- Tools that checks for misconfigured access to Github OIDC from AWS roles and GCP service accounts☆57Updated last year
- ThreatModel for Azure Storage - Library of all the attack scenarios on Azure Storage, and how to mitigate them following a risk-based app…☆57Updated last year
- The Event Maturity Matrix (EMM) is a comprehensive framework that provides clarity regarding the capabilities and nuances of SaaS audit l…☆17Updated 2 months ago
- Cloud Offensive Breach and Risk Assessment (COBRA) Tool☆74Updated 3 weeks ago
- This GitHub Action sends a reverse shell from a runner via Azure Storage Account blobs☆34Updated last month
- Blogpost series showcasing interesting cloud - web app security bugs☆45Updated last year
- Determine privileges from cloud credentials via brute-force testing.☆64Updated 2 months ago
- An implementation of infrastructure-as-code scanning using dynamic tooling.☆56Updated 2 years ago
- Go module that allows you to authenticate to Azure with a well known client ID using interactive logon and grab the token☆24Updated last year
- DeRF (Detection Replay Framework) is an "Attacks As A Service" framework, allowing the emulation of offensive techniques and generation o…☆82Updated 9 months ago