pop3ret / AWSome-Pentesting
My cheatsheet notes to pentest AWS infrastructure
☆652Updated last year
Related projects: ⓘ
- Azure and AWS Attacks☆1,044Updated last year
- ☆677Updated 2 years ago
- A curated list of awesome cloud security blogs, podcasts, standards, projects, and examples.☆574Updated 10 months ago
- ☆546Updated this week
- Automating situational awareness for cloud penetration tests.☆1,896Updated last month
- ☆562Updated last year
- Awesome cloud enumerator☆855Updated last month
- ☆697Updated 2 years ago
- Awesome free cloud native security learning labs. Includes CTF, self-hosted workshops, guided vulnerability labs, and research labs.☆1,382Updated 3 months ago
- A list of open source web security scanners☆861Updated last week
- AzureGoat : A Damn Vulnerable Azure Infrastructure☆755Updated 6 months ago
- An encyclopedia for offensive and defensive security knowledge in cloud native technologies.☆1,640Updated 2 weeks ago
- Multi-cloud OSINT tool. Enumerate public resources in AWS, Azure, and Google Cloud.☆1,628Updated 2 months ago
- List of regex for scraping secret API keys and juicy information.☆675Updated 2 years ago
- Create your own vulnerable by design AWS penetration testing playground☆321Updated 3 months ago
- AWSGoat : A Damn Vulnerable AWS Infrastructure☆1,710Updated this week
- API Security Project aims to present unique attack & defense methods in API Security field☆280Updated 2 years ago
- Offensive security and Penetration Testing TTP for Cloud based environment (AWS / Azure / GCP)☆309Updated 2 months ago
- Identify privilege escalation paths within and across different clouds☆658Updated 2 weeks ago
- ☆627Updated last year
- RedCloudOS is a Cloud Adversary Simulation Operating System for Red Teams to assess the Cloud Security of Leading Cloud Service Providers…☆515Updated 3 months ago
- Awesome list of step by step techniques to achieve Remote Code Execution on various apps!☆1,824Updated 11 months ago
- GCPGoat : A Damn Vulnerable GCP Infrastructure☆350Updated 7 months ago
- Spoofy is a program that checks if a list of domains can be spoofed based on SPF and DMARC records.☆613Updated last month
- Tool for discovering the origin host behind a reverse proxy. Useful for bypassing cloud WAFs!☆839Updated 8 months ago
- 🛡️ Awesome Cloud Security Resources ⚔️☆2,031Updated 3 months ago
- RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.☆1,719Updated 3 months ago
- Security Remediation Guides☆698Updated last month
- My last 12 year's material collection on offensive & defensive security, GRC, risk management, technical security guidelines and much mor…☆295Updated 9 months ago
- Websec interview questions by tib3rius answered☆298Updated 10 months ago