POC tool to create signed AWS API GET requests to bypass Guard Duty alerting of off-instance credential use via SSRF
☆59Sep 20, 2023Updated 2 years ago
Alternatives and similar repositories for aws_url_signer
Users that are interested in aws_url_signer are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- A PoC to Simulate Ransomware Attack on AWS Environment☆33Oct 14, 2024Updated last year
- Unauthenticated enumeration of AWS, Azure, and GCP Principals☆292Jun 10, 2026Updated 3 weeks ago
- Hide from the InstanceCredentialExfiltration GuardDuty finding by using VPC Endpoints☆121Jul 13, 2025Updated 11 months ago
- ☆18Jul 30, 2024Updated last year
- A small library to alter AWS API requests; Used for fuzzing research☆22Nov 2, 2023Updated 2 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- ☆40Aug 2, 2024Updated last year
- A collection of documented and undocumented AWS API models☆55Nov 21, 2025Updated 7 months ago
- This GitHub Action sends a reverse shell from a runner via Azure Storage Account blobs☆39Sep 25, 2024Updated last year
- Tools that checks for misconfigured access to Github OIDC from AWS roles and GCP service accounts☆62May 15, 2023Updated 3 years ago
- AWS Testing and Reporting Management Tool☆20Jan 23, 2023Updated 3 years ago
- Sniff and attack networks that use IP-in-IP or VXLAN encapsulation protocols.☆25Apr 27, 2026Updated 2 months ago
- Harness the security superpowers of your cloud asset inventory☆11Sep 22, 2024Updated last year
- A Python script to authenticate and test access to Google Cloud Platform (GCP) resources.☆19Jan 31, 2024Updated 2 years ago
- An Evil OIDC Server☆53Oct 19, 2022Updated 3 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- A tool for AWS incident response, that allows for enumeration, acquisition and analysis of data from AWS environments for the purpose of …☆203Jan 6, 2026Updated 6 months ago
- A public cloud security knowledgebase - https://www.secwiki.cloud/☆52Nov 12, 2024Updated last year
- Clean accounts over permissions in GCP infra at scale☆72May 9, 2023Updated 3 years ago
- Blogpost series showcasing interesting cloud - web app security bugs☆75May 27, 2026Updated last month
- This application was built to help reduce the amount of time it takes to review AWS Lambda code.☆62Nov 11, 2024Updated last year
- ☆191May 29, 2026Updated last month
- Tools for attacking Azure Function Apps☆89Oct 28, 2025Updated 8 months ago
- Determine privileges from cloud credentials via brute-force testing.☆69Aug 22, 2024Updated last year
- A GitHub Actions Supply Chain CTF / Goat☆27Apr 13, 2026Updated 2 months ago
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- Protect against subdomain takeover☆94Jun 29, 2026Updated last week
- ## Auto-archived due to inactivity. ## Tooling to simulate runtime attacks and test default runtime detections from Datadog Cloud Securit…☆39Oct 17, 2024Updated last year
- Jekyll Files for cloudsecwiki.com☆50Sep 16, 2021Updated 4 years ago
- ☆41Nov 29, 2024Updated last year
- Compares and analyzes GCP IAM roles.☆78Mar 9, 2025Updated last year
- Public repository to provide guidance and examples for people to start learning IaC. This repository also contains some open-hack style l…☆24Jun 14, 2023Updated 3 years ago
- Session Hijacking Visual Exploitation☆213Mar 7, 2024Updated 2 years ago
- Tool to enumerate unregistered reply URLs for single and multitenant apps in Azure☆15Jan 23, 2025Updated last year
- .NET port of Leron Gray's azbelt tool.☆26Sep 21, 2023Updated 2 years ago
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- Pentesting framework for GCP that enumerates/downloads data that feeds into a BloodHound Opengraph model. Includes credential management,…☆301Jun 26, 2026Updated last week
- CloudSplaining on AWS Managed Policies☆44Sep 8, 2025Updated 10 months ago
- Prevent SSRF attacks on AWS EC2 via automated upgrades to the more secure Instance Metadata Service v2 (IMDSv2).☆143May 1, 2025Updated last year
- ☆74Jun 22, 2026Updated 2 weeks ago
- Creates needed resources for federating access between a GCP service account and AWS IAM role.☆30Apr 3, 2024Updated 2 years ago
- AWS STS token decoder☆47Mar 18, 2025Updated last year
- NamespaceHound is the tool for detecting the risk of potential namespace crossing violations in multi-tenant clusters.☆114Jan 2, 2025Updated last year