technologik / terraform_attack_automationLinks
Automation associated with our talk: Attacking and Defending Infrastructure with Terraform
☆16Updated 3 years ago
Alternatives and similar repositories for terraform_attack_automation
Users that are interested in terraform_attack_automation are comparing it to the libraries listed below
Sorting:
- GCP CSPM using Google Sheets☆36Updated 3 months ago
- Compares and analyzes GCP IAM roles.☆77Updated 4 months ago
- 🖇️ STRIDE vs. ASVS equivalence table☆76Updated 11 months ago
- ☆83Updated 5 years ago
- Updated incident response generator for training classes☆44Updated 4 years ago
- ☆14Updated 3 years ago
- IAMFinder enumerates and finds users and IAM roles in a target AWS account.☆111Updated 4 years ago
- Prevent SSRF attacks on AWS EC2 via automated upgrades to the more secure Instance Metadata Service v2 (IMDSv2).☆143Updated 3 months ago
- ☆66Updated 2 weeks ago
- Tools that checks for misconfigured access to Github OIDC from AWS roles and GCP service accounts☆61Updated 2 years ago
- Clean accounts over permissions in GCP infra at scale☆71Updated 2 years ago
- Convert cloudtrail data to MITRE ATT&CK Sightings☆80Updated 3 years ago
- These are tools we released with our 2020 defcon/blackhat talk https://www.youtube.com/watch?v=Ml09R38jpok☆173Updated 5 months ago
- Offensive Terraform Website☆45Updated 4 years ago
- ☆28Updated 4 years ago
- Container Blackbox Security Auditing Tool: enumerates security configuration from within the target container☆106Updated 6 years ago
- Cloud Security Dashboard for AWS - based on ScoutSuite☆1Updated 2 years ago
- Audit log wall of shame.☆41Updated 9 months ago
- Research on the enumeration of IAM permissions without logging to CloudTrail☆61Updated 4 years ago
- ☆25Updated last year
- Harness the security superpowers of your cloud asset inventory☆11Updated 10 months ago
- 'Continuous' AWS perimeter monitoring: Periodically scan internet facing AWS resources to detect misconfigured services.☆64Updated 5 years ago
- ☆74Updated 4 years ago
- ☆27Updated 2 months ago
- ☆34Updated 3 months ago
- Utility for downloading and mounting EBS snapshots using the EBS Direct API's☆86Updated 4 months ago
- An implementation of infrastructure-as-code scanning using dynamic tooling.☆56Updated 3 years ago
- Whitebox evaluation of effective S3 object permissions, to identify publicly accessible files.☆77Updated 3 years ago
- IAM-Deescalate helps mitigate privilege escalation risk in AWS identity and access management (IAM)☆98Updated 2 years ago
- Presentations, training modules, and other education materials from Duo Security's Application Security team.☆75Updated 4 years ago