trustoncloud / threatmodel-for-azure-storageView external linksLinks
Threat model for Azure Storage - Library of all the attack scenarios on Azure Storage, and how to mitigate them following a risk-based approach
☆59Jun 11, 2023Updated 2 years ago
Alternatives and similar repositories for threatmodel-for-azure-storage
Users that are interested in threatmodel-for-azure-storage are comparing it to the libraries listed below
Sorting:
- Public repository to provide guidance and examples for people to start learning IaC. This repository also contains some open-hack style l…☆23Jun 14, 2023Updated 2 years ago
- A GitHub Actions Supply Chain CTF / Goat☆27Jan 6, 2026Updated last month
- Knowledge Report Alert & Normalization Generator☆26Updated this week
- ☆18Jul 30, 2024Updated last year
- Threat model for Amazon S3 - Library of all the attack scenarios on Amazon S3, and how to mitigate them following a risk-based approach☆157Oct 2, 2023Updated 2 years ago
- An AI-powered tool for discovering privilege escalation opportunities in AWS IAM configurations.☆118Feb 4, 2026Updated last week
- ☆10May 12, 2022Updated 3 years ago
- ☆44Oct 16, 2025Updated 3 months ago
- Build a CVE library with aggregated CISA, EPSS and CVSS data☆29Sep 27, 2023Updated 2 years ago
- Check for know iframeBuster XSS☆12Sep 25, 2024Updated last year
- Proof of concept about the privilege escalation flaw identified in Google's Osconfig☆10Sep 20, 2020Updated 5 years ago
- Terraform to run Scoutsuite security scan of projects within a Google Cloud Org. Report will be published to a GCS bucket.☆17Jan 5, 2026Updated last month
- Component Services Volatile Environment LPE☆12Jun 28, 2025Updated 7 months ago
- ☆12Oct 17, 2023Updated 2 years ago
- ☆13Oct 10, 2018Updated 7 years ago
- Automate Reporting of Defender for Cloud recommendations & Role Assignments with 35 different views☆12Jan 31, 2023Updated 3 years ago
- Display Languages Volatile Environment LPE☆12Jun 28, 2025Updated 7 months ago
- Scripts to demonstrate VPC Service Controls between tenant and shared projects☆12Jun 11, 2019Updated 6 years ago
- Deliberately vulnerable AWS resources for security assessment demos☆32Aug 20, 2022Updated 3 years ago
- Crashbench is a LLM benchmark to measure bug-finding and reporting capabilities of LLMs☆14Jan 20, 2026Updated 3 weeks ago
- Mutable Universal Relay Document Kit☆17Oct 31, 2014Updated 11 years ago
- Tools that checks for misconfigured access to Github OIDC from AWS roles and GCP service accounts☆61May 15, 2023Updated 2 years ago
- Takes in scan reports from the GVM PostgreSQL Database and dump into Elasticsearch☆15Aug 18, 2023Updated 2 years ago
- A walkthrough of deploying and configuring a PowerShell Private Gallery to Azure via ARM Templates, DSC Configurations, and Visual Studio…☆12Mar 8, 2017Updated 8 years ago
- ## Auto-archived due to inactivity. ## Tooling to simulate runtime attacks and test default runtime detections from Datadog Cloud Securit…☆37Oct 17, 2024Updated last year
- Repository to archive GCP Documentation for local use☆16Feb 11, 2025Updated last year
- Use Azure Virtual WAN Hub BGP Peering for multi-region Anycast load balancing within private networks☆17Sep 26, 2022Updated 3 years ago
- POC tool to create signed AWS API GET requests to bypass Guard Duty alerting of off-instance credential use via SSRF☆59Sep 20, 2023Updated 2 years ago
- A security-first linter for code that shouldn't need linting☆17Sep 12, 2023Updated 2 years ago
- ☆39Aug 13, 2021Updated 4 years ago
- ☆39Aug 2, 2024Updated last year
- ✨ A compilation of suggested tools/services for each component in a detection and response pipeline, along with real-world examples. The …☆289Feb 5, 2024Updated 2 years ago
- An auto-scoring capture-the-flag game focusing on TOCTOU vulnerabilities☆21Oct 28, 2020Updated 5 years ago
- PowerShell Module for parsing logs generated by Sysinternals Sysmon for Linux☆37Mar 20, 2022Updated 3 years ago
- Sniff and attack networks that use IP-in-IP or VXLAN encapsulation protocols.☆23Aug 30, 2024Updated last year
- An attempt to automated hunting for delegation access across the domain☆27Jan 17, 2019Updated 7 years ago
- A Golang program to rotate AWS & GCP account keys☆67May 12, 2025Updated 9 months ago
- A quick and easy PowerShell script to collect a packet trace with option to convert .etl to .pcap.☆39Oct 26, 2022Updated 3 years ago
- Hunting for Microsoft Exchange the LDAP Way.☆35Oct 30, 2019Updated 6 years ago