vectra-ai-research/Halberd external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

vectra-ai-research/Halberd

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/vectra-ai-research/Halberd)

Close

vectra-ai-research / HalberdView on GitHubMore

• External links
• Readme badge

Halberd : Multi-Cloud Agentic Attack Tool

☆335Jan 12, 2026Updated last month

Alternatives and similar repositories for Halberd

Users that are interested in Halberd are comparing it to the libraries listed below

• saw-your-packet / CloudShovel

  View on GitHub
  A tool for scanning public or private AMIs for sensitive files and secrets. The tool follows the research made on AWS CloudQuarry where w…
  ☆113Nov 13, 2024Updated last year
• adanalvarez / TrailDiscover

  View on GitHub
  An evolving repository of CloudTrail events with detailed descriptions, MITRE ATT&CK insights, real-world incidents, references and secur…
  ☆174Feb 22, 2026Updated 2 weeks ago
• ReversecLabs / cloud-security-vm

  View on GitHub
  Ansible/Vagrant/Packer files to create a virtual machine with the tooling needed to perform cloud security assessments
  ☆142Jan 2, 2025Updated last year
• StevenSmiley / aws-mine

  View on GitHub
  AWS honey token manager
  ☆89Aug 1, 2024Updated last year
• techBrandon / CAPs

  View on GitHub
  Scripts to enumerate and report on Entra Conditional Access
  ☆41Sep 5, 2025Updated 6 months ago
• silascutler / dockerhoneypot-logs

  View on GitHub
  Collection of Docker honeypot logs from 2021 - 2024
  ☆36Sep 30, 2024Updated last year
• bilals12 / clusterfuck

  View on GitHub
  ☆42Nov 13, 2025Updated 3 months ago
• amjcyber / pwnlook

  View on GitHub
  An offensive postexploitation tool that will give you complete control over the Outlook desktop application and therefore to the emails c…
  ☆166Oct 9, 2024Updated last year
• DataDog / stratus-red-team

  View on GitHub
  Granular, Actionable Adversary Emulation for the Cloud
  ☆2,267Mar 1, 2026Updated last week
• HarshVaragiya / aws-redteam-kit

  View on GitHub
  A PoC to Simulate Ransomware Attack on AWS Environment
  ☆33Oct 14, 2024Updated last year
• SySS-Research / azurenum

  View on GitHub
  Enumerate Microsoft Entra ID (Azure AD) fast
  ☆104Jan 26, 2026Updated last month
• DataDog / grimoire

  View on GitHub
  Generate datasets of cloud audit logs for common attacks
  ☆234Feb 13, 2026Updated 3 weeks ago
• CompassSecurity / EntraFalcon

  View on GitHub
  A lightweight PowerShell tool for assessing the security posture of Microsoft Entra ID environments. It helps identify privileged object…
  ☆318Feb 8, 2026Updated last month
• silverhack / monkey365

  View on GitHub
  Monkey365 provides a tool for security consultants to easily conduct not only Microsoft 365, but also Azure subscriptions and Microsoft E…
  ☆1,242Feb 27, 2026Updated last week
• hotnops / apeman

  View on GitHub
  AWS Attack Path Management Tool - Walking on the Moon
  ☆262Dec 5, 2024Updated last year
• LuemmelSec / APEX

  View on GitHub
  Azure Post Exploitation Framework
  ☆244Oct 27, 2025Updated 4 months ago
• dwillowtree / diana

  View on GitHub
  Save toil in security operations with: Detection & Intelligence Analysis for New Alerts (D.I.A.N.A. )
  ☆224Sep 4, 2024Updated last year
• mvelazc0 / msInvader

  View on GitHub
  M365/Azure adversary simulation tool that generates realistic attack telemetry to help blue teams improve their detection and response ca…
  ☆323Oct 12, 2025Updated 4 months ago
• Slowerzs / ThievingFox

  View on GitHub
  ☆568Mar 28, 2024Updated last year
• BreakingMhet / honeyzure

  View on GitHub
  HoneyZure is a honeypot tool specifically designed for Azure environments, fully provisioned through Terraform. It leverages a Log Analyt…
  ☆17Jun 11, 2024Updated last year
• BishopFox / cloudfox

  View on GitHub
  Automating situational awareness for cloud penetration tests.
  ☆2,299Updated this week
• offensive-actions / azure-storage-reverse-shell

  View on GitHub
  This GitHub Action sends a reverse shell from a runner via Azure Storage Account blobs
  ☆39Sep 25, 2024Updated last year
• runreveal / sigmalite

  View on GitHub
  ☆52Dec 13, 2025Updated 2 months ago
• SecurityRunners / CloudCommotion

  View on GitHub
  Cloud Commotion intends to cause chaos to simulate security incidents
  ☆146Jun 18, 2024Updated last year
• offensive-actions / terraform-provider-statefile-rce

  View on GitHub
  This terraform provider can be used to get remote code execution by injecting a dummy resource in a writeable state file.
  ☆62Jan 25, 2025Updated last year
• christophetd / aws-sso-device-code-authentication

  View on GitHub
  ☆38Jun 9, 2021Updated 4 years ago
• huntresslabs / rogueapps

  View on GitHub
  When good OAuth apps go rogue. Documents observed OAuth application tradecraft
  ☆84Jan 30, 2026Updated last month
• xforcered / ADOKit

  View on GitHub
  Azure DevOps Services Attack Toolkit
  ☆313Mar 15, 2025Updated 11 months ago
• tenable / hidden-services-revealer

  View on GitHub
  ☆40Aug 2, 2024Updated last year
• cado-security / cloudgrep

  View on GitHub
  cloudgrep is grep for cloud storage
  ☆326Feb 26, 2025Updated last year
• DataDog / undocumented-aws-api-hunter

  View on GitHub
  A tool to uncover undocumented APIs from the AWS Console.
  ☆116Apr 29, 2025Updated 10 months ago
• unknownhad / CloudIntel

  View on GitHub
  This repo contains IOC, malware and malware analysis associated with Public cloud
  ☆249Nov 11, 2024Updated last year
• Azure / Stormspotter

  View on GitHub
  Azure Red Team tool for graphing Azure and Azure Active Directory objects
  ☆1,685Jan 8, 2024Updated 2 years ago
• righteousgambit / quiet-riot

  View on GitHub
  Unauthenticated enumeration of AWS, Azure, and GCP Principals
  ☆283Nov 27, 2025Updated 3 months ago
• BishopFox / cloudfoxable

  View on GitHub
  Create your own vulnerable by design AWS penetration testing playground
  ☆437Feb 16, 2026Updated 2 weeks ago
• vectra-ai-research / derf

  View on GitHub
  DeRF (Detection Replay Framework) is an "Attacks As A Service" framework, allowing the emulation of offensive techniques and generation o…
  ☆101Jan 12, 2024Updated 2 years ago
• krdmnbrk / AttackRuleMap

  View on GitHub
  Mapping of open-source detection rules and atomic tests.
  ☆202Feb 16, 2026Updated 2 weeks ago
• dafthack / GraphRunner

  View on GitHub
  A Post-exploitation Toolset for Interacting with the Microsoft Graph API
  ☆1,256Jul 22, 2025Updated 7 months ago
• invictus-ir / aws-cheatsheet

  View on GitHub
  A cheatsheet containing AWS CloudTrail events that can be used for Incident Response purposes or Detection Engineering.
  ☆80Jan 6, 2026Updated 2 months ago