we45 / DVFaaS-Damn-Vulnerable-Functions-as-a-Service
Intentionally Vulnerable Serverless Functions to understand the specifics of Serverless Security Vulnerabilities
β135Updated 2 years ago
Alternatives and similar repositories for DVFaaS-Damn-Vulnerable-Functions-as-a-Service:
Users that are interested in DVFaaS-Damn-Vulnerable-Functions-as-a-Service are comparing it to the libraries listed below
- A step-by-step walkthrough of CloudGoat 2.0 scenarios.β134Updated 4 years ago
- ποΈ STRIDE vs. ASVS equivalence tableβ75Updated 4 months ago
- Methodology for high-quality web application security testing - https://github.com/tprynn/web-methodology/wikiβ202Updated 2 months ago
- Whitebox evaluation of effective S3 object permissions, to identify publicly accessible files.β75Updated 2 years ago
- Serverless Functions for establishing Reverse Shells to Lambda, Azure Functions, and Google Cloud Functionsβ236Updated last month
- Damn Vulnerable Cloud Applicationβ190Updated 6 years ago
- This is an offensive guide to securing AWS infrastructures. The hope is that by knowing how to take advantage of various types of AWS weaβ¦β170Updated 5 years ago
- OWASP ServerlessGoat: a serverless application demonstrating common serverless security flawsβ323Updated 5 months ago
- DEPRECATED, please use the new repository from OWASP: https://github.com/OWASP/raiderβ138Updated 3 years ago
- A tool geared towards pentesting APIs using OpenAPI definitions.β171Updated 2 years ago
- β238Updated 6 months ago
- Damn Vulnerable Java (EE) Applicationβ132Updated 11 months ago
- GraphQL security testing toolβ120Updated 2 years ago
- The Pixi module is a MEAN Stack web app with wildly insecure APIs!β119Updated 2 years ago
- Orchestron is an Application Vulnerability Management and Correlation Tool.Orchestron helps you solve one key problem "Find and fix vulneβ¦β31Updated 2 years ago
- Scripts and tools for AWS Pentestβ51Updated 4 years ago
- Repository for all the workshop content delivered at nullcon X on 1st of March 2019β81Updated 5 years ago
- β62Updated last year
- A simple file-based scanner to look for potential AWS access and secret keys in filesβ89Updated 9 months ago
- Presentations, training modules, and other education materials from Duo Security's Application Security team.β72Updated 3 years ago
- Hide from the InstanceCredentialExfiltration GuardDuty finding by using VPC Endpointsβ113Updated last year
- Fetch the details of assets hosted on AWS.β86Updated last year
- A tool for identifying misconfigured CloudFront domainsβ347Updated 4 years ago
- The Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parametersβ62Updated last year
- Cloud-related research releases from the Rhino Security Labs team.β375Updated 4 years ago
- Corsair_scan is a security tool to test Cross-Origin Resource Sharing (CORS).β123Updated last year
- a Damn Vulnerable Serverless Applicationβ536Updated last year
- materials we hand outβ142Updated 3 months ago
- Route53/CloudFront Vulnerability Assessment Utilityβ84Updated last year
- β122Updated last year