wiz-sec-public / peach-frameworkView external linksLinks
PEACH - a step-by-step framework for modeling and improving SaaS and PaaS tenant isolation, by managing the attack surface exposed by user interfaces.
☆74Dec 14, 2022Updated 3 years ago
Alternatives and similar repositories for peach-framework
Users that are interested in peach-framework are comparing it to the libraries listed below
Sorting:
- NamespaceHound is the tool for detecting the risk of potential namespace crossing violations in multi-tenant clusters.☆111Jan 2, 2025Updated last year
- Harness the security superpowers of your cloud asset inventory☆11Sep 22, 2024Updated last year
- Sniff and attack networks that use IP-in-IP or VXLAN encapsulation protocols.☆23Aug 30, 2024Updated last year
- Firepit - STIX Columnar Storage☆17Jun 5, 2024Updated last year
- This repository provides a comprehensive collection of Pulumi scenarios utilized by cnappgoat☆21Jan 28, 2025Updated last year
- ## Auto-archived due to inactivity. ## Tooling to simulate runtime attacks and test default runtime detections from Datadog Cloud Securit…☆37Oct 17, 2024Updated last year
- Security Alert Decoration☆27Jul 21, 2025Updated 6 months ago
- Public repository to provide guidance and examples for people to start learning IaC. This repository also contains some open-hack style l…☆23Jun 14, 2023Updated 2 years ago
- ☆39Aug 2, 2024Updated last year
- ☆94Dec 25, 2025Updated last month
- An open project to list all publicly known cloud vulnerabilities and CSP security issues☆374Sep 19, 2025Updated 4 months ago
- A GitHub Actions Supply Chain CTF / Goat☆27Jan 6, 2026Updated last month
- CNAPPgoat is an open source project designed to modularly provision vulnerable-by-design components in cloud environments.☆293Sep 4, 2024Updated last year
- AI featured threat modeling and security review action☆45Nov 17, 2024Updated last year
- Apfell POC Chrome Extension Payload☆10Jun 24, 2020Updated 5 years ago
- Pritunl Access Control System☆10Feb 16, 2023Updated 2 years ago
- ☆12Oct 17, 2023Updated 2 years ago
- ☆11Dec 26, 2023Updated 2 years ago
- Azure Activity Log Axe is a continually developing tool that simplifies the transactional log format provided by Microsoft. The tool leve…☆35Sep 6, 2024Updated last year
- AWS STS token decoder☆46Mar 18, 2025Updated 10 months ago
- An AI-powered tool for discovering privilege escalation opportunities in AWS IAM configurations.☆117Feb 4, 2026Updated last week
- Dont Gamble with Risk☆14Mar 4, 2024Updated last year
- Apfell C2 Server for the Google Chrome Extension Payload☆12Aug 12, 2020Updated 5 years ago
- Simple tool to identify and remediate the use of the AWS EC2 IMDSv1.☆15Aug 12, 2021Updated 4 years ago
- Automated activity logging utility for Mythic C2 v3.0+ with Ghostwriter v3.0+☆23Jul 31, 2025Updated 6 months ago
- 🖇️ equivalence table between OWASP ASVS standard and STRIDE threat modeling methodology.☆76Aug 22, 2024Updated last year
- ☆30Jul 29, 2021Updated 4 years ago
- AWS docs, guides, and other tools☆75Feb 4, 2023Updated 3 years ago
- ☆57Updated this week
- Threatest is a CLI and Go framework for end-to-end testing threat detection rules.☆339Updated this week
- Deliberately vulnerable AWS resources for security assessment demos☆32Aug 20, 2022Updated 3 years ago
- ☆51Dec 13, 2025Updated 2 months ago
- ajpclient is a small command line tool that aims to be to AJP what curl is to HTTP.☆12Jul 18, 2017Updated 8 years ago
- 🐻❄️ 🏹 Threat hunting with Polars and flaws.cloud AWS CloudTrail datasets.☆14May 22, 2024Updated last year
- Electron-Probe leverages the Node variant of the Chrome Debugging Protocol to execute JavaScript payloads inside of target Electron appli…☆31Jan 13, 2026Updated last month
- ☆30Jan 13, 2026Updated last month
- Modron - Cloud security compliance☆34Dec 11, 2024Updated last year
- Threat model for Azure Storage - Library of all the attack scenarios on Azure Storage, and how to mitigate them following a risk-based ap…☆59Jun 11, 2023Updated 2 years ago
- ☆18Jul 30, 2024Updated last year