Giter Site home page Giter Site logo

cloud-security-attacks's Introduction

Cloud Security - Attacks

AWS

Privilege Escalation to SYSTEM in AWS VPN Client

AWS WorkSpaces Remote Code Execution

Resource Injection in CloudFormation Templates

Downloading and Exploring AWS EBS Snapshots

CloudGoat ECS_EFS_Attack Walkthrough

GKE Kubelet TLS Bootstrap Privilege Escalation

Weaponizing AWS ECS Task Definitions to Steal Credentials From Running Containers

CloudGoat AWS Scenario Walkthrough: “EC2_SSRF”

Pillaging AWS ECS Task Definitions for Hardcoded Secrets

Abusing VPC Traffic Mirroring in AWS

Exploiting AWS ECR and ECS with the Cloud Container Attack Tool (CCAT)

Bypassing IP Based Blocking with AWS API Gateway

Phishing Users with MFA on AWS

AWS IAM Privilege Escalation – Methods and Mitigation

Penetration Testing AWS Storage: Kicking the S3 Bucket

Cloud Security Risks (P2): CSV Injection in AWS CloudTrail

Amazon’s AWS Misconfiguration: Arbitrary Files Upload in Amazon Go

Privilege Escalation Attack : Attacking AWS IAM permission misconfigurations

IAM Vulnerable - An AWS IAM Privilege Escalation Playground

Escalator to the Cloud: 5 Privesc Attack Vectors in AWS

Vulnerable AWS Lambda function – Initial access in cloud attacks

Inside a Privilege Escalation Attack via Amazon Web Services’ EC2

AWS Attacks

AWS Shadow Admin

Gaining AWS Console Access via API Keys

Automate AWS AMI Creation For EC2 And Copy to Other Region

Instance Connect - Push an SSH key to EC2 instance

Golden SAML Attack

Stealing hashes from Domain Controllers in the Cloud

AWS PenTest Methodology

CloudGoat Official Walkthrough Series: “rce_web_app”

Azure

GKE Kubelet TLS Bootstrap Privilege Escalation

Cloud Security Risks (Part 1): Azure CSV Injection Vulnerability

Security for SaaS Companies: Leveraging Infosec for Business Value

Common Azure Security Vulnerabilities and Misconfigurations

Enumerate valid emails

Enumerate Azure Subdomains

Azure Attacks

Azure Active Directory Account Enumeration

Abusing Microsoft’s Azure domains to host phishing attacks

Defending against the EvilGinx2 MFA Bypass

Introduction To 365-Stealer - Understanding and Executing the Illicit Consent Grant Attack

Azure AD Password spray; from attack to detection (and prevention).

LATERAL MOVEMENT TO THE CLOUD WITH PASS-THE-PRT

Azure AD Pass The Certificate

How to SSH into specific Azure Web App instance

Attacking Azure, Azure AD, and Introducing PowerZure

Undetected Azure Active Directory Brute-Force Attacks

How Azure AD Could Be Vulnerable to Brute-Force and DOS Attacks

How to bypass MFA in Azure and O365

AWS Security Tools

Azure Security Tools

cloud-security-attacks's People

Contributors

cybersecurityup avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.