ameurdx Goto Github PK

attackinganddefendingthegcpmetadataapi

This repo gives an overview of some GCP metadata API attack and defend patterns

awesome-hacking

A collection of various awesome lists for hackers, pentesters and security researchers

aws_exposable_resources

Resource types that can be publicly exposed on AWS

blackhat-2019

caldera

Automated Adversary Emulation

ccat

Cloud Container Attack Tool (CCAT) is a tool for testing security of container environments.

cloud-security

GCP and GSUITE security auditing scripts

cloudgoat

CloudGoat is Rhino Security Labs' "Vulnerable by Design" AWS deployment tool

cloudsplaining

Cloudsplaining is an AWS IAM Security Assessment tool that identifies violations of least privilege and generates a risk-prioritized report.

csp_security_mistakes

Cloud service provider security mistakes

dettect

Detect Tactics, Techniques & Combat Threats

elastic-ecs-siem

Configs and snippets for Elastic Common Schema logging for Elastic SIEM

forseti-serverless-example

gcp-assessment-setup

Give ScaleSec limited access to your GCP organization for a security assessment.

gcp-enterprise

gcp-iam-privilege-escalation

A collection of GCP IAM privilege escalation methods documented by the Rhino Security Labs team.

gcp-iam-role-permissions

Exports primitive and predefined GCP IAM Roles and their permissions

gcp-iam-sentinel-examples

gcp-security-group-update

Google Cloud function used to change the security group of a specified Compute instance. Can be used in conjunction with FortiOS automation to quarantine compromised hosts.

gcp_api_key_inventory

Inventory, analyze, and report on your GCP API keys in an automated fashion.

gcp_threat_detection_auto_remediation

This repo contains all you need to begin automating Event Threat Detection findings.

gcploit

These are tools we released with our 2020 defcon/blackhat talk https://www.youtube.com/watch?v=Ml09R38jpok

gcptfdemo

Demo of Terraform Build out for GCP - GKE, GCE

gke-application-security-demo

This project demonstrates a series of best practices for improving the security of containerized applications deployed to Kubernetes Engine. You will deploy multiple instances of the same container image with a variety of security settings to illustrate the use of RBAC, security contexts, and AppArmor policies.

gke-network-policy-demo

This guide demonstrates how to improve the security of your Kubernetes Engine by applying fine-grained restrictions to network communication. You will provision a simple HTTP server and two client pods in a Kubernetes Engine cluster, then use a Network Policy restrict connections from client pods.

gke-rbac-demo

This project covers two use cases for RBAC within a Kubernetes Engine cluster. First, assigning different permissions to user personas. Second, granting limited API access to an application running within your cluster. Since RBAC's flexibility can occasionally result in complex rules, you will also perform common steps for troubleshooting RBAC as a part of the second scenario.

gke-security-scenarios-demo

This project demonstrates a series of best practices for improving the security of containerized applications deployed to Kubernetes Engine. You will deploy multiple instances of the same container image with a variety of security settings to illustrate the use of RBAC, security contexts, and AppArmor policies.

google-cloud-4-words

The Google Cloud Developer's Cheat Sheet

hello-world

iaas_permission_mining