CloudCopy
Cloud attack tool
A tool that enables unauthorized access to domain controllers in the cloud by exploiting their snapshotting capabilities.
This tool implements a cloud version of the Shadow Copy attack against domain controllers running in AWS using only the EC2:CreateSnapshot permission.
120 stars
4 watching
21 forks
Language: Python
last commit: about 5 years ago
Linked from 1 awesome list
hacking-toolpython3redteam
teamssix/awesome-cloud-securityRelated projects:
| Repository | Description | Stars |
|---|---|---|
 trouble-1/vajra | A tool for simulating attacks on cloud environments such as Azure and AWS | 378 |
 jordanpotti/cloudscraper | A tool to spider and search cloud resources like AWS, Azure, and Digital Ocean for potential vulnerabilities. | 506 |
 cloud-sniper/cloud-sniper | A platform for automating cloud security incident response and analysis | 182 |
 deepfence/threatmapper | An application protection platform that monitors and analyzes cloud-native applications for vulnerabilities and threats. | 4,861 |
 devsecops/raindance | A framework to simplify attack mapping and security modeling in software development | 46 |
 esonhugh/attack_code | An introductory article on cloud security and development, covering various aspects of cloud computing, including infrastructure, storage, deployment, and security. | 536 |
 azure/stormspotter | A tool for analyzing and visualizing Azure objects to help security teams understand potential attack surfaces. | 1,555 |
 datadog/stratus-red-team | Provides a tool to emulate offensive attack techniques in the cloud | 1,863 |
 aquasecurity/cloudsploit | A tool designed to detect security risks in cloud infrastructure accounts | 3,372 |
 mschwager/dhcpwn | A tool used to test DHCP IP exhaustion attacks by sending spoofed UDP requests to a DHCP server. | 668 |
 bishopfox/smogcloud | Automatically identifies and monitors cloud assets exposed to the internet without authorization | 332 |
 rhinosecuritylabs/ccat | A tool designed to test the security of container environments by simulating various attacks and vulnerabilities. | 595 |
 jonrau1/electriceye | A Python CLI tool for managing security and compliance in cloud and SaaS environments | 966 |
 mindpointgroup/cloudfrunt | A tool for identifying misconfigured CloudFront domains to prevent domain hijacking | 347 |
| rhinosecuritylabs/cloudgoat | An AWS deployment tool designed to provide intentionally vulnerable cloud infrastructure for hands-on learning and penetration testing. | 2,991 |