pacu
lava
pacu | lava | |
---|---|---|
10 | 2 | |
4,037 | 49 | |
1.4% | - | |
8.6 | 0.0 | |
1 day ago | almost 3 years ago | |
Python | Python | |
BSD 3-clause "New" or "Revised" License | GNU General Public License v3.0 only |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
pacu
-
De um mimo até a elevação de privilégios na Cloud
Pra isso, usei a belíssima ferramenta Pacu https://github.com/RhinoSecurityLabs/pacu.
-
Should I be afraid of aws cloud as a security analyst?
ScoutSuite and Pacu (or Lava for Azure) are great tools and it's worth learning what they can do.
-
How do I build a network on AWS to capture flow data?
Not related to your original question, but you might want to take a look at pacu for simulating attacks.
- Pacu: The Open Source AWS Exploitation Framework
-
New Tools in Kali Linux 2021.2
CloudBrute - To find company(mostly cloud hence the name) infrastructure files and arch to a certain extent Dirsearch - Yet another web app path scanner like Gobuster/Dirbuster FeroxBuster - Rust based tool to perform forced browsing(read about it on GitHub Ghidra - Binary disassembler and decompiler (alternatives are gdb and ISA) Pacu - AWS exploitation framework GitHub Pirates - Kali package tracker(maybe like yay or pacman,not too sure on that one) quark-engine - android malware analysis system here Viscose - very popular and good code editor
- 🏹 Pacu: Framework de explotación de AWS #SeguridadOfensiva
-
Conducting a vulnerability scan on an AWS VPC
We're starting to work with Pacu for AWS testing. It's a bit more targeted to exploitation than vulnerability testing. https://rhinosecuritylabs.com/aws/pacu-open-source-aws-exploitation-framework/
- RhinoSecurityLabs/pacu - The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.
lava
-
Should I be afraid of aws cloud as a security analyst?
ScoutSuite and Pacu (or Lava for Azure) are great tools and it's worth learning what they can do.
-
recommended tools that do not come with Kali
Dunno how useful it'll be as it's specifically for Azure, but Lava is an awesome tool.
What are some alternatives?
ScoutSuite - Multi-Cloud Security Auditing Tool
magicavoxel-shaders - A collection of shaders for MagicaVoxel to generate geometry, noise, patterns, and simplify common and repetitive tasks.
feroxbuster - A fast, simple, recursive content discovery tool written in Rust.
azure-devops-python-api - Azure DevOps Python API
AWSXenos - AWSXenos will list all the trust relationships in all the IAM roles and S3 buckets
dirsearch - Web path scanner
quark-engine - Dig Vulnerabilities in the BlackBox
pyshader - Write modern GPU shaders in Python!
aws-well-architected-labs - Hands on labs and code to help you learn, measure, and build using architectural best practices.
Pentest-Service-Enumeration - Suggests programs to run against services found during the enumeration phase of a Pentest
endgame - An AWS Pentesting tool that lets you use one-liner commands to backdoor an AWS account's resources with a rogue AWS account - or share the resources with the entire internet 😈