quark-engine
pacu
quark-engine | pacu | |
---|---|---|
1 | 10 | |
1,226 | 4,027 | |
1.1% | 1.2% | |
8.3 | 8.6 | |
6 days ago | 27 days ago | |
Python | Python | |
GNU General Public License v3.0 only | BSD 3-clause "New" or "Revised" License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
quark-engine
-
New Tools in Kali Linux 2021.2
CloudBrute - To find company(mostly cloud hence the name) infrastructure files and arch to a certain extent Dirsearch - Yet another web app path scanner like Gobuster/Dirbuster FeroxBuster - Rust based tool to perform forced browsing(read about it on GitHub Ghidra - Binary disassembler and decompiler (alternatives are gdb and ISA) Pacu - AWS exploitation framework GitHub Pirates - Kali package tracker(maybe like yay or pacman,not too sure on that one) quark-engine - android malware analysis system here Viscose - very popular and good code editor
pacu
-
De um mimo até a elevação de privilégios na Cloud
Pra isso, usei a belíssima ferramenta Pacu https://github.com/RhinoSecurityLabs/pacu.
-
Should I be afraid of aws cloud as a security analyst?
ScoutSuite and Pacu (or Lava for Azure) are great tools and it's worth learning what they can do.
-
How do I build a network on AWS to capture flow data?
Not related to your original question, but you might want to take a look at pacu for simulating attacks.
- Pacu: The Open Source AWS Exploitation Framework
-
New Tools in Kali Linux 2021.2
CloudBrute - To find company(mostly cloud hence the name) infrastructure files and arch to a certain extent Dirsearch - Yet another web app path scanner like Gobuster/Dirbuster FeroxBuster - Rust based tool to perform forced browsing(read about it on GitHub Ghidra - Binary disassembler and decompiler (alternatives are gdb and ISA) Pacu - AWS exploitation framework GitHub Pirates - Kali package tracker(maybe like yay or pacman,not too sure on that one) quark-engine - android malware analysis system here Viscose - very popular and good code editor
- 🏹 Pacu: Framework de explotación de AWS #SeguridadOfensiva
-
Conducting a vulnerability scan on an AWS VPC
We're starting to work with Pacu for AWS testing. It's a bit more targeted to exploitation than vulnerability testing. https://rhinosecuritylabs.com/aws/pacu-open-source-aws-exploitation-framework/
- RhinoSecurityLabs/pacu - The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.
What are some alternatives?
bitleaker - This tool can decrypt a BitLocker-locked partition with the TPM vulnerability
ScoutSuite - Multi-Cloud Security Auditing Tool
feroxbuster - A fast, simple, recursive content discovery tool written in Rust.
Veil-Evasion - Veil Evasion is no longer supported, use Veil 3.0!
AWSXenos - AWSXenos will list all the trust relationships in all the IAM roles and S3 buckets
pwndbg - Exploit Development and Reverse Engineering with GDB Made Easy
lava - Microsoft Azure Exploitation Framework
Veil - Veil 3.1.X (Check version info in Veil at runtime)
aws-well-architected-labs - Hands on labs and code to help you learn, measure, and build using architectural best practices.
udcide - Android Malware Behavior Deleter
endgame - An AWS Pentesting tool that lets you use one-liner commands to backdoor an AWS account's resources with a rogue AWS account - or share the resources with the entire internet 😈