Moya Lee's repositories
awesome-cloud-native-security
awesome resources about cloud native security 🐿
ARL
ARL官方仓库备份项目:ARL(Asset Reconnaissance Lighthouse)资产侦察灯塔系统旨在快速侦察与目标关联的互联网资产,构建基础资产信息库。 协助甲方安全团队或者渗透测试人员有效侦察和检索资产,发现存在的薄弱点和攻击面。
CDK
CDK is an open-sourced container penetration toolkit, offering stable exploitation in different slimmed containers without any OS dependency. It comes with penetration tools and many powerful PoCs/EXPs helps you to escape container and takeover K8s cluster easily.
cloudTools
cloudTools
ctrsploit
A penetration toolkit for container environment
DSRE
数据安全风险枚举框架(Data Security Risk Enumeration)
FakeToa
Fake IP sources using Linux's BPF feature
falco
Cloud Native Runtime Security
findmytakeover
find dangling domains in a multi cloud environment
ghostbuster
Eliminate dangling elastic IPs by performing analysis on your resources within all your AWS accounts.
HowToCook
程序员在家做饭方法指南。
kubescape
kubescape is the first tool for testing if Kubernetes is deployed securely as defined in Kubernetes Hardening Guidance by to NSA and CISA (https://www.nsa.gov/News-Features/Feature-Stories/Article-View/Article/2716980/nsa-cisa-release-kubernetes-hardening-guidance/)
kubesploit
Kubesploit is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in Golang, focused on containerized environments.
metarget
Metarget is a framework providing automatic constructions of vulnerable infrastructures.
listenermoya.github.io
my blog
metasploit-framework
Metasploit Framework
pacu
The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.
ScoutSuite
Multi-Cloud Security Auditing Tool
TerraformGoat
TerraformGoat is HuoCorp research lab's "Vulnerable by Design" multi cloud deployment tool.
ThreatMapper
🔥 🔥 Open source cloud native security observability platform. Linux, K8s, AWS Fargate and more. 🔥 🔥