Giters
Rhino Security Labs (RhinoSecurityLabs)

Rhino Security Labs

RhinoSecurityLabs

Geek Repo

A boutique penetration testing and security assessment firm in Seattle, WA.

Location:Seattle, WA

Home Page:https://rhinosecuritylabs.com

Github PK Tool:Github PK Tool

Rhino Security Labs's repositories

pacu

The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.

Language:PythonLicense:BSD-3-ClauseStargazers:4083Issues:109Issues:122

cloudgoat

CloudGoat is Rhino Security Labs' "Vulnerable by Design" AWS deployment tool

Language:PythonLicense:BSD-3-ClauseStargazers:2781Issues:71Issues:104

Security-Research

Exploits written by the Rhino Security Labs team

Language:PythonLicense:BSD-3-ClauseStargazers:1044Issues:62Issues:14

AWS-IAM-Privilege-Escalation

A centralized source of all AWS IAM privilege escalation methods released by Rhino Security Labs.

License:BSD-3-ClauseStargazers:883Issues:33Issues:1

IPRotate_Burp_Extension

Extension for Burp Suite which uses AWS API Gateway to rotate your IP on every request.

Language:PythonStargazers:779Issues:18Issues:49

CVEs

A collection of proof-of-concept exploit scripts written by the team at Rhino Security Labs for various CVEs.

Language:PythonLicense:BSD-3-ClauseStargazers:770Issues:39Issues:3

ccat

Cloud Container Attack Tool (CCAT) is a tool for testing security of container environments.

Language:PythonLicense:BSD-3-ClauseStargazers:576Issues:23Issues:2

SleuthQL

Python3 Burp History parsing tool to discover potential SQL injection points. To be used in tandem with SQLmap.

Language:PythonLicense:BSD-3-Clause-ClearStargazers:460Issues:24Issues:7

GCPBucketBrute

A script to enumerate Google Storage buckets, determine what access you have to them, and determine if they can be privilege escalated.

Language:PythonLicense:BSD-3-ClauseStargazers:451Issues:8Issues:8

Cloud-Security-Research

Cloud-related research releases from the Rhino Security Labs team.

Language:PythonLicense:BSD-3-ClauseStargazers:349Issues:22Issues:1

GCP-IAM-Privilege-Escalation

A collection of GCP IAM privilege escalation methods documented by the Rhino Security Labs team.

Language:PythonLicense:BSD-3-ClauseStargazers:320Issues:9Issues:6

Swagger-EZ

A tool geared towards pentesting APIs using OpenAPI definitions.

Language:JavaScriptLicense:BSD-3-ClauseStargazers:165Issues:5Issues:1

Aggressor-Scripts

Aggregation of Cobalt Strike's aggressor scripts.

Language:PowerShellStargazers:146Issues:9Issues:1

IAMActionHunter

An AWS IAM policy statement parser and query tool.

Language:PythonLicense:Apache-2.0Stargazers:143Issues:2Issues:0

dsnap

Utility for downloading and mounting EBS snapshots using the EBS Direct API's

Language:PythonLicense:BSD-3-ClauseStargazers:66Issues:5Issues:6

external_c2_framework

Python api for usage with cobalt strike's External C2 specification

Language:PythonStargazers:65Issues:7Issues:0

Presentations

A collection of slides, videos, and proof-of-concept scripts from various Rhino presentations.

License:BSD-3-ClauseStargazers:37Issues:8Issues:0

CloudScraper

CloudScraper: Tool to enumerate targets in search of cloud resources. S3 Buckets, Azure Blobs, Digital Ocean Storage Space.

Language:PythonLicense:MITStargazers:26Issues:2Issues:0

little-stitch

Send and receive bypassing Little Snitch alerting.

Language:GoStargazers:9Issues:4Issues:0

amazon-ssm-agent

Fork of amazon-ssm-agent that can run as any user in parallel with the official service.

Language:GoLicense:Apache-2.0Stargazers:4Issues:1Issues:0