Rhino Security Labs's repositories
Security-Research
Exploits written by the Rhino Security Labs team
AWS-IAM-Privilege-Escalation
A centralized source of all AWS IAM privilege escalation methods released by Rhino Security Labs.
IPRotate_Burp_Extension
Extension for Burp Suite which uses AWS API Gateway to rotate your IP on every request.
GCPBucketBrute
A script to enumerate Google Storage buckets, determine what access you have to them, and determine if they can be privilege escalated.
Cloud-Security-Research
Cloud-related research releases from the Rhino Security Labs team.
GCP-IAM-Privilege-Escalation
A collection of GCP IAM privilege escalation methods documented by the Rhino Security Labs team.
Swagger-EZ
A tool geared towards pentesting APIs using OpenAPI definitions.
Aggressor-Scripts
Aggregation of Cobalt Strike's aggressor scripts.
IAMActionHunter
An AWS IAM policy statement parser and query tool.
external_c2_framework
Python api for usage with cobalt strike's External C2 specification
Presentations
A collection of slides, videos, and proof-of-concept scripts from various Rhino presentations.
CloudScraper
CloudScraper: Tool to enumerate targets in search of cloud resources. S3 Buckets, Azure Blobs, Digital Ocean Storage Space.
little-stitch
Send and receive bypassing Little Snitch alerting.
amazon-ssm-agent
Fork of amazon-ssm-agent that can run as any user in parallel with the official service.