Chrome-extension implant that turns victim Chrome browsers into fully-functional HTTP proxies, allowing you to browse sites as your victims.

Extract and decrypt browser data, supporting multiple data types, runnable on various operating systems (macOS, Windows, Linux).

Offensive security drives defensive security. We're sharing a collection of SaaS attack techniques to help defenders understand the threats they face. #nolockdown

AutoChain: Build lightweight, extensible, and testable LLM Agents

Modern embedded framework, using Rust and async.

Unauthenticated enumeration of AWS, Azure, and GCP Principals

Better than landingzones!

CloudTracker helps you find over-privileged IAM users and roles by comparing CloudTrail logs with current IAM policies.

An Object Graph Mapper (OGM) for the Neo4j graph database.

Internet connectivity for your VPC-attached Lambda functions without a NAT Gateway

A simple HTTP proxy that fogs over naughty URLs

⚡️ The Jamstack framework for Vue.js

Cartography is a Python tool that consolidates infrastructure assets and the relationships between them in an intuitive graph view powered by a Neo4j database.

Powershell Based tool for gathering information related to O365 intrusions and potential Breaches

Prevent cloud misconfigurations and find vulnerabilities during build-time in infrastructure as code, container images and open source packages with Checkov by Bridgecrew.

Generate an IAM policy from AWS, Azure, or Google Cloud (GCP) calls using client-side monitoring (CSM) or embedded proxy

Main Sigma Rule Repository

Automated Attack Simulation in the Cloud, complete with detection use cases.

AWS Least Privilege for Distributed, High-Velocity Deployment

The AWS Cloud Development Kit is a framework for defining cloud infrastructure in code

Define infrastructure resources using programming constructs and provision them using HashiCorp Terraform

AWS IAM linting library

Parse and Process AWS IAM Policies, Statements, ARNs, and wildcards.

🥑 Language focused docker images, minus the operating system.

Bigquery ETL

Lime: Explaining the predictions of any machine learning classifier

A developer toolkit to implement Serverless best practices and increase developer velocity.

Python library to compile, build & package AWS Lambda functions for several runtimes & framework

OpenSnitch is a GNU/Linux interactive application firewall inspired by Little Snitch.