AWS pwn Logo

AWS pwn

0
Free
Visit Website

This is a collection of horribly written scripts for performing various tasks related to penetration testing AWS. Please don't be sad if it doesn't work for you. It might be that AWS has changed since a given tool was written or it might be that the code sux. Either way, please feel free to contribute. Most of this junk was written by Daniel Grzelak but there's been plenty of contributions, most notably Mike Fuller. Requirements: pip install -r requirements.txt. Make sure to also set up your AWS credentials in ~/.aws/credentials.

FEATURES

ALTERNATIVES

A tutorial on how to use Apache mod_rewrite to randomly serve payloads in phishing attacks

Customize Empire's GET request URIs, user agent, and headers for evading detection and masquerading as other applications.

RedWarden is a Cobalt Strike C2 Reverse proxy that evades detection by Blue Teams, AVs, EDRs, and scanners through packet inspection and malleable profile correlation.

Mortar is an evasion technique to defeat and divert detection and prevention of security products, including AV, EDR, and XDR solutions.

A tool for interacting with the MSBuild API, enabling malicious activities and evading detection.

Pentest active directory LAB project for practicing attack techniques.

Collection of URLs for vulnerable web applications and systems for cybersecurity practice.

A unified repository for different Metasploit Framework payloads.

PINNED