dafthack/CloudPentestCheatsheets

Features

• Cloud Security Assessors - Evaluates cloud environments for misconfigured resources and overly permissive settings across major providers.
• Security Command Collections - Organizes provider-specific CLI commands into categorized lists to streamline the enumeration of cloud infrastructure.
• Cloud Asset Discoverers - Provides a curated set of commands and checklists to identify and list cloud infrastructure resources.
• Cloud Pentesting Knowledge Bases - Provides a structured collection of checklists and commands for auditing security and identifying cloud misconfigurations.
• Cloud Service Reference Guides - Provides technical reference materials for enumerating assets and testing offensive security postures across cloud providers.
• Security Audit Workflows - Provides structured sequences of verification steps for systematically identifying security flaws in cloud environments.
• Penetration Testing Suites - Provides a curated collection of tools and commands for executing structured offensive security tests on cloud services.
• Command Execution Cheat Sheets - Ships as a reference guide for shell commands and payload execution techniques tailored for cloud penetration testing.
• Version-Controlled Knowledge Bases - Utilizes a version-controlled knowledge base to store and track technical instructional content.
• Markdown Content Structures - Structures technical security guidance using hierarchical Markdown files for navigable documentation.
• Vendor-Specific Guidance Segments - Separates security guidance by cloud vendor to allow targeted navigation of environment-specific misconfigurations.

Star history