Offensive Terraform

terraform-aws-lambda-function-credential-exfiltration Public
Offensive Terraform module which creates Lambda function with existing IAM role. The module invokes it automatically to exfiltrate AWS temporary credential from environment variables and send it back with response.

offensive-terraform/terraform-aws-lambda-function-credential-exfiltration’s past year of commit activity

HCL 10 Apache-2.0 2 0 1 Updated May 21, 2021
offensive-terraform.github.io Public
Offensive Terraform Website

offensive-terraform/offensive-terraform.github.io’s past year of commit activity

JavaScript 44 3 0 0 Updated Oct 8, 2020
terraform-aws-ec2-kali-linux Public
Offensive Terraform module which creates Kali Linux from the AWS marketplace and installs cloud security tools (Pacu, Cloudsplaining, ScoutSuite).

offensive-terraform/terraform-aws-ec2-kali-linux’s past year of commit activity

HCL 18 Apache-2.0 8 0 0 Updated Sep 27, 2020
terraform-aws-ecs-credential-exfiltration Public

offensive-terraform/terraform-aws-ecs-credential-exfiltration’s past year of commit activity

2 Apache-2.0 0 0 0 Updated Sep 20, 2020
terraform-aws-ec2-instance-reverse-shell Public
Offensive Terraform module which creates EC2 instance and reverse shell from an EC2 instance to attacker machine.

offensive-terraform/terraform-aws-ec2-instance-reverse-shell’s past year of commit activity

HCL 17 Apache-2.0 3 0 0 Updated Sep 19, 2020
terraform-aws-s3-subdomain-takeover Public
Offensive Terraform module which takes over a subdomain which has a CNAME record pointing to non-existing S3 bucket in target's Route53. The module creates a S3 bucket with a name as subdomain in the specific AWS region that CNAME record is pointing to. Also, it uploads a simple web page with "404 Page Not Found" text.

offensive-terraform/terraform-aws-s3-subdomain-takeover’s past year of commit activity

HCL 9 Apache-2.0 2 0 0 Updated Sep 18, 2020
terraform-aws-rds-snapshot-publicly-exposed Public
Offensive Terraform module which creates RDS database from a publicly exposed RDS snapshot in attacker's AWS account. After that, attacker can connect to RDS database and inspect it.

offensive-terraform/terraform-aws-rds-snapshot-publicly-exposed’s past year of commit activity

HCL 10 Apache-2.0 0 0 0 Updated Sep 18, 2020
terraform-aws-ebs-snapshot-publicly-exposed Public
Offensive Terraform module which copies publicly exposed EBS snapshot to us-east-1 region in attacker's AWS account and creates EBS volume from the copied EBS snapshot. After that, the module attaches and mounts the EBS volume to an EC2 instance. Finally, attacker can ssh into an EC2 instance and inspect a mounted volume "/usr/src/hack".

offensive-terraform/terraform-aws-ebs-snapshot-publicly-exposed’s past year of commit activity

HCL 14 Apache-2.0 4 0 0 Updated Sep 18, 2020
terraform-aws-iam-create-user-persistence Public
Offensive Terraform module which creates IAM user, access key then attaches managed IAM Policy to an IAM user.

offensive-terraform/terraform-aws-iam-create-user-persistence’s past year of commit activity

HCL 8 Apache-2.0 0 0 0 Updated Sep 18, 2020
terraform-aws-ec2-instance-credential-exfiltration Public
Offensive Terraform module which creates EC2 instance and exfiltrate credential from Instance metadata to external URL.

offensive-terraform/terraform-aws-ec2-instance-credential-exfiltration’s past year of commit activity

HCL 6 Apache-2.0 0 0 0 Updated Sep 18, 2020

View all repositories

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Offensive Terraform

Popular repositories Loading

Repositories

People

Top languages

Most used topics