Ghost Framework is an Android post-exploitation framework that exploits the Android Debug Bridge to remotely access an Android device.

Cloudsplaining is an AWS IAM Security Assessment tool that identifies violations of least privilege and generates a risk-prioritized report.

ELF Shared library injector using DT_NEEDED precedence infection. Acts as a permanent LD_PRELOAD

IAM Least Privilege Policy Generator

A simple tool to decloak/expose the bucket name behind a domain.

Cloud Container Attack Tool (CCAT) is a tool for testing security of container environments.

Nothing Cloud: Nothing Is Ready For Kubernetes

Automated NoSQL database enumeration and web application exploitation tool.

A collection of scripts for assessing Microsoft Azure security

Undocumented Amazon S3 APIs and third-party extensions

Enumerate the permissions associated with AWS credential set

Search the common crawl using lambda functions

Manage GuardDuty At Enterprise Scale

⛔ offsec batteries included

A script to enumerate Google Storage buckets, determine what access you have to them, and determine if they can be privilege escalated.

This is an offensive guide to securing AWS infrastructures. The hope is that by knowing how to take advantage of various types of AWS weaknesses you will be verse enough to provide the correct coun…

siberas JMX exploitation toolkit

TrueType and OpenType font fuzzing toolset

A collection of slides, videos, and proof-of-concept scripts from various Rhino presentations.

Bash post exploitation toolkit

CloudGoat is Rhino Security Labs' "Vulnerable by Design" AWS deployment tool

The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.

Python api for usage with cobalt strike's External C2 specification

Exploits written by the Rhino Security Labs team