- Pentesting CI/CD Methodology
- Github Security
- Gitea Security
- Concourse Security
- CircleCI Security
- TravisCI Security
- Jenkins Security
- Apache Airflow Security
- Terraform Security
- Atlantis Security
- Cloudflare Security
- Okta Security
- Serverless.com Security
- Supabase Security
- Ansible Tower / AWX / Automation controller Security
- Vercel Security
- TODO
- Pentesting Cloud Methodology
- Kubernetes Pentesting
- Kubernetes Basics
- Pentesting Kubernetes Services
- Exposing Services in Kubernetes
- Attacking Kubernetes from inside a Pod
- Kubernetes Enumeration
- Kubernetes Role-Based Access Control(RBAC)
- Abusing Roles/ClusterRoles in Kubernetes
- Kubernetes Namespace Escalation
- Kubernetes External Secret Operator
- Kubernetes Pivoting to Clouds
- Kubernetes Network Attacks
- Kubernetes Hardening
- Kubernetes OPA Gatekeeper
- Kubernetes Kyverno
- Kubernetes ValidatingWebhookConfiguration
- GCP Pentesting
- GCP - Basic Information
- GCP - Permissions for a Pentest
- GCP - Post Exploitation
- GCP - App Engine Post Exploitation
- GCP - Artifact Registry Post Exploitation
- GCP - Cloud Build Post Exploitation
- GCP - Cloud Functions Post Exploitation
- GCP - Cloud Run Post Exploitation
- GCP - Cloud Shell Post Exploitation
- GCP - Cloud SQL Post Exploitation
- GCP - Compute Post Exploitation
- GCP - Filestore Post Exploitation
- GCP - IAM Post Exploitation
- GCP - KMS Post Exploitation
- GCP - Logging Post Exploitation
- GCP - Monitoring Post Exploitation
- GCP - Pub/Sub Post Exploitation
- GCP - Secretmanager Post Exploitation
- GCP - Security Post Exploitation
- GCP - Workflows Post Exploitation
- GCP - Storage Post Exploitation
- GCP - Privilege Escalation
- GCP - Apikeys Privesc
- GCP - AppEngine Privesc
- GCP - Artifact Registry Privesc
- GCP - Batch Privesc
- GCP - BigQuery Privesc
- GCP - ClientAuthConfig Privesc
- GCP - Cloudbuild Privesc
- GCP - Cloudfunctions Privesc
- GCP - Cloudidentity Privesc
- GCP - Cloud Scheduler Privesc
- GCP - Compute Privesc
- GCP - Composer Privesc
- GCP - Container Privesc
- GCP - Deploymentmaneger Privesc
- GCP - IAM Privesc
- GCP - KMS Privesc
- GCP - Orgpolicy Privesc
- GCP - Pubsub Privesc
- GCP - Resourcemanager Privesc
- GCP - Run Privesc
- GCP - Secretmanager Privesc
- GCP - Serviceusage Privesc
- GCP - Sourcerepos Privesc
- GCP - Storage Privesc
- GCP - Workflows Privesc
- GCP - Generic Permissions Privesc
- GCP - Network Docker Escape
- GCP - local privilege escalation ssh pivoting
- GCP - Persistence
- GCP - API Keys Persistence
- GCP - App Engine Persistence
- GCP - Artifact Registry Persistence
- GCP - BigQuery Persistence
- GCP - Cloud Functions Persistence
- GCP - Cloud Run Persistence
- GCP - Cloud Shell Persistence
- GCP - Cloud SQL Persistence
- GCP - Compute Persistence
- GCP - Dataflow Persistence
- GCP - Filestore Persistence
- GCP - Logging Persistence
- GCP - Secret Manager Persistence
- GCP - Storage Persistence
- GCP - Token Persistance
- GCP - Services
- GCP - AI Platform Enum
- GCP - API Keys Enum
- GCP - App Engine Enum
- GCP - Artifact Registry Enum
- GCP - Batch Enum
- GCP - Bigquery Enum
- GCP - Bigtable Enum
- GCP - Cloud Build Enum
- GCP - Cloud Functions Enum
- GCP - Cloud Run Enum
- GCP - Cloud Shell Enum
- GCP - Cloud SQL Enum
- GCP - Cloud Scheduler Enum
- GCP - Compute Enum
- GCP - Composer Enum
- GCP - Containers & GKE Enum
- GCP - DNS Enum
- GCP - Filestore Enum
- GCP - Firebase Enum
- GCP - Firestore Enum
- GCP - IAM, Principals & Org Policies Enum
- GCP - KMS Enum
- GCP - Logging Enum
- GCP - Memorystore Enum
- GCP - Monitoring Enum
- GCP - Pub/Sub Enum
- GCP - Secrets Manager Enum
- GCP - Security Enum
- GCP - Source Repositories Enum
- GCP - Spanner Enum
- GCP - Stackdriver Enum
- GCP - Storage Enum
- GCP - Workflows Enum
- GCP <--> Workspace Pivoting
- GCP - Unauthenticated Enum & Access
- GCP - API Keys Unauthenticated Enum
- GCP - App Engine Unauthenticated Enum
- GCP - Artifact Registry Unauthenticated Enum
- GCP - Cloud Build Unauthenticated Enum
- GCP - Cloud Functions Unauthenticated Enum
- GCP - Cloud Run Unauthenticated Enum
- GCP - Cloud SQL Unauthenticated Enum
- GCP - Compute Unauthenticated Enum
- GCP - IAM, Principals & Org Unauthenticated Enum
- GCP - Source Repositories Unauthenticated Enum
- GCP - Storage Unauthenticated Enum
- GWS - Workspace Pentesting
- AWS Pentesting
- AWS - Basic Information
- AWS - Permissions for a Pentest
- AWS - Persistence
- AWS - API Gateway Persistence
- AWS - Cognito Persistence
- AWS - DynamoDB Persistence
- AWS - EC2 Persistence
- AWS - ECR Persistence
- AWS - ECS Persistence
- AWS - Elastic Beanstalk Persistence
- AWS - EFS Persistence
- AWS - IAM Persistence
- AWS - KMS Persistence
- AWS - Lambda Persistence
- AWS - Lightsail Persistence
- AWS - RDS Persistence
- AWS - S3 Persistence
- AWS - SNS Persistence
- AWS - Secrets Manager Persistence
- AWS - SQS Persistence
- AWS - SSM Perssitence
- AWS - Step Functions Persistence
- AWS - STS Persistence
- AWS - Post Exploitation
- AWS - API Gateway Post Exploitation
- AWS - CloudFront Post Exploitation
- AWS - CodeBuild Post Exploitation
- AWS - Control Tower Post Exploitation
- AWS - DLM Post Exploitation
- AWS - DynamoDB Post Exploitation
- AWS - EC2, EBS, SSM & VPC Post Exploitation
- AWS - ECR Post Exploitation
- AWS - ECS Post Exploitation
- AWS - EFS Post Exploitation
- AWS - EKS Post Exploitation
- AWS - Elastic Beanstalk Post Exploitation
- AWS - IAM Post Exploitation
- AWS - KMS Post Exploitation
- AWS - Lambda Post Exploitation
- AWS - Lightsail Post Exploitation
- AWS - Organizations Post Exploitation
- AWS - RDS Post Exploitation
- AWS - S3 Post Exploitation
- AWS - Secrets Manager Post Exploitation
- AWS - SES Post Exploitation
- AWS - SNS Post Exploitation
- AWS - SQS Post Exploitation
- AWS - SSO & identitystore Post Exploitation
- AWS - Step Functions Post Exploitation
- AWS - STS Post Exploitation
- AWS - VPN Post Exploitation
- AWS - Privilege Escalation
- AWS - Apigateway Privesc
- AWS - Chime Privesc
- AWS - Codebuild Privesc
- AWS - Codepipeline Privesc
- AWS - Codestar Privesc
- AWS - Cloudformation Privesc
- AWS - Cognito Privesc
- AWS - Datapipeline Privesc
- AWS - Directory Services Privesc
- AWS - DynamoDB Privesc
- AWS - EBS Privesc
- AWS - EC2 Privesc
- AWS - ECR Privesc
- AWS - ECS Privesc
- AWS - EFS Privesc
- AWS - Elastic Beanstalk Privesc
- AWS - EMR Privesc
- AWS - EventBridge Scheduler Privesc
- AWS - Gamelift
- AWS - Glue Privesc
- AWS - IAM Privesc
- AWS - KMS Privesc
- AWS - Lambda Privesc
- AWS - Lightsail Privesc
- AWS - Mediapackage Privesc
- AWS - MQ Privesc
- AWS - MSK Privesc
- AWS - RDS Privesc
- AWS - Redshift Privesc
- AWS - Route53 Privesc
- AWS - SNS Privesc
- AWS - SQS Privesc
- AWS - SSO & identitystore Privesc
- AWS - Organizations Privesc
- AWS - S3 Privesc
- AWS - Sagemaker Privesc
- AWS - Secrets Manager Privesc
- AWS - SSM Privesc
- AWS - Step Functions Privesc
- AWS - STS Privesc
- AWS - WorkDocs Privesc
- AWS - Services
- AWS - Security & Detection Services
- AWS - CloudTrail Enum
- AWS - CloudWatch Enum
- AWS - Config Enum
- AWS - Control Tower Enum
- AWS - Cost Explorer Enum
- AWS - Detective Enum
- AWS - Firewall Manager Enum
- AWS - GuardDuty Enum
- AWS - Inspector Enum
- AWS - Macie Enum
- AWS - Security Hub Enum
- AWS - Shield Enum
- AWS - Trusted Advisor Enum
- AWS - WAF Enum
- AWS - API Gateway Enum
- AWS - Certificate Manager (ACM) & Private Certificate Authority (PCA)
- AWS - CloudFormation & Codestar Enum
- AWS - CloudHSM Enum
- AWS - CloudFront Enum
- AWS - Codebuild Enum
- AWS - Cognito Enum
- AWS - DataPipeline, CodePipeline & CodeCommit Enum
- AWS - Directory Services / WorkDocs Enum
- AWS - DocumentDB Enum
- AWS - DynamoDB Enum
- AWS - EC2, EBS, ELB, SSM, VPC & VPN Enum
- AWS - ECR Enum
- AWS - ECS Enum
- AWS - EKS Enum
- AWS - Elastic Beanstalk Enum
- AWS - ElastiCache
- AWS - EMR Enum
- AWS - EFS Enum
- AWS - EventBridge Scheduler Enum
- AWS - Kinesis Data Firehose Enum
- AWS - IAM, Identity Center & SSO Enum
- AWS - KMS Enum
- AWS - Lambda Enum
- AWS - Lightsail Enum
- AWS - MQ Enum
- AWS - MSK Enum
- AWS - Organizations Enum
- AWS - Redshift Enum
- AWS - Relational Database (RDS) Enum
- AWS - Route53 Enum
- AWS - Secrets Manager Enum
- AWS - SES Enum
- AWS - SNS Enum
- AWS - SQS Enum
- AWS - S3, Athena & Glacier Enum
- AWS - Step Functions Enum
- AWS - STS Enum
- AWS - Other Services Enum
- AWS - Security & Detection Services
- AWS - Unauthenticated Enum & Access
- AWS - Accounts Unauthenticated Enum
- AWS - API Gateway Unauthenticated Enum
- AWS - Cloudfront Unauthenticated Enum
- AWS - Cognito Unauthenticated Enum
- AWS - CodeBuild Unauthenticated Access
- AWS - DocumentDB Unauthenticated Enum
- AWS - DynamoDB Unauthenticated Access
- AWS - EC2 Unauthenticated Enum
- AWS - ECR Unauthenticated Enum
- AWS - ECS Unauthenticated Enum
- AWS - Elastic Beanstalk Unauthenticated Enum
- AWS - Elasticsearch Unauthenticated Enum
- AWS - IAM & STS Unauthenticated Enum
- AWS - Identity Center & SSO Unauthenticated Enum
- AWS - IoT Unauthenticated Enum
- AWS - Kinesis Video Unauthenticated Enum
- AWS - Lambda Unauthenticated Access
- AWS - Media Unauthenticated Enum
- AWS - MQ Unauthenticated Enum
- AWS - MSK Unauthenticated Enum
- AWS - RDS Unauthenticated Enum
- AWS - Redshift Unauthenticated Enum
- AWS - SQS Unauthenticated Enum
- AWS - SNS Unauthenticated Enum
- AWS - S3 Unauthenticated Enum
- Azure Pentesting
- Az - Basic Information
- Az - Enumeration Tools
- Az - Unauthenticated Enum & Initial Entry
- Az - Services
- Az - Entra ID (AzureAD) & Azure IAM
- Az - ACR
- Az - Application Proxy
- Az - ARM Templates / Deployments
- Az - Automation Account
- Az - Azure App Service & Function Apps
- Az - Intune
- Az - File Shares
- Az - Function Apps
- Az - Key Vault
- Az - Logic Apps
- Az - Management Groups, Subscriptions & Resource Groups
- Az - Queue Storage
- Az - Service Bus
- Az - SQL
- Az - Storage Accounts & Blobs
- Az - Table Storage
- Az - Virtual Machines & Network
- Az - Permissions for a Pentest
- Az - Lateral Movement (Cloud - On-Prem)
- Az - Post Exploitation
- Az - Privilege Escalation
- Az - Persistence
- Az - Device Registration
- Digital Ocean Pentesting
- IBM Cloud Pentesting
- OpenShift Pentesting