Skip to content
@offensive-terraform

Offensive Terraform

Offensive Terraform Modules

Popular repositories Loading

  1. offensive-terraform.github.io offensive-terraform.github.io Public

    Offensive Terraform Website

    JavaScript 44 3

  2. terraform-aws-ec2-kali-linux terraform-aws-ec2-kali-linux Public

    Offensive Terraform module which creates Kali Linux from the AWS marketplace and installs cloud security tools (Pacu, Cloudsplaining, ScoutSuite).

    HCL 18 8

  3. terraform-aws-ec2-instance-reverse-shell terraform-aws-ec2-instance-reverse-shell Public

    Offensive Terraform module which creates EC2 instance and reverse shell from an EC2 instance to attacker machine.

    HCL 17 3

  4. terraform-aws-ebs-snapshot-publicly-exposed terraform-aws-ebs-snapshot-publicly-exposed Public

    Offensive Terraform module which copies publicly exposed EBS snapshot to us-east-1 region in attacker's AWS account and creates EBS volume from the copied EBS snapshot. After that, the module attac…

    HCL 14 4

  5. terraform-aws-cross-account-persistence terraform-aws-cross-account-persistence Public

    Offensive Terraform module which creates an IAM role with trust relationship with attacker's AWS account and attaches managed IAM Policy to an IAM role.

    HCL 12 1

  6. terraform-aws-lambda-function-credential-exfiltration terraform-aws-lambda-function-credential-exfiltration Public

    Offensive Terraform module which creates Lambda function with existing IAM role. The module invokes it automatically to exfiltrate AWS temporary credential from environment variables and send it ba…

    HCL 10 2

Repositories

Showing 10 of 11 repositories
  • terraform-aws-lambda-function-credential-exfiltration Public

    Offensive Terraform module which creates Lambda function with existing IAM role. The module invokes it automatically to exfiltrate AWS temporary credential from environment variables and send it back with response.

    offensive-terraform/terraform-aws-lambda-function-credential-exfiltration’s past year of commit activity
    HCL 10 Apache-2.0 2 0 1 Updated May 21, 2021
  • offensive-terraform.github.io Public

    Offensive Terraform Website

    offensive-terraform/offensive-terraform.github.io’s past year of commit activity
    JavaScript 44 3 0 0 Updated Oct 8, 2020
  • terraform-aws-ec2-kali-linux Public

    Offensive Terraform module which creates Kali Linux from the AWS marketplace and installs cloud security tools (Pacu, Cloudsplaining, ScoutSuite).

    offensive-terraform/terraform-aws-ec2-kali-linux’s past year of commit activity
    HCL 18 Apache-2.0 8 0 0 Updated Sep 27, 2020
  • offensive-terraform/terraform-aws-ecs-credential-exfiltration’s past year of commit activity
    2 Apache-2.0 0 0 0 Updated Sep 20, 2020
  • terraform-aws-ec2-instance-reverse-shell Public

    Offensive Terraform module which creates EC2 instance and reverse shell from an EC2 instance to attacker machine.

    offensive-terraform/terraform-aws-ec2-instance-reverse-shell’s past year of commit activity
    HCL 17 Apache-2.0 3 0 0 Updated Sep 19, 2020
  • terraform-aws-s3-subdomain-takeover Public

    Offensive Terraform module which takes over a subdomain which has a CNAME record pointing to non-existing S3 bucket in target's Route53. The module creates a S3 bucket with a name as subdomain in the specific AWS region that CNAME record is pointing to. Also, it uploads a simple web page with "404 Page Not Found" text.

    offensive-terraform/terraform-aws-s3-subdomain-takeover’s past year of commit activity
    HCL 9 Apache-2.0 2 0 0 Updated Sep 18, 2020
  • terraform-aws-rds-snapshot-publicly-exposed Public

    Offensive Terraform module which creates RDS database from a publicly exposed RDS snapshot in attacker's AWS account. After that, attacker can connect to RDS database and inspect it.

    offensive-terraform/terraform-aws-rds-snapshot-publicly-exposed’s past year of commit activity
    HCL 10 Apache-2.0 0 0 0 Updated Sep 18, 2020
  • terraform-aws-ebs-snapshot-publicly-exposed Public

    Offensive Terraform module which copies publicly exposed EBS snapshot to us-east-1 region in attacker's AWS account and creates EBS volume from the copied EBS snapshot. After that, the module attaches and mounts the EBS volume to an EC2 instance. Finally, attacker can ssh into an EC2 instance and inspect a mounted volume "/usr/src/hack".

    offensive-terraform/terraform-aws-ebs-snapshot-publicly-exposed’s past year of commit activity
    HCL 14 Apache-2.0 4 0 0 Updated Sep 18, 2020
  • terraform-aws-iam-create-user-persistence Public

    Offensive Terraform module which creates IAM user, access key then attaches managed IAM Policy to an IAM user.

    offensive-terraform/terraform-aws-iam-create-user-persistence’s past year of commit activity
    HCL 8 Apache-2.0 0 0 0 Updated Sep 18, 2020
  • terraform-aws-ec2-instance-credential-exfiltration Public

    Offensive Terraform module which creates EC2 instance and exfiltrate credential from Instance metadata to external URL.

    offensive-terraform/terraform-aws-ec2-instance-credential-exfiltration’s past year of commit activity
    HCL 6 Apache-2.0 0 0 0 Updated Sep 18, 2020

Top languages

HCL JavaScript

Most used topics

Loading…