DataDog / stratus-red-team Public

Notifications You must be signed in to change notification settings
Fork 212
Star 1.8k

Code
Issues 42
Pull requests 2
Discussions
Actions
Projects 1
Security
Insights

Additional navigation options

Code
Issues
Pull requests
Discussions
Actions
Projects
Security
Insights

Issues: DataDog/stratus-red-team

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

42 Open 145 Closed

Author

Filter by author

Label

Filter by label

Use alt + click/return to exclude labels

or ⇧ + click/return for logical OR

Projects

Filter by project

Milestones

Filter by milestone

Assignee

Filter by who’s assigned

Assigned to nobody

Sort

Sort by

Newest Oldest Most commented Least commented Recently updated Least recently updated Best match

Most reactions

Issues list

Analyze AWS CIRT post and extract relevant TTPs kind/research

#594 opened Nov 6, 2024 by christophetd

Document Halberd kind/documentation

Improvements or additions to documentation

#584 opened Oct 17, 2024 by christophetd

Add logged operations to the "List of all available attack techniques" page kind/documentation

Improvements or additions to documentation

#582 opened Oct 5, 2024 by lsass-exe

Analyze Sebastian Walla's fwd:cloudsec talk kind/research

#571 opened Sep 19, 2024 by christophetd

Analyze "ransomware in the cloud" post kind/research

#568 opened Sep 10, 2024 by christophetd

Investigate potentially undesirable clean-up behavior on error

#567 opened Sep 10, 2024 by christophetd

Terraform init is painfully slow kind/enhancement

New feature or request

#557 opened Aug 28, 2024 by christophetd

Document permissions required to detonate each attack technique kind/enhancement

New feature or request

#555 opened Aug 27, 2024 by christophetd

New attack techniques: Kubernetes kind/new-technique platform/k8s

#550 opened Aug 8, 2024 by micahhausler

Programmatic usage: allow passing a specific context for detonation kind/enhancement

New feature or request

#545 opened Jul 30, 2024 by christophetd

Analyze AWS CSIRT talk on techniques seen in the wild kind/research platform/aws

#541 opened Jul 5, 2024 by christophetd

New EKS attack technique: Create new admin cluster access management entry to access the cluster kind/new-technique platform/eks

#540 opened Jul 5, 2024 by christophetd Hacker Summer Camp 2024

New attack technique: Lateral movement through GCP Serial Console kind/new-technique platform/gcp priority/seen-in-the-wild

#538 opened Jul 2, 2024 by siigil

New attack technique: Modify Startup Scripts in GCP Compute Metadata kind/new-technique platform/gcp

#537 opened Jul 2, 2024 by siigil

New attack technique: Use GCP OSLogin to Push SSH Keys kind/new-technique platform/gcp

#536 opened Jul 2, 2024 by siigil

New attack technique: Use GCP OSConfig (VM Manager) to Execute Code kind/new-technique platform/gcp

#534 opened Jul 2, 2024 by siigil

New attack technique: Login via Azure Serial Console kind/new-technique platform/azure

#533 opened Jul 2, 2024 by siigil

New attack technique: Modify Startup Scripts in Azure VM Custom Data kind/new-technique platform/azure

#532 opened Jul 2, 2024 by siigil

New attack technnique: Exfiltrate disk of Azure VM by snapshotting it kind/new-technique platform/azure priority/seen-in-the-wild

#510 opened Apr 10, 2024 by christophetd

New attack technique: SendSerialConsoleSSHPublicKey kind/new-technique platform/aws priority/seen-in-the-wild

#487 opened Mar 1, 2024 by christophetd

New attack technique: VMAccess Extension to add SSH keys to VMs kind/new-technique platform/azure

#486 opened Mar 1, 2024 by christophetd

New attack technique: Snapshot existing volume and attach to compromised EC2 instance kind/new-technique platform/aws

#485 opened Mar 1, 2024 by christophetd

Add references to S3 ransomware in the wild to existing S3 attack techniques good first issue

Good for newcomers

kind/documentation

Improvements or additions to documentation

kind/enhancement

New feature or request

platform/aws

#484 opened Feb 21, 2024 by christophetd

Backdoor AWS account using "guest" role in Cognito Identity Pool kind/new-technique platform/aws

#450 opened Dec 12, 2023 by christophetd

Azure execution through serial console kind/new-technique platform/azure priority/seen-in-the-wild

#410 opened Sep 15, 2023 by christophetd

Previous 1 2 Next

Previous Next

ProTip! Type g i on any issue or pull request to go back to the issue listing page.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly