Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

https://github.com/puresec/lambda-proxy

Lambda-Proxy creates an HTTP proxy listening on localhost port 8082. When it receives an HTTP POST request with a very specific structure , it will parse the request, extract the relevant data required for the test, and will invoke your AWS Lambda function using the AWS SDK client.invoke() method. It was created for testing AWS Lambda functions with SQLMap as described here: https://www.puresec.io/blog/automated-sql-injection-testing-of-serverless-functions-on-a-shoestring-budget-and-some-good-music
https://github.com/puresec/lambda-proxy

Last synced: 2 months ago
JSON representation

Host: GitHub
URL: https://github.com/puresec/lambda-proxy
Owner: puresec
License: apache-2.0
Created: 2018-06-13T11:21:46.000Z (about 6 years ago)
Default Branch: master
Last Pushed: 2019-01-11T07:08:46.000Z (over 5 years ago)
Last Synced: 2024-01-26T10:10:14.334Z (5 months ago)
Language: Python
Homepage: https://www.puresec.io
Size: 7.81 KB
Stars: 38
Watchers: 5
Forks: 2
Open Issues: 0
Metadata Files:
- Readme: README.md
- License: LICENSE

Lists

awesome-pentest - Lambda-Proxy - Utility for testing SQL Injection vulnerabilities on AWS Lambda serverless functions. (Network Tools / Proxies and Machine-in-the-Middle (MITM) Tools)
awesome-pentest-resource - Lambda-Proxy - Utility for testing SQL Injection vulnerabilities on AWS Lambda serverless functions. (Network Tools / Proxies and Machine-in-the-Middle (MITM) Tools)
awesome-pentest - Lambda-Proxy - Utility for testing SQL Injection vulnerabilities on AWS Lambda serverless functions. (Network Tools / Proxies and Machine-in-the-Middle (MITM) Tools)
awesome-pentest - Lambda-Proxy - Utility for testing SQL Injection vulnerabilities on AWS Lambda serverless functions. (Network Tools / Proxies and Machine-in-the-Middle (MITM) Tools)
awesome-penetest - Lambda-Proxy - Utility for testing SQL Injection vulnerabilities on AWS Lambda serverless functions. (Network Tools / Proxies and Machine-in-the-Middle (MITM) Tools)
awesome-pentest - Lambda-Proxy - Utility for testing SQL Injection vulnerabilities on AWS Lambda serverless functions. (Tools / Network Tools)
awesome-pentest - Lambda-Proxy - Utility for testing SQL Injection vulnerabilities on AWS Lambda serverless functions. (Network Tools / Proxies and Machine-in-the-Middle (MITM) Tools)
awesome-pentest - Lambda-Proxy - Utility for testing SQL Injection vulnerabilities on AWS Lambda serverless functions. (Network Tools / Proxies and Machine-in-the-Middle (MITM) Tools)
awesome-pentest - Lambda-Proxy - Utility for testing SQL Injection vulnerabilities on AWS Lambda serverless functions. (Network Tools / Proxies and Machine-in-the-Middle (MITM) Tools)
awesome-pentest - Lambda-Proxy - Utility for testing SQL Injection vulnerabilities on AWS Lambda serverless functions. (Network Tools / Proxies and Machine-in-the-Middle (MITM) Tools)
venom - `Lambda-Proxy` - Utility for testing SQL Injection vulnerabilities on AWS Lambda serverless functions. (Network / Proxies and Machine-in-the-Middle (MITM) Tools)
fucking-awesome-pentest - Lambda-Proxy - Utility for testing SQL Injection vulnerabilities on AWS Lambda serverless functions. (Network Tools / Proxies and Machine-in-the-Middle (MITM) Tools)

README

More details in the following blog post: https://www.puresec.io/blog/automated-sql-injection-testing-of-serverless-functions-on-a-shoestring-budget-and-some-good-music

A simple utility to help test AWS Lambda functions for SQL Injection vulnerabilities, using a local HTTP proxy, which transforms the SQLMap HTTP-based attacks to AWS Lambda invoke calls.

Run lambda-proxy
```console
$ python3 main.py
```
Update request.txt, which is the file containing your Lambda function's event data, and run

```console
$ sqlmap -r request.txt
```