Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/wavestone-cdt/hadoop-attack-library
A collection of pentest tools and resources targeting Hadoop environments
https://github.com/wavestone-cdt/hadoop-attack-library
bigdata hadoop pentest
Last synced: 24 days ago
JSON representation
A collection of pentest tools and resources targeting Hadoop environments
- Host: GitHub
- URL: https://github.com/wavestone-cdt/hadoop-attack-library
- Owner: wavestone-cdt
- Created: 2017-02-28T12:46:45.000Z (almost 8 years ago)
- Default Branch: master
- Last Pushed: 2021-09-09T07:21:41.000Z (over 3 years ago)
- Last Synced: 2024-08-04T23:10:49.814Z (4 months ago)
- Topics: bigdata, hadoop, pentest
- Language: Python
- Size: 65.8 MB
- Stars: 255
- Watchers: 18
- Forks: 64
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
- awesome-security-collection - **184**星
README
Hadoop Attack Library
=====================Description
-----------
A collection of pentest tools and resources targeting Hadoop environmentsOutline
-------
This repository is composed of two kind of information and organised accordingly:
* **Tools, Techniques and Procedures** to attack an Hadoop environment, in the `Tools Techniques and Procedures` folder
* **Key vulnerabilities on Hadoop components (Hadoop Common, HDFS, YARN etc.)**, in the `Hadoop components vulnerabilities` folder
* **Key vulnerabilities in third-party components** often used in Hadoop environments, in the `Third-party modules vulnerabilities` folder
Practical hands-on
------------------
If you quickly want to get your hands into the resources provided here, you might read the **following resources in that specific order:**
1. [Set up an Hadoop attack environment](Tools%20Techniques%20and%20Procedures%2fSetting%20up%20an%20Hadoop%20attack%20environment)
2. [Get the target environment configuration](Tools%20Techniques%20and%20Procedures%2fGetting%20the%20target%20environment%20configuration)
3. [Map the infrastructure](Tools%20Techniques%20and%20Procedures%2fMapping%20the%20infrastructure)
4. [Browse the HDFS datalake](Tools%20Techniques%20and%20Procedures%2fBrowsing%20the%20HDFS%20datalake)
5. [Execute remote commands](Tools%20Techniques%20and%20Procedures%2fExecuting%20remote%20commands)
Copyright and license
---------------------
All product names, logos, and brands are property of their respective owners.
All resources published in the Hadoop Attack Library are free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
See the GNU General Public License for more details.
Disclaimer
----------
Resources provided here are the result of security research and should not be used for illegal purposes.
Wavestone and CERT-W cannot be held responsible for any misuse or damage from any material provided here.
Contact
-------
* Thomas Debize < thomas.debize at wavestone d0t com >
* Mahdi Braik < mahdi.braik at wavestone d0t com >
* CERT-W < cert at wavestone d0t com >