Leonidas
Initializing search
Leonidas
Home
TTPs
TTPs
Credential access
Credential access
Access Secret in Secrets Manager
Defense evasion
Defense evasion
Add new guardduty ip set
Cloudtrail alter encryption configuration
Cloudtrail change destination bucket
Cloudtrail delete trail
Cloudtrail disable global event logging
Cloudtrail disable log file validation
Cloudtrail disable multi-region logging
Cloudtrail disable trail
Cloudtrail remove SNS topic
Delete AWS Config Rule
Delete EBS Snapshot
Disable CloudWatch Alarms
Disable EKS API audit logging
Disable GuardDuty
Suspend GuardDuty
Update guardduty ip set
Discovery
Discovery
Enumerate Cloudtrails for a Given Region
Enumerate ECR repositories
Enumerate IAM groups
Enumerate IAM Permissions with GetAccountAuthorizationDetails
Enumerate IAM users
Enumerate service accounts for project
Enumerate VPC Flow Logs
Enumerate WAF Rules
GCP List Secrets in Secrets Manager
Get Caller Identity
Get GuardDuty Detector
Get IAM policy for project
List GuardDuty Detectors
List Secrets in Secrets Manager
STS Get Caller Identity
Execution
Execution
Launch EC2 instance with Malicious AMI
Modify Lambda Function Code
Exfiltration
Exfiltration
Create EBS Snapshot
Enable Public Access on EBS Snapshot
Share EBS Snapshot
Impact
Impact
Create an EC2 instance
Delete EKS cluster
Delete Elasticache Instance
Delete IAM group
Delete IAM Policy
Delete IAM Role
Delete IAM user
Delete Secret in Secrets Manager
Describe EKS cluster
Destroy an EC2 instance
List EKS clusters
Persistence
Persistence
Add an entity to an IAM role assumption policy
Add an IAM User
Add API key to existing IAM user
Change Password for Current User
Create IAM group
Create login profile for existing user
Create Secret in Secrets Manager
Delete login profile for existing user
Make EKS cluster control endpoint public
Remove MFA Device
Update login profile for existing user
Privilege escalation
Privilege escalation
Add a policy to a group
Add a policy to a role
Add a policy to a user
Add an existing role to a new EC2 instance
Add an IAM User to a Group
Attach a Malicious Lambda Layer
Change default policy version
Create New Policy Version
Create Policy
Update Inline Policy for User
Leonidas docs
Leonidas docs
Leonidas API Logging
Deploying Leonidas
Using Leonidas
Implementing AWS test cases
Writing your own case definitions
404 - Not found