Terraform Provider for Remote Code Execution

This terraform provider can be used to get remote code execution by injecting a dummy resource in a writeable state file. It highlights the risks associated with Terraform state files.

Multi-CloudOpen SourceSelf Hosted + Cloud Options

This terraform provider can be used to get remote code execution by injecting a dummy resource in a writeable state file. It highlights the risks associated with Terraform state files and provides insights into best practices for managing them securely. The tool emphasizes the importance of secure state file storage, access management, secret management, and auditing to mitigate risks. It also aligns with ISO 27001:2022 controls, ensuring compliance and security best practices.

BackVisit Website

Improve this page