06-10-2026, 05:04 PM
Internal infrastructure org dumped from a developer's PAT. Pretty good internal mapping including all infrastructure topology, CI/CD pipelines, Kubernetes cluster management, secret infrastructure, and employee info for targs.
This is not IA, But if you're already inside, or want to be there, this will be very very useful for figuring out their infra and who to target.
Price: $12k USD (negotiable). Middleman/escrow accepted
Additional Samples provided upon request.
QTOX: 300B2D5FD09996D9DCFD714A3E7C0059EF70825AF78ED544880DC9990EBF9859B798CC8F2B03
SESSION: 05c8ae06e40a63cfd94d3307a3461ca668aa88bb18686083d6927e969249501075
If you would like a more complete manifest, send a PM
About Dynatrace
Dynatrace is a publicly traded observability/monitoring SaaS platform. Valued at $13.2B+. Primary customers are Fortune 500 enterprises. Their platform provides APM, infrastructure monitoring, and log analytics across customer environments globally. Complete internal infrastructure blueprint gives attackers detailed understanding of how Dynatrace operates, deploys, and manages production systems
Manifest:
Complete Infrastructure Topology
Vault endpoints (prod, nonprod, sandbox) with JWT mounts and secret paths
ArgoCD deployment infrastructure across all environments
Self-hosted runner topology and scale-set names
AWS account IDs and GCP KMS infrastructure
Container registry and Sigstore signing infrastructure
Kubernetes cluster state and management tools
CI/CD Infrastructure & Deployment
GitHub App integrations (25+ service accounts with IDs)
ArgoCD admin tokens* and deployment credentials*
Terraform modules and Helm configurations for all environments
CI/CD policy enforcement engine with direct edit access
Self-hosted runner infrastructure with prod/nonprod/sandbox isolation
Container signing and artifact validation pipelines
Secret Management Infrastructure
Vault architecture with all JWT paths and mounts
Vault paths for ArgoCD, quality gates, GCP auth, GitHub apps
Secret enumeration from gato-x recon (287 bindings across 80 repos)
Signing certificate infrastructure for Windows/Linux/Driver binaries
GCP KMS keyring and location references*
Employee & Targeting Intelligence
1000+ Dynatrace employee records with GitHub handles, names, corporate emails
Infrastructure team member contact info
Repositories Cloned
GitOps / Cluster State (11 repos, ~3GB)
Production environment state repo (2.1 GB, 54,546 files)
Nonprod environment state repo (607 MB)
Sandbox state repos (4 variants)
Metadata/configuration state repos (2)
Environment-specific infrastructure state repos (4)
Infrastructure Tooling & Cluster Management (~35 repos)
Primary development platform repo (3.1 GB, 40,254 files)
Hardening/staging platform repo (419 MB, 12,271 files)
Infrastructure pipeline aggregator (3,097 files)
Org-wide policy/workflow engine
GitOps managers (multiple environments)
Cluster automation and management tooling
Environment-specific IAM and access control (5 repos)
Environment-specific tooling suites (3)
Copilot/assistant systems (multiple environments)
Compliance and security control suites (3)
Self-hosted runner infrastructure (2 repos)
Security scanning integration
Service recovery tooling
Base services state management
Community/Partner Integrations (7 repos)
Third-party AI integrations
Business operations generators
CI/CD observability
Testing infrastructure
Cloud resource agents
Kubernetes Operations Platform (20 repos)
Base library and 3rd-party integrations
CI/CD pipeline components
Cluster operator systems
Container image management (6 repos)
Infrastructure tooling (4 repos)
Cluster node management
Shared libraries and utilities
Logging and monitoring operators
Control-Plane Infrastructure (13 repos)
Abstract control-plane systems (6 repos)
Application/environment state management (multiple environments)
API schemas and state repositories
Cloud authentication integration
Base cluster templates
Cloud Account Provisioning (11 repos)
Cloud cluster configuration (5 environment variants)
Account base infrastructure (prod/nonprod variants)
Control-plane claims and configuration
ArgoCD deployment configuration
Backend Service Modules (16 repos)
Authentication and authorization engines
Encryption and credential management
Message queue systems
Database management modules
Node pool configuration
Log forwarding and aggregation
Package and template systems
Operators and Templates (~25 repos)
Infrastructure operators and templates
Signing service and components
Sigstore infrastructure
Operator deployment and testing
Container image research
Repository initialization templates
Kubernetes operator templates
Workflow automation utilities
Release management tooling
Observability toolkit
Internal documentation systems
Shared component libraries
Orchestration and operator frameworks
Configuration management systems
Workflow aggregation utilities
Bonus Data (misc)
Employee PII Exposed [Ref #01]
Count: Organization member roster (1000+)
Data: GitHub identities, names, corporate emails
Source: Organization data export file
Sigstore Dev Signing Material
Dev TUF signing repository
Contains: Signing metadata, key history, named key owners
Scheme: Multi-party signing required
Online key: AWS KMS backed
Total entries: 248
Git repositories: 246
Source files (excl. .git/, node_modules/): 164,116
Uncompressed size: ~14 GB
Compressed archive: ~5.26 GB
CI/CD-enabled repos: 203
---
Anything marked with * depends on credential validity. These can be revoked/rotated. Everything else is architectural/operational intelligence that remains useful regardless.
Sample: PII Proof
https://ibb.co/nN5xcQ3J
https://ibb.co/Vc6VpGwY
Sample Repo: https://files.offshore.cat/api/file/7a75...ff9ceb2553
This is not IA, But if you're already inside, or want to be there, this will be very very useful for figuring out their infra and who to target.
Price: $12k USD (negotiable). Middleman/escrow accepted
Additional Samples provided upon request.
QTOX: 300B2D5FD09996D9DCFD714A3E7C0059EF70825AF78ED544880DC9990EBF9859B798CC8F2B03
SESSION: 05c8ae06e40a63cfd94d3307a3461ca668aa88bb18686083d6927e969249501075
If you would like a more complete manifest, send a PM
About Dynatrace
Dynatrace is a publicly traded observability/monitoring SaaS platform. Valued at $13.2B+. Primary customers are Fortune 500 enterprises. Their platform provides APM, infrastructure monitoring, and log analytics across customer environments globally. Complete internal infrastructure blueprint gives attackers detailed understanding of how Dynatrace operates, deploys, and manages production systems
Manifest:
Complete Infrastructure Topology
Vault endpoints (prod, nonprod, sandbox) with JWT mounts and secret paths
ArgoCD deployment infrastructure across all environments
Self-hosted runner topology and scale-set names
AWS account IDs and GCP KMS infrastructure
Container registry and Sigstore signing infrastructure
Kubernetes cluster state and management tools
CI/CD Infrastructure & Deployment
GitHub App integrations (25+ service accounts with IDs)
ArgoCD admin tokens* and deployment credentials*
Terraform modules and Helm configurations for all environments
CI/CD policy enforcement engine with direct edit access
Self-hosted runner infrastructure with prod/nonprod/sandbox isolation
Container signing and artifact validation pipelines
Secret Management Infrastructure
Vault architecture with all JWT paths and mounts
Vault paths for ArgoCD, quality gates, GCP auth, GitHub apps
Secret enumeration from gato-x recon (287 bindings across 80 repos)
Signing certificate infrastructure for Windows/Linux/Driver binaries
GCP KMS keyring and location references*
Employee & Targeting Intelligence
1000+ Dynatrace employee records with GitHub handles, names, corporate emails
Infrastructure team member contact info
Repositories Cloned
GitOps / Cluster State (11 repos, ~3GB)
Production environment state repo (2.1 GB, 54,546 files)
Nonprod environment state repo (607 MB)
Sandbox state repos (4 variants)
Metadata/configuration state repos (2)
Environment-specific infrastructure state repos (4)
Infrastructure Tooling & Cluster Management (~35 repos)
Primary development platform repo (3.1 GB, 40,254 files)
Hardening/staging platform repo (419 MB, 12,271 files)
Infrastructure pipeline aggregator (3,097 files)
Org-wide policy/workflow engine
GitOps managers (multiple environments)
Cluster automation and management tooling
Environment-specific IAM and access control (5 repos)
Environment-specific tooling suites (3)
Copilot/assistant systems (multiple environments)
Compliance and security control suites (3)
Self-hosted runner infrastructure (2 repos)
Security scanning integration
Service recovery tooling
Base services state management
Community/Partner Integrations (7 repos)
Third-party AI integrations
Business operations generators
CI/CD observability
Testing infrastructure
Cloud resource agents
Kubernetes Operations Platform (20 repos)
Base library and 3rd-party integrations
CI/CD pipeline components
Cluster operator systems
Container image management (6 repos)
Infrastructure tooling (4 repos)
Cluster node management
Shared libraries and utilities
Logging and monitoring operators
Control-Plane Infrastructure (13 repos)
Abstract control-plane systems (6 repos)
Application/environment state management (multiple environments)
API schemas and state repositories
Cloud authentication integration
Base cluster templates
Cloud Account Provisioning (11 repos)
Cloud cluster configuration (5 environment variants)
Account base infrastructure (prod/nonprod variants)
Control-plane claims and configuration
ArgoCD deployment configuration
Backend Service Modules (16 repos)
Authentication and authorization engines
Encryption and credential management
Message queue systems
Database management modules
Node pool configuration
Log forwarding and aggregation
Package and template systems
Operators and Templates (~25 repos)
Infrastructure operators and templates
Signing service and components
Sigstore infrastructure
Operator deployment and testing
Container image research
Repository initialization templates
Kubernetes operator templates
Workflow automation utilities
Release management tooling
Observability toolkit
Internal documentation systems
Shared component libraries
Orchestration and operator frameworks
Configuration management systems
Workflow aggregation utilities
Bonus Data (misc)
Employee PII Exposed [Ref #01]
Count: Organization member roster (1000+)
Data: GitHub identities, names, corporate emails
Source: Organization data export file
Sigstore Dev Signing Material
Dev TUF signing repository
Contains: Signing metadata, key history, named key owners
Scheme: Multi-party signing required
Online key: AWS KMS backed
Total entries: 248
Git repositories: 246
Source files (excl. .git/, node_modules/): 164,116
Uncompressed size: ~14 GB
Compressed archive: ~5.26 GB
CI/CD-enabled repos: 203
---
Anything marked with * depends on credential validity. These can be revoked/rotated. Everything else is architectural/operational intelligence that remains useful regardless.
Sample: PII Proof
https://ibb.co/nN5xcQ3J
https://ibb.co/Vc6VpGwY
Sample Repo: https://files.offshore.cat/api/file/7a75...ff9ceb2553
QTOX:??300B2D5FD09996D9DCFD714A3E7C0059EF70825AF78ED544880DC9990EBF9859B798CC8F2B03
Session:??05c8ae06e40a63cfd94d3307a3461ca668aa88bb18686083d6927e969249501075
Session:??05c8ae06e40a63cfd94d3307a3461ca668aa88bb18686083d6927e969249501075