BishopFox / cloudfox

Related projects ⓘ

Alternatives and complementary repositories for cloudfox

• Hacking-the-Cloud / hackingthe.cloud
  An encyclopedia for offensive and defensive security knowledge in cloud native technologies.
  ☆1,706Updated this week
• DataDog / stratus-red-team
  Granular, Actionable Adversary Emulation for the Cloud
  ☆1,817Updated this week
• RhinoSecurityLabs / pacu
  The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.
  ☆4,377Updated last month
• projectdiscovery / cloudlist
  Cloudlist is a tool for listing Assets from multiple Cloud Providers.
  ☆855Updated this week
• ine-labs / AWSGoat
  AWSGoat : A Damn Vulnerable AWS Infrastructure
  ☆1,732Updated last week
• initstring / cloud_enum
  Multi-cloud OSINT tool. Enumerate public resources in AWS, Azure, and Google Cloud.
  ☆1,679Updated 3 weeks ago
• dafthack / CloudPentestCheatsheets
  This repository contains a collection of cheatsheets I have put together for tools related to pentesting organizations that leverage clou…
  ☆2,572Updated last month
• carlospolop / PurplePanda
  Identify privilege escalation paths within and across different clouds
  ☆665Updated this week
• RhinoSecurityLabs / cloudgoat
  CloudGoat is Rhino Security Labs' "Vulnerable by Design" AWS deployment tool
  ☆2,966Updated this week
• nccgroup / sadcloud
  A tool for standing up (and tearing down!) purposefully insecure cloud infrastructure
  ☆656Updated last year
• rootsecdev / Azure-Red-Team
  Azure Security Resources and Notes
  ☆1,479Updated 4 months ago
• mazen160 / secrets-patterns-db
  Secrets Patterns DB: The largest open-source Database for detecting secrets, API keys, passwords, tokens, and more.
  ☆1,039Updated 9 months ago
• 0xsha / CloudBrute
  Awesome cloud enumerator
  ☆866Updated 3 months ago
• cyberark / kubesploit
  Kubesploit is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in Golang, focused on containerized en…
  ☆1,124Updated 3 months ago
• pop3ret / AWSome-Pentesting
  My cheatsheet notes to pentest AWS infrastructure
  ☆655Updated 2 years ago
• projectdiscovery / cvemap
  Navigate the CVE jungle with ease.
  ☆1,745Updated this week
• aquasecurity / cloud-security-remediation-guides
  Security Remediation Guides
  ☆708Updated 3 weeks ago
• iknowjason / Awesome-CloudSec-Labs
  Awesome free cloud native security learning labs. Includes CTF, self-hosted workshops, guided vulnerability labs, and research labs.
  ☆1,426Updated last week
• stealthcopter / deepce
  Docker Enumeration, Escalation of Privileges and Container Escapes (DEEPCE)
  ☆1,197Updated 5 months ago
• BishopFox / iam-vulnerable
  Use Terraform to create your own vulnerable by design AWS IAM privilege escalation playground.
  ☆476Updated 9 months ago
• sa7mon / S3Scanner
  Scan for misconfigured S3 buckets across S3-compatible APIs!
  ☆2,559Updated this week
• ine-labs / AzureGoat
  AzureGoat : A Damn Vulnerable Azure Infrastructure
  ☆779Updated last week
• 4ndersonLin / awesome-cloud-security
  🛡️ Awesome Cloud Security Resources ⚔️
  ☆2,075Updated 5 months ago
• HackTricks-wiki / hacktricks-cloud
  ☆575Updated this week
• CyberSecurityUP / Cloud-Security-Attacks
  Azure and AWS Attacks
  ☆1,047Updated last year
• praetorian-inc / gato
  GitHub Actions Pipeline Enumeration and Attack Tool
  ☆567Updated 2 months ago
• aquasecurity / cloudsploit
  Cloud Security Posture Management (CSPM)
  ☆3,347Updated last month
• Kyuu-Ji / Awesome-Azure-Pentest
  A collection of resources, tools and more for penetration testing and securing Microsofts cloud platform Azure.
  ☆1,008Updated 10 months ago
• Syslifters / sysreptor
  Fully customisable, offensive security reporting solution designed for pentesters, red teamers and other security-related people alike.
  ☆1,471Updated this week
• pwndoc / pwndoc
  Pentest Report Generator
  ☆2,281Updated 3 weeks ago