Alternatives and similar repositories for dufflebag

Users that are interested in dufflebag are comparing it to the libraries listed below

• BishopFox / smogcloud
  Find cloud assets that no one wants exposed 🔎 ☁️
  ☆350Updated 5 years ago
• NotSoSecure / cloud-service-enum
  ☆259Updated last year
• RhinoSecurityLabs / Cloud-Security-Research
  Cloud-related research releases from the Rhino Security Labs team.
  ☆392Updated 5 years ago
• opendevsecops / guide-aws-hacking
  This is an offensive guide to securing AWS infrastructures. The hope is that by knowing how to take advantage of various types of AWS wea…
  ☆174Updated 6 years ago
• appsecco / attacking-cloudgoat2
  A step-by-step walkthrough of CloudGoat 2.0 scenarios.
  ☆134Updated 5 years ago
• RhinoSecurityLabs / GCPBucketBrute
  A script to enumerate Google Storage buckets, determine what access you have to them, and determine if they can be privilege escalated.
  ☆543Updated 2 years ago
• koenrh / s3enum
  Fast and stealthy Amazon S3 bucket enumeration tool for pentesters.
  ☆260Updated 4 months ago
• dxa4481 / truffleHogRegexes
  These are the regexes that power truffleHog
  ☆220Updated 2 years ago
• WeAreCloudar / s3-account-search
  S3 Account Search
  ☆25Updated 4 months ago
• dxa4481 / gcploit
  These are tools we released with our 2020 defcon/blackhat talk https://www.youtube.com/watch?v=Ml09R38jpok
  ☆171Updated 10 months ago
• cr0hn / festin
  FestIn - Open S3 Bucket Scanner
  ☆232Updated 5 years ago
• iknowjason / AriaCloud
  A Docker container for remote penetration testing.
  ☆142Updated 4 years ago
• josehelps / git-wild-hunt
  A tool to hunt for credentials in github wild AKA git*hunt
  ☆297Updated 2 years ago
• righteousgambit / quiet-riot
  Unauthenticated enumeration of AWS, Azure, and GCP Principals
  ☆274Updated last week
• prisma-cloud / IAMFinder
  IAMFinder enumerates and finds users and IAM roles in a target AWS account.
  ☆111Updated 5 years ago
• DavidDikker / endgame
  An AWS Pentesting tool that lets you use one-liner commands to backdoor an AWS account's resources with a rogue AWS account - or share th…
  ☆204Updated 4 years ago
• Frichetten / SneakyEndpoints
  Hide from the InstanceCredentialExfiltration GuardDuty finding by using VPC Endpoints
  ☆122Updated 4 months ago
• Voulnet / barq
  barq: The AWS Cloud Post Exploitation framework!
  ☆388Updated 3 years ago
• carnal0wnage / weirdAAL
  WeirdAAL (AWS Attack Library)
  ☆830Updated 10 months ago
• ImpostorKeanu / peasant
  LinkedIn reconnaissance tool
  ☆55Updated 3 years ago
• tprynn / web-methodology
  Methodology for high-quality web application security testing - https://github.com/tprynn/web-methodology/wiki
  ☆212Updated last year
• riskprofiler / CloudFrontier
  Monitor the internet attack surface of various public cloud environments. Currently supports AWS, GCP, Azure, DigitalOcean and Oracle Clo…
  ☆128Updated 2 weeks ago
• brianwarehime / inSp3ctor
  AWS S3 Bucket/Object Finder
  ☆122Updated 4 years ago
• SygniaLabs / security-cloud-scout
  ☆139Updated 2 years ago
• iknowjason / edge
  Whois for the Cloud: Recon tool for cloud provider attribution. Supports AWS, Azure, Google, Cloudflare, and Digital Ocean.
  ☆182Updated last month
• RhinoSecurityLabs / ccat
  Cloud Container Attack Tool (CCAT) is a tool for testing security of container environments.
  ☆644Updated 6 years ago
• RhinoSecurityLabs / Swagger-EZ
  A tool geared towards pentesting APIs using OpenAPI definitions.
  ☆182Updated 3 years ago
• disruptops / cred_scanner
  A simple file-based scanner to look for potential AWS access and secret keys in files
  ☆93Updated last year
• MindPointGroup / cloudfrunt
  A tool for identifying misconfigured CloudFront domains
  ☆362Updated 5 years ago
• RhinoSecurityLabs / GCP-IAM-Privilege-Escalation
  A collection of GCP IAM privilege escalation methods documented by the Rhino Security Labs team.
  ☆406Updated last month