Find cloud assets that no one wants exposed π βοΈ
β348Jul 20, 2020Updated 5 years ago
Alternatives and similar repositories for smogcloud
Users that are interested in smogcloud are comparing it to the libraries listed below
Sorting:
- Cloudlist is a tool for listing Assets from multiple Cloud Providers.β1,005Feb 16, 2026Updated 2 weeks ago
- Search exposed EBS volumes for secretsβ302Apr 24, 2023Updated 2 years ago
- Awesome cloud enumeratorβ1,100Mar 9, 2025Updated 11 months ago
- FestIn - Open S3 Bucket Scannerβ231Dec 4, 2020Updated 5 years ago
- Bugbounty scope toolβ332Mar 5, 2025Updated 11 months ago
- Cloud Container Attack Tool (CCAT) is a tool for testing security of container environments.β646Nov 21, 2019Updated 6 years ago
- goverview - Get an overview of the list of URLsβ142Dec 5, 2025Updated 2 months ago
- RMIScout uses wordlist and bruteforce strategies to enumerate Java RMI functions and exploit RMI parameter unmarshalling vulnerabilitiesβ446Sep 7, 2022Updated 3 years ago
- A graph-based tool for visualizing effective access and resource relationships in AWS environments.β994Oct 4, 2022Updated 3 years ago
- The Swiss Army knife for automated Web Application Testingβ2,322May 8, 2024Updated last year
- qsfuzz (Query String Fuzz) allows you to build your own rules to fuzz query strings and easily identify vulnerabilities.β303Feb 12, 2023Updated 3 years ago
- A tool to parse, deduplicate, and query multiple port scans.β57Aug 11, 2023Updated 2 years ago
- Convolutional neural network for analyzing pentest screenshotsβ1,280Feb 19, 2024Updated 2 years ago
- β576Jul 12, 2025Updated 7 months ago
- Automating situational awareness for cloud penetration tests.β2,295Feb 21, 2026Updated last week
- π Authz0 is an automated authorization test tool. Unauthorized access can be identified based on URLs and Roles & Credentials.β427Feb 20, 2026Updated last week
- A tool for quickly evaluating IAM permissions in AWS.β1,541Aug 2, 2024Updated last year
- The dynamic infrastructure framework for everybody! Distribute the workload of many different scanning tools with ease, including nmap, fβ¦β4,350Sep 30, 2024Updated last year
- MassDNS wrapper written in go to enumerate valid subdomains using active bruteforce as well as resolve subdomains with wildcard filteringβ¦β1,593Feb 23, 2026Updated last week
- Simple python script to check against hypothetical JWT vulnerability.β51Nov 29, 2020Updated 5 years ago
- A rapid API for the Project Sonar datasetβ658May 5, 2023Updated 2 years ago
- Electron based screenshot scannerβ68Feb 4, 2023Updated 3 years ago
- π Enumerate git repository URL from list of URL / User / Org. Friendly to pipelineβ56Nov 24, 2024Updated last year
- A simple HTTP(S) and DNS Canary bot with Slack/Discord/MS Teams/Lark/Telegram & Pushover supportβ300Nov 20, 2025Updated 3 months ago
- Multi-cloud OSINT tool. Enumerate public resources in AWS, Azure, and Google Cloud.β2,029Jul 12, 2025Updated 7 months ago
- Tool for assessing on-premises Microsoft servers authentication such as ADFS, Skype, Exchange, and RDWebβ148Dec 3, 2020Updated 5 years ago
- The format of various s3 buckets is convert in one format. for bugbounty and security testing.β87May 6, 2023Updated 2 years ago
- This repository contains a collection of cheatsheets I have put together for tools related to pentesting organizations that leverage clouβ¦β2,802Sep 17, 2024Updated last year
- Scan for misconfigured S3 buckets across S3-compatible APIs!β2,997Dec 11, 2025Updated 2 months ago
- Complex payload encoderβ240Jan 20, 2024Updated 2 years ago
- A tool for standing up (and tearing down!) purposefully insecure cloud infrastructureβ753Oct 14, 2023Updated 2 years ago
- CloudScraper: Tool to enumerate targets in search of cloud resources. S3 Buckets, Azure Blobs, Digital Ocean Storage Space.β532Mar 7, 2022Updated 3 years ago
- β128Sep 2, 2019Updated 6 years ago
- Automated Attack Simulation in the Cloud, complete with detection use cases.β606Nov 28, 2024Updated last year
- A tool to hunt for credentials in github wild AKA git*huntβ297Dec 8, 2022Updated 3 years ago
- A utility to convert your AWS CLI credentials into AWS console access.β256May 7, 2020Updated 5 years ago
- Exploit for Pulse Connect Secure SSL VPN arbitrary file read vulnerability (CVE-2019-11510)β135Jan 15, 2020Updated 6 years ago
- Fast GitHub recon tool. Scans for leaked secrets across all of GitHub, not just known repos and orgs. Support for GitHub dorks.β1,405Feb 10, 2026Updated 3 weeks ago
- a parser + crawler for .DS_Store files exposed publicallyβ56Jun 6, 2023Updated 2 years ago