BishopFox / smogcloud
Find cloud assets that no one wants exposed π βοΈ
β338Updated 4 years ago
Alternatives and similar repositories for smogcloud:
Users that are interested in smogcloud are comparing it to the libraries listed below
- Search exposed EBS volumes for secretsβ297Updated last year
- Fast and stealthy Amazon S3 bucket enumeration tool for pentesters.β243Updated last week
- β244Updated 8 months ago
- FestIn - Open S3 Bucket Scannerβ231Updated 4 years ago
- A script to enumerate Google Storage buckets, determine what access you have to them, and determine if they can be privilege escalated.β508Updated last year
- A step-by-step walkthrough of CloudGoat 2.0 scenarios.β134Updated 4 years ago
- Monitor the internet attack surface of various public cloud environments. Currently supports AWS, GCP, Azure, DigitalOcean and Oracle Cloβ¦β124Updated 11 months ago
- A Docker container for remote penetration testing.β135Updated 4 years ago
- A tool geared towards pentesting APIs using OpenAPI definitions.β174Updated 2 years ago
- Cloud-related research releases from the Rhino Security Labs team.β381Updated 4 years ago
- π° A Python script for AWS S3 bucket enumeration.�β141Updated 2 years ago
- DEPRECATED, please use the new repository from OWASP: https://github.com/OWASP/raiderβ138Updated 3 years ago
- A tool to hunt for credentials in github wild AKA git*huntβ293Updated 2 years ago
- Bass grabs you those "extra resolvers" you are missing out on when performing Active DNS enumeration. Add anywhere from 100-6k resolvers β¦β145Updated 11 months ago
- Pentesting/Bugbounty Dockerfiles.β175Updated 3 years ago
- This is an offensive guide to securing AWS infrastructures. The hope is that by knowing how to take advantage of various types of AWS weaβ¦β171Updated 6 years ago
- This Burpsuite plugin allows for multiple web app testers to share their proxy history with each other in real time. Requests that comes β¦β256Updated 2 years ago
- A simple HTTP(S) and DNS Canary bot with Slack/Discord/MS Teams/Lark/Telegram & Pushover supportβ293Updated last week
- A tool for identifying misconfigured CloudFront domainsβ350Updated 4 years ago
- Corsair_scan is a security tool to test Cross-Origin Resource Sharing (CORS).β123Updated last year
- AWS S3 Bucket/Object Finderβ118Updated 3 years ago
- secretz, minimizing the large attack surface of Travis CIβ325Updated 2 years ago
- Burp with Friendsβ102Updated 2 years ago
- Cloud Container Attack Tool (CCAT) is a tool for testing security of container environments.β619Updated 5 years ago
- GoFingerprint is a Go tool for taking a list of target web servers and matching their HTTP responses against a user defined list of fingβ¦β205Updated last year
- Cross Origin Resource Sharing MisConfiguration Scannerβ172Updated 3 years ago
- barq: The AWS Cloud Post Exploitation framework!β387Updated 2 years ago
- WeirdAAL (AWS Attack Library)β797Updated 2 months ago
- β275Updated 3 years ago
- Everything you need about Burp Extension Generationβ152Updated 2 years ago