BishopFox / smogcloudLinks
Find cloud assets that no one wants exposed 🔎 ☁️
☆345Updated 4 years ago
Alternatives and similar repositories for smogcloud
Users that are interested in smogcloud are comparing it to the libraries listed below
Sorting:
- Fast and stealthy Amazon S3 bucket enumeration tool for pentesters.☆249Updated 3 weeks ago
- Search exposed EBS volumes for secrets☆298Updated 2 years ago
- ☆250Updated 11 months ago
- FestIn - Open S3 Bucket Scanner☆234Updated 4 years ago
- A script to enumerate Google Storage buckets, determine what access you have to them, and determine if they can be privilege escalated.☆519Updated 2 years ago
- DEPRECATED, please use the new repository from OWASP: https://github.com/OWASP/raider☆139Updated 3 years ago
- A step-by-step walkthrough of CloudGoat 2.0 scenarios.☆134Updated 5 years ago
- A tool to hunt for credentials in github wild AKA git*hunt☆294Updated 2 years ago
- These are the regexes that power truffleHog☆218Updated 2 years ago
- A Docker container for remote penetration testing.☆135Updated 4 years ago
- WebStor efficiently enumerates all websites across your organization’s networks and those in your DNS records - including cloud-hosted se…☆158Updated last year
- Cloud-related research releases from the Rhino Security Labs team.☆388Updated 5 years ago
- Cloud Security Operations Orchestrator☆185Updated last year
- Monitor the internet attack surface of various public cloud environments. Currently supports AWS, GCP, Azure, DigitalOcean and Oracle Clo…☆124Updated last year
- A handy DNS service written in Go to aid in the detection of several types of blind vulnerabilities. It monitors a pentester's server for…☆191Updated 4 years ago
- secretz, minimizing the large attack surface of Travis CI☆325Updated 3 years ago
- Weaponizing Live CT logs for automated monitoring of assets☆134Updated 3 years ago
- This Burpsuite plugin allows for multiple web app testers to share their proxy history with each other in real time. Requests that comes …☆259Updated 2 years ago
- BurpSuite Extension: A one-stop pen testing checklist and logger tool☆266Updated 2 years ago
- A tool for identifying misconfigured CloudFront domains☆357Updated 4 years ago
- Yar is a tool for plunderin' organizations, users and/or repositories.☆238Updated 4 years ago
- automated password spraying tool☆148Updated 3 years ago
- Cross Origin Resource Sharing MisConfiguration Scanner☆173Updated 3 years ago
- Bass grabs you those "extra resolvers" you are missing out on when performing Active DNS enumeration. Add anywhere from 100-6k resolvers …☆147Updated last year
- AWS S3 Bucket/Object Finder☆119Updated 3 years ago
- Boomerang is a tool to expose multiple internal servers to web/cloud. Agent & Server are pretty stable and can be used in Red Team for Mu…☆222Updated 4 years ago
- A tool geared towards pentesting APIs using OpenAPI definitions.☆176Updated 2 years ago
- 🏰 A Python script for AWS S3 bucket enumeration.☆144Updated 2 years ago
- Cloud Container Attack Tool (CCAT) is a tool for testing security of container environments.☆628Updated 5 years ago
- Monitoring GitHub for sensitive data shared publicly☆66Updated 3 years ago