BishopFox / smogcloudLinks
Find cloud assets that no one wants exposed π βοΈ
β345Updated 4 years ago
Alternatives and similar repositories for smogcloud
Users that are interested in smogcloud are comparing it to the libraries listed below
Sorting:
- Search exposed EBS volumes for secretsβ298Updated 2 years ago
- Fast and stealthy Amazon S3 bucket enumeration tool for pentesters.β250Updated last month
- A tool to hunt for credentials in github wild AKA git*huntβ294Updated 2 years ago
- β250Updated 11 months ago
- A script to enumerate Google Storage buckets, determine what access you have to them, and determine if they can be privilege escalated.β521Updated 2 years ago
- FestIn - Open S3 Bucket Scannerβ234Updated 4 years ago
- DEPRECATED, please use the new repository from OWASP: https://github.com/OWASP/raiderβ139Updated 3 years ago
- Corsair_scan is a security tool to test Cross-Origin Resource Sharing (CORS).β122Updated 2 years ago
- secretz, minimizing the large attack surface of Travis CIβ326Updated 3 years ago
- Yar is a tool for plunderin' organizations, users and/or repositories.β238Updated 4 years ago
- This Burpsuite plugin allows for multiple web app testers to share their proxy history with each other in real time. Requests that comes β¦β259Updated 2 years ago
- A simple HTTP(S) and DNS Canary bot with Slack/Discord/MS Teams/Lark/Telegram & Pushover supportβ297Updated 2 months ago
- AWS S3 Bucket/Object Finderβ120Updated 3 years ago
- A tool geared towards pentesting APIs using OpenAPI definitions.β177Updated 2 years ago
- A step-by-step walkthrough of CloudGoat 2.0 scenarios.β134Updated 5 years ago
- Cloud-related research releases from the Rhino Security Labs team.β388Updated 5 years ago
- Methodology for high-quality web application security testing - https://github.com/tprynn/web-methodology/wikiβ209Updated 7 months ago
- GoFingerprint is a Go tool for taking a list of target web servers and matching their HTTP responses against a user defined list of fingβ¦β203Updated 2 years ago
- β127Updated 11 months ago
- A simple file-based scanner to look for potential AWS access and secret keys in filesβ92Updated last year
- qsfuzz (Query String Fuzz) allows you to build your own rules to fuzz query strings and easily identify vulnerabilities.β301Updated 2 years ago
- π° A Python script for AWS S3 bucket enumeration.β144Updated 2 years ago
- Pentesting/Bugbounty Dockerfiles.β177Updated 4 years ago
- These are the regexes that power truffleHogβ218Updated 2 years ago
- Bugbounty scope toolβ330Updated 3 months ago
- β275Updated 3 years ago
- A tool for identifying misconfigured CloudFront domainsβ357Updated 5 years ago
- Ugly Duckling is a lightweight scanner built specifically for our Crowdsource community to submit proof-of-concept modulesβ189Updated 3 years ago
- Cross Origin Resource Sharing MisConfiguration Scannerβ173Updated 3 years ago
- Finding exposed secrets and personal data in GitLabβ199Updated 7 months ago