A tool for identifying misconfigured CloudFront domains
☆362Jun 24, 2020Updated 5 years ago
Alternatives and similar repositories for cloudfrunt
Users that are interested in cloudfrunt are comparing it to the libraries listed below
Sorting:
- Route53/CloudFront Vulnerability Assessment Utility☆86Sep 11, 2023Updated 2 years ago
- A simple file-based scanner to look for potential AWS access and secret keys in files☆95Mar 18, 2024Updated 2 years ago
- WeirdAAL (AWS Attack Library)☆838Jan 13, 2025Updated last year
- A collection of AWS penetration testing junk☆1,221Aug 30, 2023Updated 2 years ago
- Security Tool to Look For Interesting Files in S3 Buckets☆1,458Apr 10, 2024Updated last year
- ☆276Oct 19, 2021Updated 4 years ago
- A penetration testing tool to enumerate and analyse Amazon S3 Buckets owned by a domain.☆116Mar 29, 2019Updated 6 years ago
- ☆126Sep 2, 2019Updated 6 years ago
- CloudScraper: Tool to enumerate targets in search of cloud resources. S3 Buckets, Azure Blobs, Digital Ocean Storage Space.☆534Mar 7, 2022Updated 4 years ago
- Endpoint for Out-of-Band Exfiltration (DNS & HTTP)☆93Nov 9, 2018Updated 7 years ago
- A Powerful Subdomain Takeover Tool☆962Oct 17, 2023Updated 2 years ago
- AWS Extender (Cloud Storage Tester) is a Burp plugin to assess permissions of cloud storage containers on AWS, Google Cloud and Azure.☆256Feb 23, 2022Updated 4 years ago
- Tool to search secrets in various filetypes.☆1,034Apr 25, 2023Updated 2 years ago
- Enumerate the permissions associated with AWS credential set☆1,229Feb 5, 2024Updated 2 years ago
- The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.☆5,097Updated this week
- Scan for misconfigured S3 buckets across S3-compatible APIs!☆3,022Dec 11, 2025Updated 3 months ago
- ☆11Aug 5, 2014Updated 11 years ago
- Cloud Security Suite - One stop tool for auditing the security posture of AWS/GCP/Azure infrastructure.☆1,167Dec 8, 2022Updated 3 years ago
- Automatically identify deserialisation issues in Java and .NET applications by using active and passive scans☆583Sep 7, 2021Updated 4 years ago
- Security auditing tool for AWS environments☆1,723Nov 28, 2018Updated 7 years ago
- Password Lense: reveal character types in a password☆23Oct 18, 2025Updated 5 months ago
- Exploits written by the Rhino Security Labs team☆1,096Jan 23, 2021Updated 5 years ago
- DNS Takeover tool written in Go☆2,033Updated this week
- A simple CORS misconfiguration scanner☆423Aug 14, 2020Updated 5 years ago
- Checks using a test string if a Cloudflare DNS bypass is possible using CloudFail.☆48Dec 17, 2020Updated 5 years ago
- Find interesting Amazon S3 Buckets by watching certificate transparency logs.☆1,802Feb 28, 2025Updated last year
- Drupal enumeration & exploitation tool☆610Nov 4, 2020Updated 5 years ago
- Stealing CSRF tokens with CSS injection (without iFrames)☆323Feb 7, 2018Updated 8 years ago
- This is a Burpsuite plugin built to enable you to import your directory bruteforcing results into burp for easy viewing later. This is an…☆36Mar 1, 2023Updated 3 years ago
- Cloud Container Attack Tool (CCAT) is a tool for testing security of container environments.☆646Nov 21, 2019Updated 6 years ago
- A tool designed to assist with finding all sinks and sources of a web application and display these results in a digestible manner.☆558Mar 6, 2023Updated 3 years ago
- This repository contains all the material from the talk "Esoteric sub-domain enumeration techniques" given at Bugcrowd LevelUp 2017 virtu…☆628Feb 5, 2019Updated 7 years ago
- A tool to find sensitive keys and passwords in Travis logs☆139Jun 27, 2021Updated 4 years ago
- Burp Extension for AWS Signing☆92Jan 10, 2025Updated last year
- StaCoAn is a crossplatform tool which aids developers, bugbounty hunters and ethical hackers performing static code analysis on mobile ap…☆869Apr 27, 2021Updated 4 years ago
- Burp extension to detect alias traversal via NGINX misconfiguration at scale.☆265Nov 18, 2021Updated 4 years ago
- Enumerate usernames on a domain where you have no creds by using SMB Relay with low priv.☆399May 20, 2020Updated 5 years ago
- Python3 Burp History parsing tool to discover potential SQL injection points. To be used in tandem with SQLmap.☆471Nov 14, 2019Updated 6 years ago
- The original AWS security enforcer™☆61Mar 6, 2019Updated 7 years ago