RhinoSecurityLabs/Cloud-Security-Research external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

RhinoSecurityLabs/Cloud-Security-Research

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/RhinoSecurityLabs/Cloud-Security-Research)

Close

RhinoSecurityLabs / Cloud-Security-ResearchView on GitHubMore

• External links
• Readme badge

Cloud-related research releases from the Rhino Security Labs team.

☆392Apr 23, 2020Updated 5 years ago

Alternatives and similar repositories for Cloud-Security-Research

Users that are interested in Cloud-Security-Research are comparing it to the libraries listed below

• RhinoSecurityLabs / ccat

  View on GitHub
  Cloud Container Attack Tool (CCAT) is a tool for testing security of container environments.
  ☆645Nov 21, 2019Updated 6 years ago
• RhinoSecurityLabs / AWS-IAM-Privilege-Escalation

  View on GitHub
  A centralized source of all AWS IAM privilege escalation methods released by Rhino Security Labs.
  ☆924Jul 25, 2019Updated 6 years ago
• RhinoSecurityLabs / pacu

  View on GitHub
  The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.
  ☆5,080Feb 24, 2026Updated last week
• RhinoSecurityLabs / GCPBucketBrute

  View on GitHub
  A script to enumerate Google Storage buckets, determine what access you have to them, and determine if they can be privilege escalated.
  ☆556May 26, 2023Updated 2 years ago
• monoxgas / FlyingAFalseFlag

  View on GitHub
  Slides and Code for the BHUSA 2019 talk: Flying a False Flag
  ☆238Nov 8, 2019Updated 6 years ago
• RhinoSecurityLabs / cloudgoat

  View on GitHub
  CloudGoat is Rhino Security Labs' "Vulnerable by Design" AWS deployment tool
  ☆3,490Feb 12, 2026Updated 3 weeks ago
• RhinoSecurityLabs / Security-Research

  View on GitHub
  Exploits written by the Rhino Security Labs team
  ☆1,097Jan 23, 2021Updated 5 years ago
• dagrz / aws_pwn

  View on GitHub
  A collection of AWS penetration testing junk
  ☆1,220Aug 30, 2023Updated 2 years ago
• jordanpotti / CloudScraper

  View on GitHub
  CloudScraper: Tool to enumerate targets in search of cloud resources. S3 Buckets, Azure Blobs, Digital Ocean Storage Space.
  ☆532Mar 7, 2022Updated 4 years ago
• Voulnet / barq

  View on GitHub
  barq: The AWS Cloud Post Exploitation framework!
  ☆388Nov 19, 2022Updated 3 years ago
• mufeedvh / CVE-2019-8449

  View on GitHub
  CVE-2019-8449 Exploit for Jira v2.1 - v8.3.4
  ☆68Feb 3, 2020Updated 6 years ago
• bluscreenofjeff / Red-Team-Infrastructure-Wiki

  View on GitHub
  Wiki to collect Red Team infrastructure hardening resources
  ☆4,450Oct 1, 2025Updated 5 months ago
• Voulnet / desharialize

  View on GitHub
  ☆102May 5, 2020Updated 5 years ago
• nccgroup / PMapper

  View on GitHub
  A tool for quickly evaluating IAM permissions in AWS.
  ☆1,544Aug 2, 2024Updated last year
• BishopFox / GadgetProbe

  View on GitHub
  Probe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.
  ☆612Mar 4, 2021Updated 5 years ago
• ReversecLabs / awspx

  View on GitHub
  A graph-based tool for visualizing effective access and resource relationships in AWS environments.
  ☆995Oct 4, 2022Updated 3 years ago
• nccgroup / sadcloud

  View on GitHub
  A tool for standing up (and tearing down!) purposefully insecure cloud infrastructure
  ☆755Oct 14, 2023Updated 2 years ago
• dafthack / CloudPentestCheatsheets

  View on GitHub
  This repository contains a collection of cheatsheets I have put together for tools related to pentesting organizations that leverage clou…
  ☆2,803Sep 17, 2024Updated last year
• NetSPI / aws_consoler

  View on GitHub
  A utility to convert your AWS CLI credentials into AWS console access.
  ☆257May 7, 2020Updated 5 years ago
• projectzeroindia / CVE-2019-11510

  View on GitHub
  Exploit for Arbitrary File Read on Pulse Secure SSL VPN (CVE-2019-11510)
  ☆364Jan 11, 2020Updated 6 years ago
• 0xacb / viewgen

  View on GitHub
  Viewgen is a ViewState tool capable of generating both signed and encrypted payloads with leaked validation keys
  ☆657Feb 1, 2025Updated last year
• appsecco / breaking-and-pwning-apps-and-servers-aws-azure-training

  View on GitHub
  Course content, lab setup instructions and documentation of our very popular Breaking and Pwning Apps and Servers on AWS and Azure hands …
  ☆950Nov 26, 2022Updated 3 years ago
• veracode-research / solr-injection

  View on GitHub
  Apache Solr Injection Research
  ☆579Jan 28, 2020Updated 6 years ago
• cujanovic / SSRF-Testing

  View on GitHub
  SSRF (Server Side Request Forgery) testing resources
  ☆2,482Oct 12, 2024Updated last year
• ReversecLabs / leonidas

  View on GitHub
  Automated Attack Simulation in the Cloud, complete with detection use cases.
  ☆605Nov 28, 2024Updated last year
• x41sec / BeanStack

  View on GitHub
  X41 BeanStack - Stack Trace Fingerprinting BETA
  ☆53Dec 3, 2025Updated 3 months ago
• xorrior / raven

  View on GitHub
  CobaltStrike External C2 for Websockets
  ☆197Jul 16, 2019Updated 6 years ago
• orangetw / awesome-jenkins-rce-2019

  View on GitHub
  There is no pre-auth RCE in Jenkins since May 2017, but this is the one!
  ☆607May 17, 2019Updated 6 years ago
• toniblyx / my-arsenal-of-aws-security-tools

  View on GitHub
  List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.
  ☆9,411Oct 16, 2025Updated 4 months ago
• andresriancho / nimbostratus

  View on GitHub
  Tools for fingerprinting and exploiting Amazon cloud infrastructures
  ☆497Nov 10, 2022Updated 3 years ago
• jordanpotti / AWSBucketDump

  View on GitHub
  Security Tool to Look For Interesting Files in S3 Buckets
  ☆1,456Apr 10, 2024Updated last year
• RhinoSecurityLabs / IPRotate_Burp_Extension

  View on GitHub
  Extension for Burp Suite which uses AWS API Gateway to rotate your IP on every request.
  ☆883Feb 23, 2026Updated last week
• nccgroup / freddy

  View on GitHub
  Automatically identify deserialisation issues in Java and .NET applications by using active and passive scans
  ☆583Sep 7, 2021Updated 4 years ago
• nyxgeek / lyncsmash

  View on GitHub
  locate and attack Lync/Skype for Business
  ☆345Oct 1, 2024Updated last year
• evict / poc_CVE-2018-1002105

  View on GitHub
  PoC for CVE-2018-1002105.
  ☆222Dec 21, 2018Updated 7 years ago
• nccgroup / azucar

  View on GitHub
  Security auditing tool for Azure environments
  ☆584Nov 4, 2022Updated 3 years ago
• milo2012 / CVE-2018-0296

  View on GitHub
  Test CVE-2018-0296 and extract usernames
  ☆106Dec 9, 2018Updated 7 years ago
• linhlhq / CVE-2019-0604

  View on GitHub
  CVE-2019-0604
  ☆133Mar 22, 2019Updated 6 years ago
• carnal0wnage / weirdAAL

  View on GitHub
  WeirdAAL (AWS Attack Library)
  ☆837Jan 13, 2025Updated last year