RhinoSecurityLabs / GCPBucketBruteLinks
A script to enumerate Google Storage buckets, determine what access you have to them, and determine if they can be privilege escalated.
☆519Updated 2 years ago
Alternatives and similar repositories for GCPBucketBrute
Users that are interested in GCPBucketBrute are comparing it to the libraries listed below
Sorting:
- Cloud-related research releases from the Rhino Security Labs team.☆388Updated 5 years ago
- Fast and stealthy Amazon S3 bucket enumeration tool for pentesters.☆249Updated 2 weeks ago
- Search exposed EBS volumes for secrets☆298Updated 2 years ago
- ☆249Updated 11 months ago
- ☆275Updated 3 years ago
- Find cloud assets that no one wants exposed 🔎 ☁️☆345Updated 4 years ago
- WeirdAAL (AWS Attack Library)☆807Updated 4 months ago
- Cloud Container Attack Tool (CCAT) is a tool for testing security of container environments.☆626Updated 5 years ago
- Find AWS S3 buckets and test their permissions.☆387Updated 2 years ago
- A collection of GCP IAM privilege escalation methods documented by the Rhino Security Labs team.☆385Updated last year
- These are the regexes that power truffleHog☆218Updated 2 years ago
- BurpSuite Extension: A one-stop pen testing checklist and logger tool☆266Updated 2 years ago
- A collection of awesome AWS S3 tools that collects and enumerates exposed S3 buckets☆365Updated 11 months ago
- AWS S3 Bucket/Object Finder☆120Updated 3 years ago
- ☆589Updated last year
- Damn Vulnerable Cloud Application☆192Updated 6 years ago
- A step-by-step walkthrough of CloudGoat 2.0 scenarios.☆134Updated 5 years ago
- Bugbounty scope tool☆329Updated 2 months ago
- A tool geared towards pentesting APIs using OpenAPI definitions.☆176Updated 2 years ago
- An automated approach to performing recon for bug bounty hunting and penetration testing.☆441Updated 4 years ago
- An automated target reconnaissance pipeline.☆435Updated 2 years ago
- CloudScraper: Tool to enumerate targets in search of cloud resources. S3 Buckets, Azure Blobs, Digital Ocean Storage Space.☆521Updated 3 years ago
- Leverages publicly available datasets from Google BigQuery to generate content discovery and subdomain wordlists☆731Updated 2 years ago
- Issues to consider when planning a red team exercise.☆619Updated 7 years ago
- Content discovery wordlists generated using BigQuery☆570Updated 5 years ago
- This repository will contain all trainings and tutorials I have done/read to prepare for OSWE / AWAE.☆240Updated 5 years ago
- Generates lists of live hosts and URLs for targeting, automating the usage of MassDNS, Masscan and nmap to filter out unreachable hosts a…☆365Updated 2 years ago
- Dr. Watson is a simple Burp Suite extension that helps find assets, keys, subdomains, IP addresses, and other useful information! It's yo…☆215Updated 5 years ago
- Wordlists that have been compiled using Commonspeak2. This repo is updated every time new wordlists are generated.☆532Updated 6 years ago
- Material for the training "Developing Burp Suite Extensions – From Manual Testing to Security Automation"☆353Updated 4 years ago