SecurityRunners/CloudCommotion external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

SecurityRunners/CloudCommotion

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/SecurityRunners/CloudCommotion)

Close

SecurityRunners / CloudCommotionView on GitHubMore

• External links
• Readme badge

Cloud Commotion intends to cause chaos to simulate security incidents

☆145Jun 18, 2024Updated last year

Alternatives and similar repositories for CloudCommotion

Users that are interested in CloudCommotion are comparing it to the libraries listed below

• SecurityRunners / cloud-exposure-catalog

  View on GitHub
  A catalog of services that can be publicly exposed within different cloud providers.
  ☆14Aug 30, 2024Updated last year
• SecurityRunners / awsdocs

  View on GitHub
  Repository to archive AWS Documentation for local use
  ☆50Oct 14, 2024Updated last year
• caizencloud / caizen

  View on GitHub
  Harness the security superpowers of your cloud asset inventory
  ☆11Sep 22, 2024Updated last year
• StevenSmiley / aws-mine

  View on GitHub
  AWS honey token manager
  ☆89Aug 1, 2024Updated last year
• ReversecLabs / cloud-security-vm

  View on GitHub
  Ansible/Vagrant/Packer files to create a virtual machine with the tooling needed to perform cloud security assessments
  ☆142Jan 2, 2025Updated last year
• adanalvarez / TrailDiscover

  View on GitHub
  An evolving repository of CloudTrail events with detailed descriptions, MITRE ATT&CK insights, real-world incidents, references and secur…
  ☆174Updated this week
• primeharbor / sensitive_iam_actions

  View on GitHub
  Crowdsourced list of sensitive IAM Actions
  ☆159Oct 29, 2024Updated last year
• DataDog / grimoire

  View on GitHub
  Generate datasets of cloud audit logs for common attacks
  ☆233Feb 13, 2026Updated 2 weeks ago
• saw-your-packet / CloudShovel

  View on GitHub
  A tool for scanning public or private AMIs for sensitive files and secrets. The tool follows the research made on AWS CloudQuarry where w…
  ☆113Nov 13, 2024Updated last year
• offensive-actions / azure-storage-reverse-shell

  View on GitHub
  This GitHub Action sends a reverse shell from a runner via Azure Storage Account blobs
  ☆39Sep 25, 2024Updated last year
• tenable / hidden-services-revealer

  View on GitHub
  ☆40Aug 2, 2024Updated last year
• KatTraxler / gcpdocs

  View on GitHub
  Repository to archive GCP Documentation for local use
  ☆16Feb 11, 2025Updated last year
• hotnops / apeman

  View on GitHub
  AWS Attack Path Management Tool - Walking on the Moon
  ☆261Dec 5, 2024Updated last year
• silascutler / dockerhoneypot-logs

  View on GitHub
  Collection of Docker honeypot logs from 2021 - 2024
  ☆36Sep 30, 2024Updated last year
• kpolley / PIIDetective

  View on GitHub
  PII detection platform, leveraging human-in-the-loop AI
  ☆54Nov 29, 2024Updated last year
• NetSPI / gcpwn

  View on GitHub
  Enumeration/exploit/analysis/download/etc pentesting framework for GCP; modeled like Pacu for AWS; a product of numerous hours via @Webbi…
  ☆287May 16, 2025Updated 9 months ago
• latacora / remediate-AWS-IMDSv1

  View on GitHub
  Simple tool to identify and remediate the use of the AWS EC2 IMDSv1.
  ☆15Aug 12, 2021Updated 4 years ago
• aquia-inc / aws-guardduty-runbook-generator

  View on GitHub
  Generates runbooks for GuardDuty findings
  ☆38Jun 24, 2024Updated last year
• DataDog / pathfinding.cloud

  View on GitHub
  An AWS IAM Privilege Escalation Path Library
  ☆119Updated this week
• Resourcely-Inc / cloud-guardrails

  View on GitHub
  Open-source best practices for protecting a secure, sensible cloud platform
  ☆129Oct 25, 2024Updated last year
• Permiso-io-tools / CloudConsoleCartographer

  View on GitHub
  Released at Black Hat Asia on April 18, 2024, Cloud Console Cartographer is a framework for condensing groupings of cloud events (e.g. Cl…
  ☆173May 16, 2024Updated last year
• vectra-ai-research / Halberd

  View on GitHub
  Halberd : Multi-Cloud Agentic Attack Tool
  ☆334Jan 12, 2026Updated last month
• DataDog / whoAMI-scanner

  View on GitHub
  Scan your account for the use of untrusted AMIs
  ☆31Feb 13, 2026Updated 2 weeks ago
• DataDog / undocumented-aws-api-hunter

  View on GitHub
  A tool to uncover undocumented APIs from the AWS Console.
  ☆116Apr 29, 2025Updated 10 months ago
• suzuki-shunsuke / tfprovidercheck

  View on GitHub
  CLI to prevent malicious Terraform Providers from being executed. You can define the allow list of Terraform Providers and their versions…
  ☆88Feb 22, 2026Updated last week
• singe / tidcli

  View on GitHub
  A simple touchID prompt'er for use in shell scripts.
  ☆99Jun 18, 2024Updated last year
• orcasecurity / orca-toolbox

  View on GitHub
  ☆124May 26, 2025Updated 9 months ago
• BreakingMhet / honeyzure

  View on GitHub
  HoneyZure is a honeypot tool specifically designed for Azure environments, fully provisioned through Terraform. It leverages a Log Analyt…
  ☆17Jun 11, 2024Updated last year
• cloud-copilot / iam-lens

  View on GitHub
  Google Maps for AWS IAM
  ☆261Feb 21, 2026Updated last week
• aws-samples / network-access-analyzer-multi-account-analysis

  View on GitHub
  Identify all permitted data paths originating from the Internet to Network Interfaces within AWS Accounts across the entire AWS Organizat…
  ☆42Sep 19, 2023Updated 2 years ago
• mikeprivette / awesome-sec-challenges

  View on GitHub
  A curated list of Awesome Security Challenges.
  ☆211Nov 6, 2024Updated last year
• HarshVaragiya / aws-redteam-kit

  View on GitHub
  A PoC to Simulate Ransomware Attack on AWS Environment
  ☆33Oct 14, 2024Updated last year
• righteousgambit / quiet-riot

  View on GitHub
  Unauthenticated enumeration of AWS, Azure, and GCP Principals
  ☆283Nov 27, 2025Updated 3 months ago
• bullfrogsec / bullfrog

  View on GitHub
  Simple plug-and-play Github Action to block unauthorized outbound traffic (egress) in your Github workflows
  ☆117Feb 15, 2026Updated last week
• grahamhelton / IMDSpoof

  View on GitHub
  IMDSPOOF is a cyber deception tool that spoofs the AWS IMDS service to return HoneyTokens that can be alerted on.
  ☆106Nov 24, 2023Updated 2 years ago
• TupleType / awesome-cicd-attacks

  View on GitHub
  Practical resources for offensive CI/CD security research. Curated the best resources I've seen since 2021.
  ☆575Feb 12, 2026Updated 2 weeks ago
• tldrsec / awesome-secure-defaults

  View on GitHub
  Awesome secure by default libraries to help you eliminate bug classes!
  ☆700Dec 6, 2025Updated 2 months ago
• awslabs / threat-composer

  View on GitHub
  A simple threat modeling tool to help humans to reduce time-to-value when threat modeling
  ☆676Feb 13, 2026Updated 2 weeks ago
• aws-samples / resource-control-policy-examples

  View on GitHub
  Example AWS Resource control policies to get started or mature your usage of AWS RCPs.
  ☆198Feb 2, 2026Updated 3 weeks ago