Alternatives and similar repositories for endgame

Users that are interested in endgame are comparing it to the libraries listed below

• DavidDikker / endgame

  View on GitHub
  An AWS Pentesting tool that lets you use one-liner commands to backdoor an AWS account's resources with a rogue AWS account - or share th…
  ☆207Feb 16, 2021Updated 4 years ago
• ajpc500 / RelayRumbler

  View on GitHub
  A proof-of-concept tool that attempts to retrieve the configuration from the memory dump of an F-Secure C3 Relay executable.
  ☆18Jul 2, 2021Updated 4 years ago
• orcasecurity / orca-toolbox

  View on GitHub
  ☆124May 26, 2025Updated 8 months ago
• BishopFox / iam-vulnerable

  View on GitHub
  Use Terraform to create your own vulnerable by design AWS IAM privilege escalation playground.
  ☆544Sep 11, 2025Updated 5 months ago
• hausec / CobaltStrikeToGhostWriter

  View on GitHub
  Log converter from CS log to Ghostwriter CSV
  ☆31Nov 23, 2020Updated 5 years ago
• goldfiglabs / rpCheckup

  View on GitHub
  rpCheckup is an AWS resource policy security checkup tool that identifies public, external account access, intra-org account access, …
  ☆162Apr 22, 2021Updated 4 years ago
• awslabs / aws-cloudsaga

  View on GitHub
  AWS CloudSaga - Simulate security events in AWS
  ☆472Feb 7, 2026Updated last week
• WeAreCloudar / s3-account-search

  View on GitHub
  S3 Account Search
  ☆35Jul 25, 2025Updated 6 months ago
• cedowens / docker-arsenal

  View on GitHub
  Spins up a docker container with several useful tools for offensive security in macOS/cloud environments. Also installs the needed depend…
  ☆18Nov 3, 2021Updated 4 years ago
• cedowens / Dylib_Runner

  View on GitHub
  Swift code to run a dylib on disk
  ☆16May 9, 2022Updated 3 years ago
• audibleblink / davil

  View on GitHub
  leaking net-ntlm with webdav
  ☆26Feb 23, 2021Updated 4 years ago
• ReversecLabs / awspx

  View on GitHub
  A graph-based tool for visualizing effective access and resource relationships in AWS environments.
  ☆995Oct 4, 2022Updated 3 years ago
• salesforce / cloudsplaining

  View on GitHub
  Cloudsplaining is an AWS IAM Security Assessment tool that identifies violations of least privilege and generates a risk-prioritized repo…
  ☆2,180Updated this week
• nccgroup / PMapper

  View on GitHub
  A tool for quickly evaluating IAM permissions in AWS.
  ☆1,539Aug 2, 2024Updated last year
• RhinoSecurityLabs / pacu

  View on GitHub
  The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.
  ☆5,057Nov 8, 2025Updated 3 months ago
• rasta-mouse / Rosplant

  View on GitHub
  ☆53Sep 16, 2021Updated 4 years ago
• OG-Sadpanda / SharpExcelibur

  View on GitHub
  Read Excel Spreadsheets (XLS/XLSX) using Cobalt Strike's Execute-Assembly
  ☆90Sep 30, 2024Updated last year
• ropbear / CLMBypass

  View on GitHub
  Bypass Constrained Language Mode in PowerShell
  ☆30May 21, 2019Updated 6 years ago
• emcghee / PayloadAutomation

  View on GitHub
  ☆121Jun 17, 2022Updated 3 years ago
• optiv / rustyIron

  View on GitHub
  rustyIron is a tool that takes advantage of functionality within Ivanti's MobileIron MDM solution to perform single-factor authentication…
  ☆44Mar 22, 2021Updated 4 years ago
• CloudWanderer-io / PolicyGlass

  View on GitHub
  PolicyGlass allows you to analyse one or more AWS policies' effective permissions in aggregate, by restating them in the form of PolicySh…
  ☆60Jan 9, 2022Updated 4 years ago
• PaperMtn / slack-watchman

  View on GitHub
  Slack enumeration and exposed secrets detection tool
  ☆397Jan 8, 2026Updated last month
• bufferbandit / silent_cleanup_uac_bypass

  View on GitHub
  Silent Cleanup UAC Bypass POC
  ☆11Dec 15, 2019Updated 6 years ago
• andpalmier / MLWithPhishing

  View on GitHub
  Machine Learning basics with phishing dataset
  ☆10Apr 19, 2021Updated 4 years ago
• righteousgambit / quiet-riot

  View on GitHub
  Unauthenticated enumeration of AWS, Azure, and GCP Principals
  ☆282Nov 27, 2025Updated 2 months ago
• ReversecLabs / IAMSpy

  View on GitHub
  ☆228Jan 29, 2026Updated 2 weeks ago
• byt3bl33d3r / pyMalleableC2

  View on GitHub
  Python interpreter for Cobalt Strike Malleable C2 Profiles. Allows you to parse, build and modify them programmatically.
  ☆281Oct 29, 2024Updated last year
• Verizon / redshell

  View on GitHub
  An interactive command prompt for red teaming and pentesting. Automatically pushes commands through SOCKS4/5 proxies via proxychains. Opt…
  ☆220Aug 23, 2022Updated 3 years ago
• carnal0wnage / weirdAAL

  View on GitHub
  WeirdAAL (AWS Attack Library)
  ☆837Jan 13, 2025Updated last year
• Noovolari / awesome-cloudops

  View on GitHub
  A curated list of tools and best practices for CloudOps
  ☆119Nov 21, 2023Updated 2 years ago
• knavesec / EyeWitnessTheFitness

  View on GitHub
  Exactly what it sounds like, which is something rad
  ☆22Oct 12, 2022Updated 3 years ago
• ezra-buckingham / terry-the-terraformer

  View on GitHub
  A CLI for deploying red team infrastructure across mutliple cloud providers, all integrated with a virtual Nebula network, and full ELK i…
  ☆120Jul 23, 2023Updated 2 years ago
• Netflix-Skunkworks / policyuniverse

  View on GitHub
  Parse and Process AWS IAM Policies, Statements, ARNs, and wildcards.
  ☆447Jun 21, 2024Updated last year
• PhilKeeble / AWS-RedTeam-ADLab

  View on GitHub
  ☆120Jun 17, 2021Updated 4 years ago
• twilio-labs / socless

  View on GitHub
  The SOCless automation framework
  ☆140Feb 11, 2025Updated last year
• SummitRoute / aws_exposable_resources

  View on GitHub
  Resource types that can be publicly exposed on AWS
  ☆329Feb 23, 2022Updated 3 years ago
• EspressoCake / DLL-Exports-Extraction-BOF

  View on GitHub
  DLL Exports Extraction BOF with optional NTFS transactions.
  ☆90Nov 5, 2021Updated 4 years ago
• SygniaLabs / security-cloud-scout

  View on GitHub
  ☆140Mar 29, 2023Updated 2 years ago
• cloud-copilot / iam-collect

  View on GitHub
  Collect IAM information from all your AWS organization, accounts, and resources.
  ☆85Feb 7, 2026Updated last week