andresriancho / enumerate-iamLinks
Enumerate the permissions associated with AWS credential set
☆1,209Updated last year
Alternatives and similar repositories for enumerate-iam
Users that are interested in enumerate-iam are comparing it to the libraries listed below
Sorting:
- Awesome cloud enumerator☆1,065Updated 9 months ago
- WeirdAAL (AWS Attack Library)☆829Updated 10 months ago
- A script to enumerate Google Storage buckets, determine what access you have to them, and determine if they can be privilege escalated.☆543Updated 2 years ago
- Cloudlist is a tool for listing Assets from multiple Cloud Providers.☆988Updated 2 weeks ago
- A tool that can help detect and takeover subdomains with dead DNS records☆772Updated 4 years ago
- A collection of awesome AWS S3 tools that collects and enumerates exposed S3 buckets☆397Updated last week
- Leverages publicly available datasets from Google BigQuery to generate content discovery and subdomain wordlists☆760Updated 2 years ago
- S3 Account Search☆28Updated 4 months ago
- Pull out bits of URLs provided on stdin☆1,260Updated 2 years ago
- Multi-cloud OSINT tool. Enumerate public resources in AWS, Azure, and Google Cloud.☆1,974Updated 4 months ago
- Use Terraform to create your own vulnerable by design AWS IAM privilege escalation playground.☆524Updated 3 months ago
- Tool to check for dependency confusion vulnerabilities in multiple package management systems☆769Updated last year
- Convolutional neural network for analyzing pentest screenshots☆1,270Updated last year
- 🍪 CookieMonster helps you detect and abuse vulnerable implementations of stateless sessions.☆953Updated 11 months ago
- graphw00f is GraphQL Server Engine Fingerprinting utility for software security professionals looking to learn more about what technology…☆773Updated 6 months ago
- An automated SSRF finder. Just give the domain name and your server and chill! ;) Also has options to find XSS and open redirects☆968Updated 4 years ago
- A tool for standing up (and tearing down!) purposefully insecure cloud infrastructure☆741Updated 2 years ago
- Scan for misconfigured S3 buckets across S3-compatible APIs!☆2,966Updated 3 weeks ago
- HTTP Request Smuggling over HTTP/2 Cleartext (h2c)☆764Updated 3 years ago
- Exploits written by the Rhino Security Labs team☆1,088Updated 4 years ago
- Cloud-related research releases from the Rhino Security Labs team.☆392Updated 5 years ago
- Escalate your SSRF vulnerabilities on Modern Cloud Environments. `surf` allows you to filter a list of hosts, returning a list of viable …☆696Updated last year
- Extension for Burp Suite which uses AWS API Gateway to rotate your IP on every request.☆875Updated 9 months ago
- Cloud Container Attack Tool (CCAT) is a tool for testing security of container environments.☆644Updated 6 years ago
- InQL is a robust, open-source Burp Suite extension for advanced GraphQL testing, offering intuitive vulnerability detection, customizable…☆1,700Updated last week
- ☆617Updated last year
- ☆1,062Updated 2 months ago
- Automating situational awareness for cloud penetration tests.☆2,253Updated 3 weeks ago
- A collection of special paths linked to common sensitive APIs, devops internals, frameworks conf, known misconfigurations, juicy APIs ..e…☆1,001Updated last year
- Easily turn single threaded command line applications into a fast, multi-threaded application with CIDR and glob support.☆1,277Updated 2 months ago