andresriancho / enumerate-iamLinks
Enumerate the permissions associated with AWS credential set
☆1,191Updated last year
Alternatives and similar repositories for enumerate-iam
Users that are interested in enumerate-iam are comparing it to the libraries listed below
Sorting:
- Awesome cloud enumerator☆1,047Updated 6 months ago
- Cloudlist is a tool for listing Assets from multiple Cloud Providers.☆975Updated last week
- WeirdAAL (AWS Attack Library)☆821Updated 8 months ago
- A collection of awesome AWS S3 tools that collects and enumerates exposed S3 buckets☆385Updated last year
- Multi-cloud OSINT tool. Enumerate public resources in AWS, Azure, and Google Cloud.☆1,935Updated 2 months ago
- Pull out bits of URLs provided on stdin☆1,221Updated 2 years ago
- Leverages publicly available datasets from Google BigQuery to generate content discovery and subdomain wordlists☆751Updated 2 years ago
- Tool to check for dependency confusion vulnerabilities in multiple package management systems☆757Updated last year
- A script to enumerate Google Storage buckets, determine what access you have to them, and determine if they can be privilege escalated.☆535Updated 2 years ago
- Use Terraform to create your own vulnerable by design AWS IAM privilege escalation playground.☆519Updated 3 weeks ago
- A tool that can help detect and takeover subdomains with dead DNS records☆767Updated 4 years ago
- S3 Account Search☆19Updated 2 months ago
- ☆605Updated last year
- ☆1,031Updated 2 weeks ago
- The Bug Bounty Reconnaissance Framework (BBRF) can help you coordinate your reconnaissance workflows across multiple devices☆633Updated 3 months ago
- DNSGen is a powerful and flexible DNS name permutation tool designed for security researchers and penetration testers. It generates intel…☆1,023Updated 9 months ago
- Fast and stealthy Amazon S3 bucket enumeration tool for pentesters.☆256Updated 2 months ago
- A wordlist of API names for web application assessments☆848Updated 3 months ago
- Accept URLs on stdin, replace all query string values with a user-supplied value☆841Updated 2 years ago
- Cloud-related research releases from the Rhino Security Labs team.☆392Updated 5 years ago
- Escalate your SSRF vulnerabilities on Modern Cloud Environments. `surf` allows you to filter a list of hosts, returning a list of viable …☆678Updated last year
- Fast GitHub recon tool. Scans for leaked secrets across all of GitHub, not just known repos and orgs. Support for GitHub dorks.☆1,348Updated last week
- Extension for Burp Suite which uses AWS API Gateway to rotate your IP on every request.☆873Updated 7 months ago
- GF Paterns For (ssrf,RCE,Lfi,sqli,ssti,idor,url redirection,debug_logic, interesting Subs) parameters grep☆1,365Updated last year
- Convolutional neural network for analyzing pentest screenshots☆1,248Updated last year
- Smuggler - An HTTP Request Smuggling / Desync testing tool written in Python 3☆2,017Updated last year
- Fetches javascript file from a list of URLS or subdomains.☆803Updated 2 months ago
- graphw00f is GraphQL Server Engine Fingerprinting utility for software security professionals looking to learn more about what technology…☆674Updated 3 months ago
- A collection of special paths linked to common sensitive APIs, devops internals, frameworks conf, known misconfigurations, juicy APIs ..e…☆987Updated last year
- This is a collection of writeups, cheatsheets, videos, books related to SSRF in one single location☆1,325Updated 4 years ago