andresriancho/nimbostratus external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

andresriancho/nimbostratus

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/andresriancho/nimbostratus)

Close

andresriancho / nimbostratusView on GitHubMore

• External links
• Readme badge

Tools for fingerprinting and exploiting Amazon cloud infrastructures

☆507Nov 10, 2022Updated 3 years ago

Alternatives and similar repositories for nimbostratus

Users that are interested in nimbostratus are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• andresriancho / nimbostratus-target

  View on GitHub
  This repository holds a target infrastructure you can use for running the nimbostratus tools.
  ☆24Mar 9, 2015Updated 11 years ago
• dagrz / aws_pwn

  View on GitHub
  A collection of AWS penetration testing junk
  ☆1,225Aug 30, 2023Updated 2 years ago
• RhinoSecurityLabs / Security-Research

  View on GitHub
  Exploits written by the Rhino Security Labs team
  ☆1,101Jan 23, 2021Updated 5 years ago
• RhinoSecurityLabs / pacu

  View on GitHub
  The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.
  ☆5,209May 19, 2026Updated last week
• carnal0wnage / weirdAAL

  View on GitHub
  WeirdAAL (AWS Attack Library)
  ☆842Jan 13, 2025Updated last year
• Deploy on Railway without the complexity - Free Credits Offer • Ad
  Connect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
• Arno0x / WSC2

  View on GitHub
  A WebSocket C2 Tool
  ☆418Nov 24, 2017Updated 8 years ago
• VirtueSecurity / aws-extender

  View on GitHub
  AWS Extender (Cloud Storage Tester) is a Burp plugin to assess permissions of cloud storage containers on AWS, Google Cloud and Azure.
  ☆256Feb 23, 2022Updated 4 years ago
• FishermansEnemy / bucket_finder

  View on GitHub
  Amazon bucket brute force tool
  ☆102Jun 24, 2013Updated 12 years ago
• Voulnet / barq

  View on GitHub
  barq: The AWS Cloud Post Exploitation framework!
  ☆388Nov 19, 2022Updated 3 years ago
• jordanpotti / CloudScraper

  View on GitHub
  CloudScraper: Tool to enumerate targets in search of cloud resources. S3 Buckets, Azure Blobs, Digital Ocean Storage Space.
  ☆536Mar 7, 2022Updated 4 years ago
• prevade / cloudjack

  View on GitHub
  Route53/CloudFront Vulnerability Assessment Utility
  ☆86Sep 11, 2023Updated 2 years ago
• Arno0x / DBC2

  View on GitHub
  DBC2 (DropboxC2) is a modular post-exploitation tool, composed of an agent running on the victim's machine, a controler, running on any m…
  ☆312Oct 27, 2017Updated 8 years ago
• RhinoSecurityLabs / ccat

  View on GitHub
  Cloud Container Attack Tool (CCAT) is a tool for testing security of container environments.
  ☆651Nov 21, 2019Updated 6 years ago
• RedSiege / WMImplant

  View on GitHub
  This is a PowerShell based tool that is designed to act like a RAT. Its interface is that of a shell where any command that is supported …
  ☆850Jun 25, 2024Updated last year
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
• RhinoSecurityLabs / AWS-IAM-Privilege-Escalation

  View on GitHub
  A centralized source of all AWS IAM privilege escalation methods released by Rhino Security Labs.
  ☆929Jul 25, 2019Updated 6 years ago
• andresriancho / enumerate-iam

  View on GitHub
  Enumerate the permissions associated with AWS credential set
  ☆1,235Feb 5, 2024Updated 2 years ago
• nccgroup / PMapper

  View on GitHub
  A tool for quickly evaluating IAM permissions in AWS.
  ☆1,557Aug 2, 2024Updated last year
• securing / DumpsterDiver

  View on GitHub
  Tool to search secrets in various filetypes.
  ☆1,035Apr 25, 2023Updated 3 years ago
• disruptops / assess_network

  View on GitHub
  Assess certain AWS network configurations
  ☆12Aug 22, 2018Updated 7 years ago
• jordanpotti / AWSBucketDump

  View on GitHub
  Security Tool to Look For Interesting Files in S3 Buckets
  ☆1,463Apr 10, 2024Updated 2 years ago
• nccgroup / Scout2

  View on GitHub
  Security auditing tool for AWS environments
  ☆1,720Nov 28, 2018Updated 7 years ago
• ReversecLabs / Azurite

  View on GitHub
  Enumeration and reconnaissance activities in the Microsoft Azure Cloud.
  ☆254Feb 20, 2019Updated 7 years ago
• disruptops / cred_scanner

  View on GitHub
  A simple file-based scanner to look for potential AWS access and secret keys in files
  ☆94Mar 18, 2024Updated 2 years ago
• GPU virtual machines on DigitalOcean Gradient AI • Ad
  Get to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
• muellerberndt / apkx

  View on GitHub
  One-Step APK Decompilation With Multiple Backends
  ☆295Jan 19, 2021Updated 5 years ago
• silentsignal / burp-image-size

  View on GitHub
  Image size issues plugin for Burp Suite
  ☆95Jun 27, 2018Updated 7 years ago
• nccgroup / Decoder-Improved

  View on GitHub
  Improved decoder for Burp Suite
  ☆138Aug 30, 2021Updated 4 years ago
• RhinoSecurityLabs / cloudgoat

  View on GitHub
  CloudGoat is Rhino Security Labs' "Vulnerable by Design" AWS deployment tool
  ☆3,613Apr 28, 2026Updated last month
• andresriancho / vpc-vpn-pivot

  View on GitHub
  Pivot into private VPC networks using a VPN connection
  ☆43Oct 8, 2019Updated 6 years ago
• LUTECH-TMS-CERT / EHAT-NG

  View on GitHub
  Lutech TMS EHAT-NG
  ☆14Jul 8, 2017Updated 8 years ago
• duo-labs / cloudtracker

  View on GitHub
  CloudTracker helps you find over-privileged IAM users and roles by comparing CloudTrail logs with current IAM policies.
  ☆912Dec 17, 2021Updated 4 years ago
• nccgroup / ScoutSuite

  View on GitHub
  Multi-Cloud Security Auditing Tool
  ☆7,678Sep 23, 2025Updated 8 months ago
• tomdev / teh_s3_bucketeers

  View on GitHub
  ☆277Oct 19, 2021Updated 4 years ago
• Wordpress hosting with auto-scaling - Free Trial Offer • Ad
  Fully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
• tomekr / BurpFlashCSRFBuilder

  View on GitHub
  Generates Flash based CORS CSRF Proof of Concepts that can be sent directly to clients
  ☆14Jul 3, 2013Updated 12 years ago
• P3GLEG / PwnBack

  View on GitHub
  Burp Extender plugin that generates a sitemap of a website using Wayback Machine
  ☆227May 8, 2018Updated 8 years ago
• SecurityFTW / cs-suite

  View on GitHub
  Cloud Security Suite - One stop tool for auditing the security posture of AWS/GCP/Azure infrastructure.
  ☆1,171Dec 8, 2022Updated 3 years ago
• its-a-feature / Orchard

  View on GitHub
  JavaScript for Automation (JXA) tool to do Active Directory enumeration.
  ☆108Feb 19, 2022Updated 4 years ago
• mdsecactivebreach / LinkedInt

  View on GitHub
  LinkedInt: A LinkedIn scraper for reconnaissance during adversary simulation
  ☆489May 23, 2023Updated 3 years ago
• Static-Flow / CloudCopy

  View on GitHub
  This tool implements a cloud version of the Shadow Copy attack against domain controllers running in AWS using only the EC2:CreateSnapsho…
  ☆123Nov 2, 2019Updated 6 years ago
• toniblyx / my-arsenal-of-aws-security-tools

  View on GitHub
  List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.
  ☆9,453Apr 17, 2026Updated last month