andresriancho/nimbostratus external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

andresriancho/nimbostratus

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/andresriancho/nimbostratus)

Close

andresriancho / nimbostratusView on GitHubMore

• External links
• Readme badge

Tools for fingerprinting and exploiting Amazon cloud infrastructures

☆499Nov 10, 2022Updated 3 years ago

Alternatives and similar repositories for nimbostratus

Users that are interested in nimbostratus are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• andresriancho / nimbostratus-target

  View on GitHub
  This repository holds a target infrastructure you can use for running the nimbostratus tools.
  ☆24Mar 9, 2015Updated 11 years ago
• dagrz / aws_pwn

  View on GitHub
  A collection of AWS penetration testing junk
  ☆1,224Aug 30, 2023Updated 2 years ago
• RhinoSecurityLabs / Security-Research

  View on GitHub
  Exploits written by the Rhino Security Labs team
  ☆1,098Jan 23, 2021Updated 5 years ago
• RhinoSecurityLabs / pacu

  View on GitHub
  The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.
  ☆5,136Mar 30, 2026Updated 2 weeks ago
• carnal0wnage / weirdAAL

  View on GitHub
  WeirdAAL (AWS Attack Library)
  ☆837Jan 13, 2025Updated last year
• Managed Kubernetes at scale on DigitalOcean • Ad
  DigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
• VirtueSecurity / aws-extender

  View on GitHub
  AWS Extender (Cloud Storage Tester) is a Burp plugin to assess permissions of cloud storage containers on AWS, Google Cloud and Azure.
  ☆256Feb 23, 2022Updated 4 years ago
• Arno0x / WSC2

  View on GitHub
  A WebSocket C2 Tool
  ☆416Nov 24, 2017Updated 8 years ago
• FishermansEnemy / bucket_finder

  View on GitHub
  Amazon bucket brute force tool
  ☆102Jun 24, 2013Updated 12 years ago
• Voulnet / barq

  View on GitHub
  barq: The AWS Cloud Post Exploitation framework!
  ☆388Nov 19, 2022Updated 3 years ago
• jordanpotti / CloudScraper

  View on GitHub
  CloudScraper: Tool to enumerate targets in search of cloud resources. S3 Buckets, Azure Blobs, Digital Ocean Storage Space.
  ☆535Mar 7, 2022Updated 4 years ago
• prevade / cloudjack

  View on GitHub
  Route53/CloudFront Vulnerability Assessment Utility
  ☆86Sep 11, 2023Updated 2 years ago
• Arno0x / DBC2

  View on GitHub
  DBC2 (DropboxC2) is a modular post-exploitation tool, composed of an agent running on the victim's machine, a controler, running on any m…
  ☆310Oct 27, 2017Updated 8 years ago
• RhinoSecurityLabs / ccat

  View on GitHub
  Cloud Container Attack Tool (CCAT) is a tool for testing security of container environments.
  ☆649Nov 21, 2019Updated 6 years ago
• RedSiege / WMImplant

  View on GitHub
  This is a PowerShell based tool that is designed to act like a RAT. Its interface is that of a shell where any command that is supported …
  ☆846Jun 25, 2024Updated last year
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
• andresriancho / enumerate-iam

  View on GitHub
  Enumerate the permissions associated with AWS credential set
  ☆1,231Feb 5, 2024Updated 2 years ago
• nccgroup / PMapper

  View on GitHub
  A tool for quickly evaluating IAM permissions in AWS.
  ☆1,551Aug 2, 2024Updated last year
• securing / DumpsterDiver

  View on GitHub
  Tool to search secrets in various filetypes.
  ☆1,034Apr 25, 2023Updated 2 years ago
• disruptops / assess_network

  View on GitHub
  Assess certain AWS network configurations
  ☆12Aug 22, 2018Updated 7 years ago
• RhinoSecurityLabs / AWS-IAM-Privilege-Escalation

  View on GitHub
  A centralized source of all AWS IAM privilege escalation methods released by Rhino Security Labs.
  ☆927Jul 25, 2019Updated 6 years ago
• jordanpotti / AWSBucketDump

  View on GitHub
  Security Tool to Look For Interesting Files in S3 Buckets
  ☆1,459Apr 10, 2024Updated 2 years ago
• nccgroup / Scout2

  View on GitHub
  Security auditing tool for AWS environments
  ☆1,721Nov 28, 2018Updated 7 years ago
• FSecureLABS / Azurite

  View on GitHub
  Enumeration and reconnaissance activities in the Microsoft Azure Cloud.
  ☆254Feb 20, 2019Updated 7 years ago
• disruptops / cred_scanner

  View on GitHub
  A simple file-based scanner to look for potential AWS access and secret keys in files
  ☆95Mar 18, 2024Updated 2 years ago
• 1-Click AI Models by DigitalOcean Gradient • Ad
  Deploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
• silentsignal / burp-image-size

  View on GitHub
  Image size issues plugin for Burp Suite
  ☆94Jun 27, 2018Updated 7 years ago
• nccgroup / Decoder-Improved

  View on GitHub
  Improved decoder for Burp Suite
  ☆138Aug 30, 2021Updated 4 years ago
• andresriancho / vpc-vpn-pivot

  View on GitHub
  Pivot into private VPC networks using a VPN connection
  ☆43Oct 8, 2019Updated 6 years ago
• LUTECH-TMS-CERT / EHAT-NG

  View on GitHub
  Lutech TMS EHAT-NG
  ☆14Jul 8, 2017Updated 8 years ago
• RhinoSecurityLabs / cloudgoat

  View on GitHub
  CloudGoat is Rhino Security Labs' "Vulnerable by Design" AWS deployment tool
  ☆3,541Updated this week
• duo-labs / cloudtracker

  View on GitHub
  CloudTracker helps you find over-privileged IAM users and roles by comparing CloudTrail logs with current IAM policies.
  ☆912Dec 17, 2021Updated 4 years ago
• nccgroup / ScoutSuite

  View on GitHub
  Multi-Cloud Security Auditing Tool
  ☆7,625Sep 23, 2025Updated 6 months ago
• tomdev / teh_s3_bucketeers

  View on GitHub
  ☆276Oct 19, 2021Updated 4 years ago
• tomekr / BurpFlashCSRFBuilder

  View on GitHub
  Generates Flash based CORS CSRF Proof of Concepts that can be sent directly to clients
  ☆14Jul 3, 2013Updated 12 years ago
• Managed Database hosting by DigitalOcean • Ad
  PostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
• P3GLEG / PwnBack

  View on GitHub
  Burp Extender plugin that generates a sitemap of a website using Wayback Machine
  ☆227May 8, 2018Updated 7 years ago
• SecurityFTW / cs-suite

  View on GitHub
  Cloud Security Suite - One stop tool for auditing the security posture of AWS/GCP/Azure infrastructure.
  ☆1,169Dec 8, 2022Updated 3 years ago
• its-a-feature / Orchard

  View on GitHub
  JavaScript for Automation (JXA) tool to do Active Directory enumeration.
  ☆107Feb 19, 2022Updated 4 years ago
• mdsecactivebreach / LinkedInt

  View on GitHub
  LinkedInt: A LinkedIn scraper for reconnaissance during adversary simulation
  ☆491May 23, 2023Updated 2 years ago
• Static-Flow / CloudCopy

  View on GitHub
  This tool implements a cloud version of the Shadow Copy attack against domain controllers running in AWS using only the EC2:CreateSnapsho…
  ☆122Nov 2, 2019Updated 6 years ago
• toniblyx / my-arsenal-of-aws-security-tools

  View on GitHub
  List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.
  ☆9,431Oct 16, 2025Updated 6 months ago
• olliencc / appsec-vulnerability-periodic-table

  View on GitHub
  Application Security Vulnerability Periodic Table
  ☆14Aug 25, 2014Updated 11 years ago