andresriancho / nimbostratusView external linksLinks
Tools for fingerprinting and exploiting Amazon cloud infrastructures
☆496Nov 10, 2022Updated 3 years ago
Alternatives and similar repositories for nimbostratus
Users that are interested in nimbostratus are comparing it to the libraries listed below
Sorting:
- A collection of AWS penetration testing junk☆1,217Aug 30, 2023Updated 2 years ago
- This repository holds a target infrastructure you can use for running the nimbostratus tools.☆24Mar 9, 2015Updated 10 years ago
- Exploits written by the Rhino Security Labs team☆1,091Jan 23, 2021Updated 5 years ago
- WeirdAAL (AWS Attack Library)☆835Jan 13, 2025Updated last year
- The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.☆5,065Updated this week
- AWS Extender (Cloud Storage Tester) is a Burp plugin to assess permissions of cloud storage containers on AWS, Google Cloud and Azure.☆256Feb 23, 2022Updated 3 years ago
- Cloud Container Attack Tool (CCAT) is a tool for testing security of container environments.☆645Nov 21, 2019Updated 6 years ago
- CloudScraper: Tool to enumerate targets in search of cloud resources. S3 Buckets, Azure Blobs, Digital Ocean Storage Space.☆534Mar 7, 2022Updated 3 years ago
- Enumerate the permissions associated with AWS credential set☆1,217Feb 5, 2024Updated 2 years ago
- barq: The AWS Cloud Post Exploitation framework!☆388Nov 19, 2022Updated 3 years ago
- A tool for quickly evaluating IAM permissions in AWS.☆1,539Aug 2, 2024Updated last year
- Tool to search secrets in various filetypes.☆1,030Apr 25, 2023Updated 2 years ago
- A centralized source of all AWS IAM privilege escalation methods released by Rhino Security Labs.☆924Jul 25, 2019Updated 6 years ago
- Security auditing tool for AWS environments☆1,725Nov 28, 2018Updated 7 years ago
- This is a PowerShell based tool that is designed to act like a RAT. Its interface is that of a shell where any command that is supported …☆840Jun 25, 2024Updated last year
- A simple file-based scanner to look for potential AWS access and secret keys in files☆94Mar 18, 2024Updated last year
- Security Tool to Look For Interesting Files in S3 Buckets☆1,453Apr 10, 2024Updated last year
- Route53/CloudFront Vulnerability Assessment Utility☆87Sep 11, 2023Updated 2 years ago
- Pivot into private VPC networks using a VPN connection☆43Oct 8, 2019Updated 6 years ago
- A WebSocket C2 Tool☆410Nov 24, 2017Updated 8 years ago
- Enumeration and reconnaissance activities in the Microsoft Azure Cloud.☆254Feb 20, 2019Updated 6 years ago
- LinkedInt: A LinkedIn scraper for reconnaissance during adversary simulation☆488May 23, 2023Updated 2 years ago
- Amazon bucket brute force tool☆102Jun 24, 2013Updated 12 years ago
- Assess certain AWS network configurations☆12Aug 22, 2018Updated 7 years ago
- Image size issues plugin for Burp Suite☆95Jun 27, 2018Updated 7 years ago
- RedSnarf is a pen-testing / red-teaming tool for Windows environments☆1,212Sep 14, 2020Updated 5 years ago
- CloudGoat is Rhino Security Labs' "Vulnerable by Design" AWS deployment tool☆3,475Updated this week
- DBC2 (DropboxC2) is a modular post-exploitation tool, composed of an agent running on the victim's machine, a controler, running on any m…☆305Oct 27, 2017Updated 8 years ago
- Issues to consider when planning a red team exercise.☆614Aug 23, 2017Updated 8 years ago
- JavaScript for Automation (JXA) tool to do Active Directory enumeration.☆106Feb 19, 2022Updated 3 years ago
- Red Team Tips as posted by @vysecurity on Twitter☆1,067Apr 26, 2020Updated 5 years ago
- Improved decoder for Burp Suite☆138Aug 30, 2021Updated 4 years ago
- A Custom Scanner for Burp☆31Mar 26, 2014Updated 11 years ago
- Checks expired domains for categorization/reputation and Archive.org history to determine good candidates for phishing and C2 domain name…☆1,644Jun 6, 2024Updated last year
- Burp Extender plugin that generates a sitemap of a website using Wayback Machine☆227May 8, 2018Updated 7 years ago
- CloudTracker helps you find over-privileged IAM users and roles by comparing CloudTrail logs with current IAM policies.☆907Dec 17, 2021Updated 4 years ago
- Multi-Cloud Security Auditing Tool☆7,537Sep 23, 2025Updated 4 months ago
- Cloud-related research releases from the Rhino Security Labs team.☆392Apr 23, 2020Updated 5 years ago
- A tool to hunt for publicly accessible DigitalOcean Spaces☆156Jan 21, 2020Updated 6 years ago