appsecco / CloudPentestCheatsheets
This repository contains a collection of cheatsheets I have put together for tools related to pentesting organizations that leverage cloud providers.
☆22Updated 4 years ago
Alternatives and similar repositories for CloudPentestCheatsheets:
Users that are interested in CloudPentestCheatsheets are comparing it to the libraries listed below
- AWS Security Checks☆37Updated 7 years ago
- Appsecco training course content on Attacking and Auditing Dockers Containers and Kubernetes Clusters☆14Updated 4 years ago
- ☆28Updated 5 years ago
- Scripts and tools for AWS Pentest☆53Updated 4 years ago
- A tool to evaluate Content Security Policies.☆70Updated 4 years ago
- Repository for all the workshop content delivered at nullcon X on 1st of March 2019☆81Updated 5 years ago
- AWS S3 Sensitive Data Search☆36Updated 3 years ago
- A collection of slides, videos, and proof-of-concept scripts from various Rhino presentations.☆38Updated 6 years ago
- The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.☆48Updated 5 years ago
- Pivot into private VPC networks using a VPN connection☆41Updated 5 years ago
- A simple file-based scanner to look for potential AWS access and secret keys in files☆91Updated 11 months ago
- A collection of tools to find data that has been made public in cloud storage systems such as S3 Buckets and Digital Ocean Spaces☆74Updated 2 years ago
- A step-by-step walkthrough of CloudGoat 2.0 scenarios.☆134Updated 4 years ago
- Jekyll Files for cloudsecwiki.com☆51Updated 3 years ago
- Preventing malicious takeover of the retired slurp AWS tool☆40Updated 6 years ago
- A Burp plugin to export findings to DefectDojo☆30Updated last year
- An nmap script to produce target lists for use with various tools.☆33Updated 3 years ago
- Yet another open S3 bucket finder☆20Updated 7 years ago
- Deploy a Private Burpsuite Collaborator using boto3 Python Library☆57Updated 5 years ago
- A password spraying wordlist generator. Takes breach data as a valid input in order to target password reuse.☆44Updated 5 years ago
- Amazon bucket brute force tool☆99Updated 11 years ago
- The Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parameters☆63Updated last year
- A place to store my own wordlists, and link to others that are useful☆106Updated last year
- Burp Suite Importer - Connect to multiple web servers while populating the sitemap.☆48Updated 4 years ago
- A simple Cherry Tree template that can be used to organize bug bounties☆37Updated 5 years ago
- Just a bunch of useful links to take (and pass!) OSCP☆20Updated 4 years ago
- A CLI tool to interact with hackerone.com. This was my submission for HackerOne's Summer 2018 Hack Day.☆38Updated 6 years ago
- KeepNote For OSCP Course☆24Updated 4 years ago
- A colorful cross-platform python script to test misconfigurations of AWS S3 buckets both through authenticated and unauthenticated checks…☆39Updated 3 years ago
- AWS Extender CLI is a command-line script to test S3 buckets as well as Google Storage buckets and Azure Storage containers for common mi…☆82Updated 4 years ago