FestIn - Open S3 Bucket Scanner
β230Dec 4, 2020Updated 5 years ago
Alternatives and similar repositories for festin
Users that are interested in festin are comparing it to the libraries listed below
Sorting:
- Simple python script to check against hypothetical JWT vulnerability.β51Nov 29, 2020Updated 5 years ago
- Find cloud assets that no one wants exposed π βοΈβ348Jul 20, 2020Updated 5 years ago
- Whitebox evaluation of effective S3 object permissions, to identify publicly accessible files.β78Mar 4, 2022Updated 4 years ago
- Search exposed EBS volumes for secretsβ302Apr 24, 2023Updated 2 years ago
- Web Inventory tool, takes screenshots of webpages using Pyppeteer (headless Chrome/Chromium) and provides some extra bells & whistles to β¦β761Sep 23, 2024Updated last year
- Suite of programs meant to aid in bug hunting and security assessmentsβ78Dec 29, 2019Updated 6 years ago
- Searching for virtual hosts among non-resolvable domainsβ88Apr 29, 2020Updated 5 years ago
- Quiver is the tool to manage all of your tools for bug bounty hunting and penetration testing.β213Jun 23, 2020Updated 5 years ago
- Erebus is a fast tool for parameter-based vulnerability scanning using a Yaml based template engine like nuclei.β134Jul 11, 2021Updated 4 years ago
- Smart ssrf scanner using different methods like parameter brute forcing in post and get...β279Feb 11, 2021Updated 5 years ago
- Awesome cloud enumeratorβ1,103Mar 9, 2025Updated last year
- Chalumeau is automated,extendable and customizable credential dumping tool based on powershell and python.β103Jul 26, 2020Updated 5 years ago
- Cloud Container Attack Tool (CCAT) is a tool for testing security of container environments.β645Nov 21, 2019Updated 6 years ago
- β139Mar 29, 2023Updated 2 years ago
- Scan for misconfigured S3 buckets across S3-compatible APIs!β2,998Dec 11, 2025Updated 2 months ago
- Making Favicon.ico based Recon Great again !β1,268Aug 29, 2023Updated 2 years ago
- RMIScout uses wordlist and bruteforce strategies to enumerate Java RMI functions and exploit RMI parameter unmarshalling vulnerabilitiesβ447Sep 7, 2022Updated 3 years ago
- An implementation of infrastructure-as-code scanning using dynamic tooling.β56Jan 18, 2022Updated 4 years ago
- automated web assets enumeration & scanning [DEPRECATED]β288Mar 7, 2023Updated 3 years ago
- Python utility to takeover domains vulnerable to AWS NS Takeoverβ86Feb 2, 2023Updated 3 years ago
- Takeover subdomains using AWS dangling elastic ips and have a working POC for Subdomain Takeover.β93Jul 9, 2025Updated 8 months ago
- Automation Recon tool which works with Large & Medium scopes. It performs a lot of tasks and gets back all the results in separated filesβ¦β684Jul 15, 2024Updated last year
- Tool to search secrets in various filetypes.β1,034Apr 25, 2023Updated 2 years ago
- Petaq - Purple Team Command & Control Serverβ105Dec 8, 2022Updated 3 years ago
- IAMFinder enumerates and finds users and IAM roles in a target AWS account.β110Nov 19, 2020Updated 5 years ago
- take a list of resolved subdomains and output any corresponding CNAMES en masse.β18Jan 29, 2026Updated last month
- A bash script that automates the exfiltration of data over dns in case we have blind command execution on a server with egress filteringβ210Nov 29, 2020Updated 5 years ago
- β89Feb 11, 2022Updated 4 years ago
- The Swiss Army knife for automated Web Application Testingβ2,323May 8, 2024Updated last year
- Cloudlist is a tool for listing Assets from multiple Cloud Providers.β1,011Updated this week
- Take a list of domains/subdomains and probe for working http/https server.β192Sep 8, 2020Updated 5 years ago
- CloudScraper: Tool to enumerate targets in search of cloud resources. S3 Buckets, Azure Blobs, Digital Ocean Storage Space.β532Mar 7, 2022Updated 4 years ago
- You can read the writeup on this script hereβ274Jul 12, 2020Updated 5 years ago
- WRecon, is a tool for the recognition of vulnerabilities and blackbox information for wordpress.β19Nov 30, 2022Updated 3 years ago
- Finding potential software vulnerabilities from git commit messagesβ419Oct 7, 2023Updated 2 years ago
- Viewgen is a ViewState tool capable of generating both signed and encrypted payloads with leaked validation keysβ657Feb 1, 2025Updated last year
- Security Tool to Look For Interesting Files in S3 Bucketsβ1,457Apr 10, 2024Updated last year
- A graph-based tool for visualizing effective access and resource relationships in AWS environments.β995Oct 4, 2022Updated 3 years ago
- β127Jun 19, 2020Updated 5 years ago