cr0hn / festinView external linksLinks
FestIn - Open S3 Bucket Scanner
β231Dec 4, 2020Updated 5 years ago
Alternatives and similar repositories for festin
Users that are interested in festin are comparing it to the libraries listed below
Sorting:
- Simple python script to check against hypothetical JWT vulnerability.β51Nov 29, 2020Updated 5 years ago
- Find cloud assets that no one wants exposed π βοΈβ349Jul 20, 2020Updated 5 years ago
- Whitebox evaluation of effective S3 object permissions, to identify publicly accessible files.β78Mar 4, 2022Updated 3 years ago
- Search exposed EBS volumes for secretsβ302Apr 24, 2023Updated 2 years ago
- Web Inventory tool, takes screenshots of webpages using Pyppeteer (headless Chrome/Chromium) and provides some extra bells & whistles to β¦β760Sep 23, 2024Updated last year
- Suite of programs meant to aid in bug hunting and security assessmentsβ79Dec 29, 2019Updated 6 years ago
- Searching for virtual hosts among non-resolvable domainsβ88Apr 29, 2020Updated 5 years ago
- Quiver is the tool to manage all of your tools for bug bounty hunting and penetration testing.β214Jun 23, 2020Updated 5 years ago
- Erebus is a fast tool for parameter-based vulnerability scanning using a Yaml based template engine like nuclei.β134Jul 11, 2021Updated 4 years ago
- Smart ssrf scanner using different methods like parameter brute forcing in post and get...β279Feb 11, 2021Updated 5 years ago
- Awesome cloud enumeratorβ1,092Mar 9, 2025Updated 11 months ago
- Chalumeau is automated,extendable and customizable credential dumping tool based on powershell and python.β103Jul 26, 2020Updated 5 years ago
- Cloud Container Attack Tool (CCAT) is a tool for testing security of container environments.β647Nov 21, 2019Updated 6 years ago
- β140Mar 29, 2023Updated 2 years ago
- Scan for misconfigured S3 buckets across S3-compatible APIs!β2,998Dec 11, 2025Updated 2 months ago
- Making Favicon.ico based Recon Great again !β1,261Aug 29, 2023Updated 2 years ago
- RMIScout uses wordlist and bruteforce strategies to enumerate Java RMI functions and exploit RMI parameter unmarshalling vulnerabilitiesβ445Sep 7, 2022Updated 3 years ago
- An implementation of infrastructure-as-code scanning using dynamic tooling.β56Jan 18, 2022Updated 4 years ago
- automated web assets enumeration & scanning [DEPRECATED]β288Mar 7, 2023Updated 2 years ago
- Takeover subdomains using AWS dangling elastic ips and have a working POC for Subdomain Takeover.β93Jul 9, 2025Updated 7 months ago
- Python utility to takeover domains vulnerable to AWS NS Takeoverβ86Feb 2, 2023Updated 3 years ago
- Automation Recon tool which works with Large & Medium scopes. It performs a lot of tasks and gets back all the results in separated filesβ¦β684Jul 15, 2024Updated last year
- Tool to search secrets in various filetypes.β1,030Apr 25, 2023Updated 2 years ago
- Petaq - Purple Team Command & Control Serverβ104Dec 8, 2022Updated 3 years ago
- IAMFinder enumerates and finds users and IAM roles in a target AWS account.β111Nov 19, 2020Updated 5 years ago
- take a list of resolved subdomains and output any corresponding CNAMES en masse.β18Jan 29, 2026Updated 2 weeks ago
- A bash script that automates the exfiltration of data over dns in case we have blind command execution on a server with egress filteringβ210Nov 29, 2020Updated 5 years ago
- β89Feb 11, 2022Updated 4 years ago
- The Swiss Army knife for automated Web Application Testingβ2,324May 8, 2024Updated last year
- Cloudlist is a tool for listing Assets from multiple Cloud Providers.β998Feb 10, 2026Updated last week
- Take a list of domains/subdomains and probe for working http/https server.β192Sep 8, 2020Updated 5 years ago
- CloudScraper: Tool to enumerate targets in search of cloud resources. S3 Buckets, Azure Blobs, Digital Ocean Storage Space.β534Mar 7, 2022Updated 3 years ago
- You can read the writeup on this script hereβ273Jul 12, 2020Updated 5 years ago
- WRecon, is a tool for the recognition of vulnerabilities and blackbox information for wordpress.β19Nov 30, 2022Updated 3 years ago
- Security Tool to Look For Interesting Files in S3 Bucketsβ1,456Apr 10, 2024Updated last year
- Finding potential software vulnerabilities from git commit messagesβ419Oct 7, 2023Updated 2 years ago
- Viewgen is a ViewState tool capable of generating both signed and encrypted payloads with leaked validation keysβ661Feb 1, 2025Updated last year
- A graph-based tool for visualizing effective access and resource relationships in AWS environments.β994Oct 4, 2022Updated 3 years ago
- β127Jun 19, 2020Updated 5 years ago