disruptops / cred_scanner
A simple file-based scanner to look for potential AWS access and secret keys in files
☆89Updated 8 months ago
Alternatives and similar repositories for cred_scanner:
Users that are interested in cred_scanner are comparing it to the libraries listed below
- Route53/CloudFront Vulnerability Assessment Utility☆84Updated last year
- A tool to enumerate S3 buckets manually or via certstream☆80Updated last year
- Whitebox evaluation of effective S3 object permissions, to identify publicly accessible files.☆75Updated 2 years ago
- The Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parameters☆61Updated last year
- Pivot into private VPC networks using a VPN connection☆41Updated 5 years ago
- AWS Extender CLI is a command-line script to test S3 buckets as well as Google Storage buckets and Azure Storage containers for common mi…☆81Updated 4 years ago
- 'Continuous' AWS perimeter monitoring: Periodically scan internet facing AWS resources to detect misconfigured services.☆62Updated 5 years ago
- Scripts and tools for AWS Pentest☆51Updated 4 years ago
- AWS S3 Sensitive Data Search☆35Updated 2 years ago
- Amazon bucket brute force tool☆95Updated 11 years ago
- A step-by-step walkthrough of CloudGoat 2.0 scenarios.☆133Updated 4 years ago
- A penetration testing tool to enumerate and analyse Amazon S3 Buckets owned by a domain.☆110Updated 5 years ago
- An AWS Lambda vulnerable application written in flask.☆48Updated 7 years ago
- A Burp plugin to export findings to DefectDojo☆30Updated last year
- A collection of slides, videos, and proof-of-concept scripts from various Rhino presentations.☆37Updated 6 years ago
- IAMFinder enumerates and finds users and IAM roles in a target AWS account.☆109Updated 4 years ago
- Tools for AWS forensics☆64Updated 8 years ago
- Scans a list of websites for Cloudfront or S3 Buckets☆104Updated 2 years ago
- Monitoring GitHub for sensitive data shared publicly☆66Updated 2 years ago
- All-in-one tool for managing vulnerability reports from AppSec pipelines☆105Updated last year
- 🏰 A Python script for AWS S3 bucket enumeration.☆53Updated 4 years ago
- Proof of Concept Zappa Based AWS Persistence and Attack Platform☆37Updated 4 years ago
- Ruby command-line interface to Burp Suite's REST API☆59Updated 4 years ago
- Scans Slack for API tokens, credentials, passwords, and more using YARA rules☆38Updated 3 years ago
- AWS S3 Bucket/Object Finder☆117Updated 3 years ago
- Scout - a Contactless Active Reconnaissance Tool☆51Updated 2 years ago
- Burp Extension for AWS Signing☆86Updated 2 months ago
- Research on the enumeration of IAM permissions without logging to CloudTrail☆60Updated 3 years ago
- Serverless Workshop☆16Updated 2 years ago
- This command line tool counts the number of resources in different categories across Amazon regions.☆56Updated 5 years ago