doyensec/cloudsec-tidbits external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

doyensec/cloudsec-tidbits

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/doyensec/cloudsec-tidbits)

Close

doyensec / cloudsec-tidbitsView on GitHubMore

• External links
• Readme badge

Blogpost series showcasing interesting cloud - web app security bugs

☆48Jun 13, 2023Updated 2 years ago

Alternatives and similar repositories for cloudsec-tidbits

Users that are interested in cloudsec-tidbits are comparing it to the libraries listed below

• doyensec / CVE-2022-39299_PoC_Generator

  View on GitHub
  A Simple CVE-2022-39299 PoC exploit generator to bypass authentication in SAML SSO Integrations using vulnerable versions of passport-sam…
  ☆19Feb 8, 2023Updated 3 years ago
• BishopFox / awsservicemap

  View on GitHub
  Go module that returns supported regions for a service or supported services for a region
  ☆18Dec 12, 2025Updated 2 months ago
• 0xdevalias / gopherblazer

  View on GitHub
  PoC's and Slides from 'Gophers, whales and.. clouds? Oh my!' BSides Wellington presentation by Glenn 'devalias' Grant
  ☆17Mar 3, 2018Updated 7 years ago
• codewhitesec / apollon

  View on GitHub
  Proof-of-Concept to evade auditd by writing /proc/PID/mem
  ☆24Aug 21, 2023Updated 2 years ago
• doyensec / PESD-Exporter-Extension

  View on GitHub
  PESD (Proxy Enriched Sequence Diagrams) Exporter converts Burp Suite's proxy traffic into interactive diagrams
  ☆107Jan 30, 2025Updated last year
• doyensec / oidc-ssrf

  View on GitHub
  An Evil OIDC Server
  ☆53Oct 19, 2022Updated 3 years ago
• AbstractClass / CloudPrivs

  View on GitHub
  Determine privileges from cloud credentials via brute-force testing.
  ☆68Aug 22, 2024Updated last year
• Hacking-the-Cloud / htc-ctfs

  View on GitHub
  Holds the public Hacking the Cloud CTFs.
  ☆63Feb 28, 2024Updated 2 years ago
• pentagridsec / 5-AFL-suite-docker

  View on GitHub
  Dockerfile for AFL++ and helpful other tools
  ☆21May 5, 2020Updated 5 years ago
• tehryanx / sourcemapper

  View on GitHub
  Reconstruct javascript from a sourcemap in bash
  ☆38Nov 23, 2021Updated 4 years ago
• stephenbradshaw / aws_url_signer

  View on GitHub
  POC tool to create signed AWS API GET requests to bypass Guard Duty alerting of off-instance credential use via SSRF
  ☆59Sep 20, 2023Updated 2 years ago
• praetorian-inc / konstellation

  View on GitHub
  Konstellation is a configuration-driven CLI tool to enumerate cloud resources and store the data into Neo4j.
  ☆34Feb 15, 2026Updated 2 weeks ago
• devops-kung-fu / trustier

  View on GitHub
  Takes a software bill of materials and outputs provenance, and activity data from trustypkg.dev
  ☆10May 19, 2025Updated 9 months ago
• malcomvetter / DieHard

  View on GitHub
  PoC: process watcher patterns to make killing a process hard.
  ☆11Aug 1, 2018Updated 7 years ago
• singe / fast-permute

  View on GitHub
  A fast python tool for creating permutations of alphanumerics
  ☆11Mar 22, 2020Updated 5 years ago
• codyburkard / azol

  View on GitHub
  Azure Offensive Library
  ☆17Oct 18, 2025Updated 4 months ago
• a7t0fwa7 / windows-ps-callbacks-experiments

  View on GitHub
  Files for http://deniable.org/windows/windows-callbacks
  ☆26Jul 9, 2020Updated 5 years ago
• orangetw / JNDI-Injection-Bypass

  View on GitHub
  Some payloads of JNDI Injection in JDK 1.8.0_191+
  ☆10Mar 24, 2020Updated 5 years ago
• naman16 / AWS-Security-Guardrails-TF

  View on GitHub
  ☆31Oct 28, 2024Updated last year
• Frichetten / SneakyEndpoints

  View on GitHub
  Hide from the InstanceCredentialExfiltration GuardDuty finding by using VPC Endpoints
  ☆121Jul 13, 2025Updated 7 months ago
• intruder-io / rebind-server

  View on GitHub
  A web server designed to shut off on command to exploit DNS rebinding in Chromium-based browsers
  ☆18Jun 9, 2023Updated 2 years ago
• antitree / vault-backdoored

  View on GitHub
  A tool for secrets management, encryption as a service, and privileged access management
  ☆13Jul 17, 2025Updated 7 months ago
• MartinIngesen / MSOLSpray

  View on GitHub
  A Python implementation of dafthack's MSOLSpray. A password spraying tool for Microsoft Online accounts (Azure/O365). The script logs if …
  ☆95Jun 6, 2024Updated last year
• ch33kyf3ll0w / Invoke-InstallUtilNSExec.ps1

  View on GitHub
  Uses InstallUtil.exe to load a compatible executable from a network share.
  ☆12Mar 8, 2016Updated 9 years ago
• wiz-sec / open-cvdb

  View on GitHub
  An open project to list all publicly known cloud vulnerabilities and CSP security issues
  ☆374Sep 19, 2025Updated 5 months ago
• silentsignal / wpc

  View on GitHub
  Windows Privesc Check
  ☆20May 20, 2014Updated 11 years ago
• NocteDefensor / ludus_tailscale

  View on GitHub
  Ansible Role for Ludus to provision or remove a device to/from a Tailnet.
  ☆13Dec 5, 2025Updated 2 months ago
• decoder-it / lonelypotato

  View on GitHub
  Switch to JuicyPotato! https://github.com/decoder-it/juicy-potato
  ☆12Feb 8, 2020Updated 6 years ago
• hakaioffsec / gcp_enum

  View on GitHub
  A Python script to authenticate and test access to Google Cloud Platform (GCP) resources.
  ☆18Jan 31, 2024Updated 2 years ago
• righteousgambit / quiet-riot

  View on GitHub
  Unauthenticated enumeration of AWS, Azure, and GCP Principals
  ☆283Nov 27, 2025Updated 3 months ago
• cno-io / bh_aws

  View on GitHub
  Materials for AWS Training
  ☆15Jul 21, 2021Updated 4 years ago
• codewhitesec / daphne

  View on GitHub
  Proof-of-Concept to evade auditd by tampering via ptrace
  ☆19Aug 3, 2023Updated 2 years ago
• FalconForceTeam / reply-url-brute

  View on GitHub
  Tool to enumerate unregistered reply URLs for single and multitenant apps in Azure
  ☆15Jan 23, 2025Updated last year
• nccgroup / dapr

  View on GitHub
  Driver Attack Platform for Linux
  ☆18Mar 2, 2023Updated 3 years ago
• BishopFox / cloudfoxable

  View on GitHub
  Create your own vulnerable by design AWS penetration testing playground
  ☆437Feb 16, 2026Updated 2 weeks ago
• thesubtlety / go-decrypt-jenkins

  View on GitHub
  Simple tool to decrypt Jenkins encrypted strings
  ☆79Jun 27, 2023Updated 2 years ago
• appsecco / devsecops-using-cloudnative-workshop

  View on GitHub
  This repo contains workshop material delivered at #nullcon2020
  ☆16Mar 6, 2020Updated 5 years ago
• mogwailabs / jarjarbigs

  View on GitHub
  A python script to merge multiple jar files for easier debugging via JD-Eclipse
  ☆62Jan 13, 2023Updated 3 years ago
• ReversecLabs / IAMSpy

  View on GitHub
  ☆229Updated this week