hotnops/apeman

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/hotnops/apeman)

hotnops / apeman

AWS Attack Path Management Tool - Walking on the Moon

☆263

Alternatives and similar repositories for apeman

Users that are interested in apeman are comparing it to the libraries listed below

Sorting:

Fennerr / PMapper
View on GitHub
A tool for quickly evaluating IAM permissions in AWS.
☆76May 27, 2024Updated last year
cloud-copilot / iam-expand
View on GitHub
Expand IAM Actions with Wildcards
☆35Mar 14, 2026Updated last week
tenable / hidden-services-revealer
View on GitHub
☆40Aug 2, 2024Updated last year
ReversecLabs / IAMSpy
View on GitHub
☆229Mar 10, 2026Updated last week
adanalvarez / TrailDiscover
View on GitHub
An evolving repository of CloudTrail events with detailed descriptions, MITRE ATT&CK insights, real-world incidents, references and secur…
☆174Mar 11, 2026Updated last week
primeharbor / sensitive_iam_actions
View on GitHub
Crowdsourced list of sensitive IAM Actions
☆159Oct 29, 2024Updated last year
Mayyhem / Maestro
View on GitHub
Abusing Azure services over C2
☆367Jan 20, 2026Updated 2 months ago
ToweringDragoon / SACL_Scanner
View on GitHub
SACL Scanner is a tool designed to scan and analyze SACLs.
☆51Feb 13, 2025Updated last year
Mr-Un1k0d3r / MsGraphFunzy
View on GitHub
Scripts to interact with Microsoft Graph APIs
☆45Nov 7, 2024Updated last year
som3canadian / Mythic_NimSyscallPacker_Wrapper
View on GitHub
Mythic C2 wrapper for NimSyscallPacker
☆25Mar 12, 2025Updated last year
ReversecLabs / cloud-security-vm
View on GitHub
Ansible/Vagrant/Packer files to create a virtual machine with the tooling needed to perform cloud security assessments
☆142Jan 2, 2025Updated last year
MaLDAPtive / Invoke-Maldaptive
View on GitHub
MaLDAPtive is a framework for LDAP SearchFilter parsing, obfuscation, deobfuscation and detection.
☆337Aug 7, 2024Updated last year
RedSiege / SharpCollectionTemplate
View on GitHub
☆14Sep 26, 2023Updated 2 years ago
SecurityRunners / CloudCommotion
View on GitHub
Cloud Commotion intends to cause chaos to simulate security incidents
☆146Jun 18, 2024Updated last year
xforcered / ADOKit
View on GitHub
Azure DevOps Services Attack Toolkit
☆313Mar 15, 2025Updated last year
BishopFox / cloudfox
View on GitHub
Automating situational awareness for cloud penetration tests.
☆2,309Mar 10, 2026Updated last week
cado-security / cloudgrep
View on GitHub
cloudgrep is grep for cloud storage
☆326Mar 14, 2026Updated last week
Frichetten / aws-api-models
View on GitHub
A collection of documented and undocumented AWS API models
☆53Nov 21, 2025Updated 4 months ago
cloud-copilot / iam-convert
View on GitHub
Convert JSON IAM Policies to other formats
☆26Mar 14, 2026Updated last week
ReversecLabs / IAMGraph
View on GitHub
☆71Jan 8, 2025Updated last year
StevenSmiley / aws-mine
View on GitHub
AWS honey token manager
☆90Aug 1, 2024Updated last year
NetSPI / gcpwn
View on GitHub
Enumeration/exploit/analysis/download/etc pentesting framework for GCP; modeled like Pacu for AWS; a product of numerous hours via @Webbi…
☆289May 16, 2025Updated 10 months ago
saw-your-packet / CloudShovel
View on GitHub
A tool for scanning public or private AMIs for sensitive files and secrets. The tool follows the research made on AWS CloudQuarry where w…
☆113Nov 13, 2024Updated last year
vectra-ai-research / Halberd
View on GitHub
Halberd : Multi-Cloud Agentic Attack Tool
☆335Jan 12, 2026Updated 2 months ago
nccgroup / PMapper
View on GitHub
A tool for quickly evaluating IAM permissions in AWS.
☆1,544Aug 2, 2024Updated last year
mlcsec / SharpGraphView
View on GitHub
Microsoft Graph API post-exploitation toolkit
☆95Jul 13, 2024Updated last year
CCob / DRSAT
View on GitHub
Disconnected RSAT - A method of running Group Policy Manager, Certificate Authority and Certificate Templates MMC snap-ins from non-domai…
☆276Dec 27, 2024Updated last year
decoder-it / KrbRelay-SMBServer
View on GitHub
☆234Oct 8, 2024Updated last year
Permiso-io-tools / CloudConsoleCartographer
View on GitHub
Released at Black Hat Asia on April 18, 2024, Cloud Console Cartographer is a framework for condensing groupings of cloud events (e.g. Cl…
☆173May 16, 2024Updated last year
DataDog / grimoire
View on GitHub
Generate datasets of cloud audit logs for common attacks
☆235Mar 9, 2026Updated last week
badsectorlabs / sccm-http-looter
View on GitHub
Find interesting files stored on (System Center) Configuration Manager (SCCM/CM) shares via HTTP(s)
☆211Sep 30, 2024Updated last year
welldone-cloud / aws-lint-iam-policies
View on GitHub
Runs IAM policy linting and security checks against either a single AWS account or multiple member accounts of an AWS Organization.
☆152Dec 21, 2025Updated 3 months ago
subat0mik / Misconfiguration-Manager
View on GitHub
Misconfiguration Manager is a central knowledge base for all known Microsoft Configuration Manager tradecraft and associated defensive an…
☆1,108Updated this week
0xthirteen / Carseat
View on GitHub
Python implementation of GhostPack's Seatbelt situational awareness tool
☆271Nov 12, 2024Updated last year
RhinoSecurityLabs / IAMActionHunter
View on GitHub
An AWS IAM policy statement parser and query tool.
☆199Feb 10, 2026Updated last month
ReversecLabs / awspx
View on GitHub
A graph-based tool for visualizing effective access and resource relationships in AWS environments.
☆999Oct 4, 2022Updated 3 years ago
Frichetten / SneakyEndpoints
View on GitHub
Hide from the InstanceCredentialExfiltration GuardDuty finding by using VPC Endpoints
☆121Jul 13, 2025Updated 8 months ago
Malcrove / SeamlessPass
View on GitHub
A tool leveraging Kerberos tickets to get Microsoft 365 access tokens using Seamless SSO
☆238Aug 25, 2024Updated last year
DataDog / stratus-red-team
View on GitHub
Granular, Actionable Adversary Emulation for the Cloud
☆2,277Mar 12, 2026Updated last week