initstring / cloud_enum
Multi-cloud OSINT tool. Enumerate public resources in AWS, Azure, and Google Cloud.
☆1,769Updated 5 months ago
Alternatives and similar repositories for cloud_enum:
Users that are interested in cloud_enum are comparing it to the libraries listed below
- Awesome cloud enumerator☆982Updated 2 weeks ago
- This repository contains a collection of cheatsheets I have put together for tools related to pentesting organizations that leverage clou…☆2,660Updated 6 months ago
- TREVORspray is a modular password sprayer with threading, clever proxying, loot modules, and more!☆1,132Updated last week
- Easily turn single threaded command line applications into a fast, multi-threaded application with CIDR and glob support.☆1,237Updated 10 months ago
- Identify privilege escalation paths within and across different clouds☆682Updated 4 months ago
- PwnFox is a Firefox/Burp extension that provide usefull tools for your security audit.☆1,127Updated 7 months ago
- Making Favicon.ico based Recon Great again !☆1,161Updated last year
- Refactored & improved CredKing password spraying tool, uses FireProx APIs to rotate IP addresses, stay anonymous, and beat throttling☆1,051Updated this week
- A Bash script and Docker image for Bug Bounty reconnaissance. Intended for headless use.☆894Updated last year
- RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.☆1,766Updated 10 months ago
- Leverages publicly available datasets from Google BigQuery to generate content discovery and subdomain wordlists☆719Updated 2 years ago
- Subdomain takeover vulnerability checker☆1,158Updated 6 months ago
- Notes about attacking Jenkins servers☆2,036Updated 8 months ago
- An automated SSRF finder. Just give the domain name and your server and chill! ;) Also has options to find XSS and open redirects☆954Updated 3 years ago
- Username enumeration and password spraying tool aimed at Microsoft O365.☆824Updated 4 months ago
- Mining URLs from dark corners of Web Archives for bug hunting/fuzzing/further probing☆2,662Updated 8 months ago
- Convolutional neural network for analyzing pentest screenshots☆1,088Updated last year
- a tool for pentesters to help find delicious candy, by @l0ss and @Sh3r4 ( Twitter: @/mikeloss and @/sh3r4_hax )☆2,288Updated last month
- Subdomain Takeover tool written in Go☆1,952Updated last year
- A script to enumerate Google Storage buckets, determine what access you have to them, and determine if they can be privilege escalated.☆508Updated last year
- Enumerate the permissions associated with AWS credential set☆1,137Updated last year
- ☆1,662Updated this week
- Create a vulnerable active directory that's allowing you to test most of the active directory attacks in a local lab☆2,087Updated 11 months ago
- Tools & Interesting Things for RedTeam Ops☆2,172Updated 2 years ago
- A password spraying tool for Microsoft Online accounts (Azure/O365). The script logs if a user cred is valid, if MFA is enabled on the ac…☆958Updated last year
- OSINT tools and more but without API key☆1,310Updated 11 months ago
- A next generation version of enum4linux (a Windows/Samba enumeration tool) with additional features like JSON/YAML export. Aimed for secu…☆1,280Updated 8 months ago
- Subdomain and target enumeration tool built for offensive security testing☆858Updated 9 months ago
- Find domains and subdomains related to a given domain☆3,195Updated 9 months ago
- Take a list of domains and probe for working HTTP and HTTPS servers☆2,964Updated 9 months ago