jordanpotti / AWSBucketDump

Related projects: ⓘ

• sa7mon / S3Scanner
  Scan for misconfigured S3 buckets across S3-compatible APIs!
  ☆2,507Updated this week
• RhinoSecurityLabs / Security-Research
  Exploits written by the Rhino Security Labs team
  ☆1,053Updated 3 years ago
• carnal0wnage / weirdAAL
  WeirdAAL (AWS Attack Library)
  ☆773Updated last year
• anshumanbh / git-all-secrets
  A tool to capture all the git secrets by leveraging multiple open source git searching tools
  ☆1,103Updated 5 years ago
• infosec-au / altdns
  Generates permutations, alterations and mutations of subdomains and then resolves them
  ☆2,299Updated 4 months ago
• dagrz / aws_pwn
  A collection of AWS penetration testing junk
  ☆1,162Updated last year
• ztgrace / changeme
  A default credential scanner.
  ☆1,429Updated 2 years ago
• jhaddix / domain
  Setup script for Regon-ng
  ☆915Updated 3 years ago
• haccer / subjack
  Subdomain Takeover tool written in Go
  ☆1,892Updated last year
• eth0izzle / bucket-stream
  Find interesting Amazon S3 Buckets by watching certificate transparency logs.
  ☆1,744Updated last year
• darkoperator / dnsrecon
  DNS Enumeration Script
  ☆2,592Updated this week
• codingo / Reconnoitre
  A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, al…
  ☆2,101Updated last year
• BishopFox / GitGot
  Semi-automated, feedback-driven tool to rapidly search through troves of public data on GitHub for sensitive secrets.
  ☆1,430Updated 6 months ago
• andresriancho / enumerate-iam
  Enumerate the permissions associated with AWS credential set
  ☆1,073Updated 7 months ago
• securing / DumpsterDiver
  Tool to search secrets in various filetypes.
  ☆974Updated last year
• intrigueio / intrigue-core
  Discover Your Attack Surface!
  ☆1,350Updated last year
• initstring / cloud_enum
  Multi-cloud OSINT tool. Enumerate public resources in AWS, Azure, and Google Cloud.
  ☆1,628Updated 2 months ago
• codingo / VHostScan
  A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, al…
  ☆1,188Updated 9 months ago
• gquere / pwn_jenkins
  Notes about attacking Jenkins servers
  ☆1,949Updated 2 months ago
• SerpicoProject / Serpico
  SimplE RePort wrIting and COllaboration tool
  ☆1,092Updated 4 years ago
• mandatoryprogrammer / xsshunter
  The XSS Hunter service - a portable version of XSSHunter.com
  ☆1,472Updated last year
• caffix / amass
  ☆1,759Updated this week
• vysecurity / DomLink
  A tool to link a domain with registered organisation names and emails, to other domains.
  ☆826Updated 4 months ago
• D35m0nd142 / LFISuite
  Totally Automatic LFI Exploiter (+ Reverse Shell) and Scanner
  ☆1,661Updated 2 years ago
• chris408 / ct-exposer
  An OSINT tool that discovers sub-domains by searching Certificate Transparency logs
  ☆465Updated 2 years ago
• Ice3man543 / SubOver
  A Powerful Subdomain Takeover Tool
  ☆919Updated 11 months ago
• Coalfire-Research / npk
  A mostly-serverless distributed hash cracking platform
  ☆792Updated 5 months ago
• RhinoSecurityLabs / AWS-IAM-Privilege-Escalation
  A centralized source of all AWS IAM privilege escalation methods released by Rhino Security Labs.
  ☆892Updated 5 years ago
• RedSiege / EyeWitness
  EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.
  ☆4,905Updated last month
• snoopysecurity / awesome-burp-extensions
  A curated list of amazingly awesome Burp Extensions
  ☆2,943Updated 2 months ago